Mixed content warning - Status Detail pages

[ckiernan]

Nagios XI 5.25

Initially I was accessing GUI by IP address; then I add a domain name and SSL. Since then I notice Host Status Detail and Service Status Detail pages are hanging trying to load unsecured content.

I've reviewed the documentation and everything is in place. https://assets.nagios.com/downloads/nag ... s%20XI.pdf

URL:
https://<hostname>/nagiosxi/?&xiwindow=https%3A%2F%2F<hostname>%2Fnagiosxi%2Fincludes%2Fcomponents%2Fxicore%2Fstatus.php%3Fshow%3Dhostdetail%26host%3D10.22.16.102

access_log:
[31/Mar/2016:16:42:34 -0400] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_detailed_info_html%22%2C%22args%22%3A%7B%22hostname%22%3A%2210.22.16.102%22%2C%22host_id%22%3A%221322%22%2C%22display%22%3A%22simple%22%7D%7D&nsp=5bc567aefb8cd6884fe784df425de34a HTTP/1.1" 302 534 "http://<ipaddress>/nagiosxi/includes/components/xicore/status.php?show=hostdetail&host=10.22.16.102" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36"

If I request http://<ipaddress>/nagiosxi/includes/components/xicore/status.php?show=hostdetail&host=10.22.16.102 in a browser the https rewrite rule kicks in and sends me to https://<domain>

Either I missed something or http://<ipaddress> is cached somewhere. I restarted everything and cleared my browser cache.

[hsmith]

Can you show us your /etc/httpd/conf.d/nagiosxi file?

[ckiernan]

I added HTTPS Rewrite here in addition to httpd.conf during my troubleshooting.

<Directory "/usr/local/nagiosxi/html">
SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
# AuthName "Nagios XI"
# AuthType Basic
# AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users
# Require valid-user
Require all granted

</Directory>

Alias /nagiosxi "/usr/local/nagiosxi/html"

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule nagiosxi/api/v1/(.*)$ /usr/local/nagiosxi/html/api/v1/index.php?request=$1 [QSA,NC,L]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://<mydomain>%{REQUEST_URI}
</IfModule>

[rkennedy]

I tried to replicate this running a tail -f against my access_log while browsing around different pages in XI, but wasn't able to. What OS are you running, and what version of apache (apachectl -v)?

For the record, all I'm seeing is -

Code: Select all

::1 - - [31/Mar/2016:17:40:52 -0400] "POST /nagiosxi/backend/ HTTP/1.1" 200 1590 "-" "BinGet/1.00.A (http://www.bin-co.com/php/scripts/load/)"
::1 - - [31/Mar/2016:17:40:52 -0400] "POST /nagiosxi/backend/ HTTP/1.1" 200 1590 "-" "BinGet/1.00.A (http://www.bin-co.com/php/scripts/load/)"

What is the result if you use https://<ipaddress>/nagiosxi/?&xiwindow=https%3A%2F%2F<hostname>%2Fnagiosxi%2Fincludes%2Fcomponents%2Fxicore%2Fstatus.php%3Fshow%3Dhostdetail%26host%3D10.22.16.102

[ckiernan]

CentOS Linux release 7.2.1511 (Core)

Server version: Apache/2.4.6 (CentOS)
Server built: Nov 19 2015 21:43:13

When I go to that URL (once i accept the security warning) it takes me to the Host Status Detail page and exhibits the same behavior. Content of page hangs waiting for unsecured content to load.

[hsmith]

What's in your /etc/hosts file?

[ckiernan]

Ah - good question. I did read somewhere of a user with a similar problem caused by Apache not being able to resolve the local hostname. I had that Apache warning but chose to ignore it until the problem came up. Today I update my hosts file

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
<mypublicipaddress> <mypublicdomainname>

[rkennedy]

Code: Select all

When I go to that URL (once i accept the security warning) it takes me to the Host Status Detail page and exhibits the same behavior. Content of page hangs waiting for unsecured content to load.

This is good, we now know it's not a DNS issue. Can you please run a tail -f against your access_log and ssl_access_log at the same time when accessing this page once again? Then post that output back here. As I'm unable to replicate it on my end, the more information the better. I'm wondering where it all lines up on the timestamps.

Also, what is the output of -

Code: Select all

cat /usr/local/nagiosxi/html/config.inc.php | grep https

[ckiernan]

I'm working on the logs. Due to one of my changes, access logs became less helpful. It's all "internal dummy connection"

[root@nm tmp]# cat /usr/local/nagiosxi/html/config.inc.php | grep https
// force http/https
$cfg['use_https'] = true; // determines whether cron jobs and other scripts will force the use of HTTPS instead of HTTP
$cfg['online_help_url'] = "https://support.nagios.com/"; // comment this out to disable online help links
$cfg['feedback_url'] = "https://api.nagios.com/feedback/";
$cfg['privacy_policy_url'] = "https://www.nagios.com/legal/privacypolicy/";
You have new mail in /var/spool/mail/root

Thanks

[rkennedy]

The grep looks fine. What other changes have you made? These can affect how XI operates as a whole..

Let me know when you're able to get the requested access_log and ssl_access_log and we'll continue to look into this.