Page 1 of 1
Nagiosxi - https access
Posted: Fri May 10, 2013 11:44 am
by paul.jobb
Hi;
I have implemented https per the instructions posted on the site and that is working fine, I tried adding the following to rewrite the url to https in the /etc/httpd/conf.d/nagiosxi.conf
<VirtualHost *:80> # Add this line
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<Directory "/usr/local/nagiosxi/html">
that works with the exception of causing apply configuration to fail. Would you be able to suggest how I might implement a url rewrite? since I am using active directory for login I am primarily just concerned about securing the login page. Presently we are on the Nagios XI 2012R1.6 release.
Thanks,
Paul
Re: Nagiosxi - https access
Posted: Fri May 10, 2013 12:53 pm
by abrist
Double check to make sure you set the "server protocol" dropdown on the "configure nagiosql settings" page to "https" per the final page of the following document:
http://assets.nagios.com/downloads/nagi ... ios_XI.pdf
Re: Nagiosxi - https access
Posted: Fri May 10, 2013 2:18 pm
by paul.jobb
yes that is set. If I don't have the rewrite options in the nagiosxi.conf file and am using https the apply works fine, once those are there the apply appears to fail.
Re: Nagiosxi - https access
Posted: Fri May 10, 2013 3:02 pm
by sreinhardt
I can't say I've seen it applied in the nagios.conf file. Have you tried moving this to a separate file so that it is globally applied to apache? I can verify that this is working on my end, all config modifications seem to be fine.
Re: Nagiosxi - https access
Posted: Fri May 10, 2013 3:21 pm
by paul.jobb
I seem to have gotten it to work so that I can redirect http to https and the apply config still runs
I Modified the /etc/httpd/conf.d/nagiosxi.conf file to as follows, commented out the Options None and changed AllowOverride to All
#NameVirtualHost *:443
<VirtualHost *:80>
<Directory "/usr/local/nagiosxi/html">
## SSLRequireSSL
# Options None
#AllowOverride None
AllowOverride All
Order allow,deny
Allow from all
## Order deny,allow
## Deny from all
## Allow from 127.0.0.1
## AuthName "Nagios XI"
## AuthType Basic
## AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users
## Require valid-user
</Directory>
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/ca.cer
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
<Directory "/usr/local/nagiosxi/html">
AllowOverride All
</Directory>
</VirtualHost>
Alias /nagiosxi "/usr/local/nagiosxi/html"
then I created an .htaccess file in /usr/local/nagiosxi/html and added the following lines to it
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Re: Nagiosxi - https access
Posted: Fri May 10, 2013 3:25 pm
by sreinhardt
Interesting, thanks for letting us know!