Apache configuration
Posted: Tue Jul 25, 2017 8:51 am
This is not strictly a Nagios question, but as it concerns the Apache-server on which Nagios runs I will try here anyway.
We have Nagios setup and everything works fine expect redirection to https in combination with "Host-Alias" in Apache.
Let me explain a little more in detail:
The host running Nagios is called nagiosmaster.domain.com. We also have two CNAMEs pointing to this host, nagios.domain.com and monitoring.domain.com.
All access to the GUI is done over https, we have a rewrite-rule in place that redirects requests from http:\\ to https:\\.
We are using Apache's "Basic Authentication" for authentication.
The problem that I am seeing is, if we access the GUI using one of the "alternate" names (CNAMEs) then Apache asks for User/Password twice. If I access the GUI using the "main" name then we are only asked once (as it should).
Any suggestions where I have misconfigured Apache?
Here is some excerpts from the Apache configuration files:
/etc/httpd/conf.d/nagios.conf
/etc/httpd/conf.d/ssl.conf:
And yes, the certificate contains all three names.
We are running Nagios 4.2.4 (I know that 4.3.2 is available, but that version has introduced some changes making our Nagios environment crash) and Apache version 2.4.6.
We have Nagios setup and everything works fine expect redirection to https in combination with "Host-Alias" in Apache.
Let me explain a little more in detail:
The host running Nagios is called nagiosmaster.domain.com. We also have two CNAMEs pointing to this host, nagios.domain.com and monitoring.domain.com.
All access to the GUI is done over https, we have a rewrite-rule in place that redirects requests from http:\\ to https:\\.
We are using Apache's "Basic Authentication" for authentication.
The problem that I am seeing is, if we access the GUI using one of the "alternate" names (CNAMEs) then Apache asks for User/Password twice. If I access the GUI using the "main" name then we are only asked once (as it should).
Any suggestions where I have misconfigured Apache?
Here is some excerpts from the Apache configuration files:
/etc/httpd/conf.d/nagios.conf
Code: Select all
<VirtualHost *:80>
ServerName nagiosmaster.domain.com
ServerAlias nagios.domain.com
ServerAlias monitoring.domain.com
Redirect permanent / https://nagiosmaster.domain.com/
</VirtualHost>
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/"
<Directory "/usr/lib64/nagios/cgi-bin/">
SSLRequireSSL
DirectoryIndex index.php
Options ExecCGI
AllowOverride None
AuthName "Nagios Access"
AuthType Basic
AuthBasicProvider file
AuthUserFile /etc/nagios/passwd
Require valid-user
</Directory>
Alias /nagios "/usr/share/nagios/html"
<Directory "/usr/share/nagios/html">
SSLRequireSSL
DirectoryIndex index.php
Options None
AllowOverride None
AuthName "Nagios Access"
AuthType Basic
AuthBasicProvider file
AuthUserFile /etc/nagios/passwd
Require valid-user
</Directory>
Code: Select all
Listen 443 https
<VirtualHost _default_:443>
RedirectMatch permanent ^/$ /nagios/index.php
ServerName nagiosmaster.domain.com:443
ServerAlias nagios.domain.com:443
ServerAlias monitoring.domain.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
---->8------
Some SSL-options (protocol, cert, ...)
---->8------
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</VirtualHost
We are running Nagios 4.2.4 (I know that 4.3.2 is available, but that version has introduced some changes making our Nagios environment crash) and Apache version 2.4.6.
