Load Balanced NLS broken since 1.4.2 upgrade

[roddergreg]

We are using a VIP address to load balance the NLS instances. This was working previously before upgrade to 1.4.2

We are using rewrite condition to redirect http to https in the ssl.conf file /etc/httpd/conf.d/ssl.conf

Code: Select all

RewriteEngine on
RewriteCond $1 !^(index\.php|scripts|media|app|js|css|img|font|vendor|config.js)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule nagioslogserver/(.*)$ /var/www/html/nagioslogserver/www/index.php/$1 [L,QSA]
</VirtualHost>

Did something change due to the upgrade?

[hsmith]

We're going to need some information about what's broken in order to proceed. Most of the known issues at the moment can be resolved by clearing your browser cache.

[roddergreg]

Clearing browser cache doesn't help i'ved tried firefox, chrom and IE.

I have a VIP address called prhsyslog. It round robins the http traffic between 3 servers. apache then redirects to https. Once I login i click one of the menus its asks me to login again. every time i try accessing a different link in web interface.

[hsmith]

Are these the same instructions you followed to configure SSL on this system? https://assets.nagios.com/downloads/nag ... Server.pdf

[roddergreg]

I followed the instructions just as the document states. The only difference is we are using our own certificate that worked perfectly before upgrading to NLS 1.4.2. Instead of a self signed cert as the document states.

[rkennedy]

I have a VIP address called prhsyslog.

Could you please explain this? Usually, the setup we see on our end is people put a load balancer in front of their cluster.

Also, please post your /var/log/httpd/error_log and /var/log/httpd/ssl_error_log files for us to look at.

[roddergreg]

I've enabled persistency on our load balancer by source address. Which pins a users web interface to specific instance of the nagioslogserver. This fixes the issue.

Did something change from NLS 1.4.1 to NLS 1.4.2? to make this change necessary.

[rkennedy]

We had a few security vulnerabilities that were fixed in 1.4.2, and one of them was related to sessions. This was fixed, and probably why you experienced the issue that forced you to enable persistence.

[roddergreg]

Thanks for the information. You can close this issue now if you like.

Greg

[mcapra]

Closing this up