Mixed content warning - Status Detail pages

ckiernan · Post by **ckiernan** » Tue Apr 05, 2016 9:01 am

I just found a new clue. The behavior is occurring for Administrators but not regular users. I narrowed it down to the "Can access advanced features" security setting.

rkennedy · Post by **rkennedy** » Tue Apr 05, 2016 4:14 pm

ckiernan wrote:I just found a new clue. The behavior is occurring for Administrators but not regular users. I narrowed it down to the "Can access advanced features" security setting.

Just to confirm, so that I can try to replicate this on my end - when a user is set as an administrator they'll have all privileges. Are you referring to a auth level set as 'user' having 'can access advanced features' being the trigger to this issue?

ssax · Post by **ssax** » Tue Apr 05, 2016 4:16 pm

Please PM me your /etc/httpd/conf.d directory AND your /etc/httpd/conf/httpd.conf file so that I can lab this up with your configs.

ckiernan · Post by **ckiernan** » Thu Apr 07, 2016 2:56 pm

rkennedy wrote:
ckiernan wrote:I just found a new clue. The behavior is occurring for Administrators but not regular users. I narrowed it down to the "Can access advanced features" security setting.
Just to confirm, so that I can try to replicate this on my end - when a user is set as an administrator they'll have all privileges. Are you referring to a auth level set as 'user' having 'can access advanced features' being the trigger to this issue?

Admin users and regular users with "Can access advanced features" experience the problem.

ckiernan · Post by **ckiernan** » Thu Apr 07, 2016 2:57 pm

ssax wrote:Please PM me your /etc/httpd/conf.d directory AND your /etc/httpd/conf/httpd.conf file so that I can lab this up with your configs.

Done.

Post by **Nagios Support** » Thu Apr 07, 2016 5:16 pm

ckiernan, we received the information you sent us. We will need to do some digging into it, and will get back to you with a possible solution tomorrow.

rkennedy · Post by **rkennedy** » Fri Apr 08, 2016 12:29 pm

Looking at your configuration, I noticed a few differences against my configuration -

In nagios.conf (comment out twice) -

Code: Select all

   Require all denied

In nagiosxi.conf (comment out once)-

Code: Select all

   Require all granted

I also noticed you're using a static domain vs a dynamic variable as our SSL guide suggests -

Code: Select all

RewriteRule (.*) https://nm.trumid.com%{REQUEST_URI}

where the SSL guide suggests -

Code: Select all

RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

ssl.conf -

Code: Select all

#   Semaphore:
#   Configure the path to the mutual exclusion semaphore the
#   SSL engine uses internally for inter-process synchronization.
SSLMutex default

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://nm.trumid.com%{REQUEST_URI}

I have only reviewed the mentioned files, so you may still have to make more changes as well, based on what changes have been made to your configurations.

All of these are possibilities to why it's not working. Can you please try commenting them out and changing as needed? I am not sure what the 'SSLMutex' part is, or why your ssl.conf contains an additional rewrite rule. XI will reference itself when sourcing some objects, which is why these rewrites can throw things off. The 'requires' can also lead to permission errors, which could be the reason for the issue you're seeing.

ckiernan · Post by **ckiernan** » Tue Jul 26, 2016 2:37 pm

Follow-up. Fixed. I had to put this issue on the back burner. Better late than never.

The mixed content warning was a red herring. After taking a fresh look I found the following errors in the Apache log

[Tue Jul 26 11:30:51.292504 2016] [:error] [pid 51676] [client 172.18.1.25:56892] PHP Notice: Trying to get property of non-object in /usr/local/nagiosxi/html/includes/components/xicore/status-object-detail.inc.php on line 2474, referer: https://xxxxx.com/nagiosxi/includes/com ... iceattr=10
[Tue Jul 26 11:30:51.292586 2016] [:error] [pid 51676] [client 172.18.1.25:56892] PHP Notice: Trying to get property of non-object in /usr/local/nagiosxi/html/includes/components/xicore/status-object-detail.inc.php on line 2474, referer: https://xxxxx.com/nagiosxi/includes/com ... iceattr=10

These errors led me to find the following post which references a problem due to a NATed IP address. I am using a NATed IP address

https://support.nagios.com/forum/viewto ... =16&t=2915

I added a hosts entry on my Nagios server to point my domain to the internal IP so internal calls will avoid the NATed IP. This fixed the problem.

What a joyous day. Thanks to all who spent time on this for me.

Chris

rkennedy · Post by **rkennedy** » Wed Jul 27, 2016 10:16 am

Glad you were able to get this resolved! Good ol' DNS.

Are we good to close this out?

ckiernan · Post by **ckiernan** » Wed Jul 27, 2016 11:59 am

Yes, please close.

Nagios Support Forum

Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages

Re: Mixed content warning - Status Detail pages