Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Failing to Apply Configuration changes

https://support.nagios.com/forum/viewtopic.php?t=39399

Page 1 of 2

Failing to Apply Configuration changes

Posted: Tue Jul 19, 2016 1:45 pm
by cmavunga
Good Afternoon guys.

I'm failing to apply configuration changes to my Nagios XI deployment ever since I installed enterprise specific https certs to my deployment.

the browser stays stuck on "waiting for configuration verification"

Thanks

____________________________________________________________________________________________________________________________________

OS : CentOS release 6.7 64 bit
Server Type: Vmware Image
Using SSL

Re: Failing to Apply Configuration changes

Posted: Tue Jul 19, 2016 1:52 pm
by bwallace
Start with editing /etc/php.ini and check the local dns settings as suggested in this kb doc:
https://support.nagios.com/kb/article.php?id=34

If that does not make a difference then please run the following command to begin capturing log output:

tail -f /usr/local/nagiosxi/var/cmdsubsys.log &> /tmp/cmd.txt

Then attempt to Apply Configuration again. After the browser has returned some output to the screen, press Ctrl+c to stop the log tail, and post the cmd.txt file that was generated in the "/tmp" directory by the above instructions.

Re: Failing to Apply Configuration changes

Posted: Tue Jul 19, 2016 2:38 pm
by cmavunga
Changed the metrics as outlined in KB, still no luck, I did notice the following in the log though.

WARNING: certificate common name “XXXXX.XXXXXXX.ca” doesn't match requested host name “localhost”.

The fqdn is entered correctly in /etc/hosts as far as I can tell and everything else works correctly.

I've attached the log dump as requested.

Re: Failing to Apply Configuration changes

Posted: Tue Jul 19, 2016 3:07 pm
by lmiltchev
Run the following commands, and show the output:

Code: Select all

ip addr
hostname -f
cat /etc/hosts
The cmd.txt file doesn't contain any useful info, so let's try this again.

1. Start running tail on the cmdsubsys.log:

Code: Select all

tail -f /usr/local/nagiosxi/var/cmdsubsys.log
2. Attempt to apply configuration from the web UI.

3. Wait for a while, then go back to the terminal (putty) window, stop the tail (ctrl+c), and copy and paste the output.

Re: Failing to Apply Configuration changes

Posted: Tue Jul 19, 2016 3:11 pm
by ssax
Please validate that you did all steps on page 3 here:

Code: Select all

https://assets.nagios.com/downloads/nagiosxi/docs/Configuring-SSL-with-Nagios%20XI.pdf
What is the output of this command:

Code: Select all

chage -l nagios
Also, did you modify any apache SSL allowed ciphers / protocols? Please attach your /etc/httpd/conf.d/ssl.conf.

Thank you

Re: Failing to Apply Configuration changes

Posted: Wed Jul 20, 2016 8:24 am
by cmavunga
Command output :

Code: Select all

[root@wpgnagiosxi ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:50:56:8a:2b:42 brd ff:ff:ff:ff:ff:ff
    inet 172.16.64.231/24 brd 172.16.64.255 scope global eth0
    inet6 fe80::250:56ff:fe8a:2b42/64 scope link
       valid_lft forever preferred_lft forever
[root@wpgnagiosxi ~]# hostname -f
wpgnagiosxi
[root@wpgnagiosxi ~]# cat /etc/hosts
127.0.0.1       localhost.localdomain localhost4        localhost4.localdomain4 localhost
172.16.64.231   wpgnagiosxi     wpgnagiosxi.foo.ca
::1     localhost.localdomain   localhost.localdomain   localhost6      localhost6.localdomain6 localhost
[root@wpgnagiosxi ~]#
cmdsubsys output:

Code: Select all

login as: root
root@wpgnagiosxi's password:
Last login: Wed Jul 20 08:04:17 2016 from 172.16.99.183
[root@wpgnagiosxi ~]# tail -f /usr/local/nagiosxi/var/cmdsubsys.log
........................................PROCESSING COMMAND ID 686...
PROCESS COMMAND: CMD=17, DATA=
APPLYING NAGIOSCORE CONFIG...
CMDLINE=cd /usr/local/nagiosxi/scripts && ./reconfigure_nagios.sh
URL: http://localhost/nagiosxi/includes/components/ccm/
CMDLINE
--2016-07-20 08:13:42--  http://localhost/nagiosxi/includes/components/ccm/
Resolving localhost... ::1, 127.0.0.1
Connecting to localhost|::1|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://localhost/nagiosxi/includes/components/ccm/ [following]
--2016-07-20 08:13:42--  https://localhost/nagiosxi/includes/components/ccm/
Connecting to localhost|::1|:443... connected.
WARNING: cannot verify localhost’s certificate, issued by “/C=CA/ST=Manitoba/O=Foo /OU=MIS/CN=Foo Intermediate CA”:
  Unable to locally verify the issuer’s authority.
    WARNING: certificate common name “wpgnagiosxi.foo.ca” doesn't match requested host name “localhost”.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: “nagiosql.login”

     0K ..........                                              468K=0.02s

2016-07-20 08:13:42 (468 KB/s) - “nagiosql.login” saved [10539]

/usr/bin/wget --save-cookies nagiosql.cookies --keep-session-cookies http://localhost/nagiosxi/includes/components/ccm/ --no-check-certificate --post-data 'submit=Login&hidelog=true&loginSubmitted=true&username=nagiosxi&password=groHesGa' -O nagiosql.loginNAGIOSQL LOGIN FAILED!
OUTPUT=/usr/bin/wget --save-cookies nagiosql.cookies --keep-session-cookies http://localhost/nagiosxi/includes/components/ccm/ --no-check-certificate --post-data 'submit=Login&hidelog=true&loginSubmitted=true&username=nagiosxi&password=groHesGa' -O nagiosql.loginNAGIOSQL LOGIN FAILED!
RETURNCODE=2
...................tail: /usr/local/nagiosxi/var/cmdsubsys.log: file truncated
.
PROCESSED 1 COMMANDS
it seems to me the use of localhost as opposed to wpgnagiosxi.foo.ca is causing the issues, I'm just not sure how or where to fix this.

Thanks for all the assistants so far.

Re: Failing to Apply Configuration changes

Posted: Wed Jul 20, 2016 11:19 am
by rkennedy
Take a look at your Admin -> System Settings page, if these links are using either wpgnagiosxi or wpgnagiosxi.foo.ca you'll need to adjust your /etc/hosts file to be like this -

Code: Select all

127.0.0.1       localhost.localdomain localhost4        localhost4.localdomain4 localhost wpgnagiosxi wpgnagiosxi.foo.ca
::1     localhost.localdomain   localhost.localdomain   localhost6      localhost6.localdomain6 localhost
This way, the calls to itself will resolve to 127.0.0.1 and not the external IP.

Re: Failing to Apply Configuration changes

Posted: Wed Jul 20, 2016 2:20 pm
by cmavunga
same error after making suggested changes to /etc/hosts

Re: Failing to Apply Configuration changes

Posted: Wed Jul 20, 2016 2:43 pm
by cmavunga
Issue is fixed, I forgot to change the protocol settings in Global CCM as outlined towards the end of page 3 of this doc https://assets.nagios.com/downloads/nag ... s%20XI.pdf

Thanks for all the help guys, sorry I wasted your time on my silly mistake.

Collen

Re: Failing to Apply Configuration changes

Posted: Wed Jul 20, 2016 3:04 pm
by mcapra
No time wasted if a solution was achieved :)

Is it alright if we lock this thread and mark the issue as resolved?
All times are UTC-05:00
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited