Nagios Support Forum

Dear colleagues ,

i need your help asap.

I got a problem after i´ve tried to activate LDAPS.

I´ve restarted the Server and wasn´t able to reach the Web Interface anymore.

The server comes up , apache and nagios services are running fine ,
but i cannot open the web interface.

I´m not that familiar with nagios so it would be very nice if someone knows , what really happens.

Here is the log entry :

[Thu Nov 21 00:00:02.462333 2024] [ssl:warn] [pid 1379] AH01909: 127.0.1.1:443:0 server certificate does NOT include an ID which matches the server name
[Thu Nov 21 00:00:02.462593 2024] [mpm_prefork:notice] [pid 1379] AH00163: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f configured -- resuming normal operations
[Thu Nov 21 00:00:02.462598 2024] [core:notice] [pid 1379] AH00094: Command line: '/usr/sbin/apache2'
[Thu Nov 21 09:31:15.255224 2024] [php7:warn] [pid 3666035] [client 10.100.16.185:54429] PHP Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/adLDAP.php on line 714, referer: https://lx-nagios-xi-01.ABCDEF.local/nagiosxi/login.php
[Thu Nov 21 11:11:55.789070 2024] [ssl:warn] [pid 1544] AH01909: 127.0.1.1:443:0 server certificate does NOT include an ID which matches the server name
[Thu Nov 21 11:11:55.789505 2024] [:notice] [pid 1544] ModSecurity for Apache/2.9.3 (http://www.modsecurity.org/) configured.
[Thu Nov 21 11:11:55.789510 2024] [:notice] [pid 1544] ModSecurity: APR compiled version="1.6.5"; loaded version="1.6.5"
[Thu Nov 21 11:11:55.789512 2024] [:notice] [pid 1544] ModSecurity: PCRE compiled version="8.39 "; loaded version="8.39 2016-06-14"
[Thu Nov 21 11:11:55.789514 2024] [:notice] [pid 1544] ModSecurity: LUA compiled version="Lua 5.1"
[Thu Nov 21 11:11:55.789516 2024] [:notice] [pid 1544] ModSecurity: YAJL compiled version="2.1.0"
[Thu Nov 21 11:11:55.789518 2024] [:notice] [pid 1544] ModSecurity: LIBXML compiled version="2.9.10"
[Thu Nov 21 11:11:55.789519 2024] [:notice] [pid 1544] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Thu Nov 21 11:11:56.008421 2024] [ssl:warn] [pid 1648] AH01909: 127.0.1.1:443:0 server certificate does NOT include an ID which matches the server name
[Thu Nov 21 11:11:56.014133 2024] [mpm_prefork:notice] [pid 1648] AH00163: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f configured -- resuming normal operations
[Thu Nov 21 11:11:56.014153 2024] [core:notice] [pid 1648] AH00094: Command line: '/usr/sbin/apache2'
[Thu Nov 21 11:18:40.778660 2024] [mpm_prefork:notice] [pid 1648] AH00169: caught SIGTERM, shutting down
[Thu Nov 21 11:18:40.987071 2024] [:notice] [pid 447883] ModSecurity for Apache/2.9.3 (http://www.modsecurity.org/) configured.
[Thu Nov 21 11:18:40.987097 2024] [:notice] [pid 447883] ModSecurity: APR compiled version="1.6.5"; loaded version="1.6.5"
[Thu Nov 21 11:18:40.987102 2024] [:notice] [pid 447883] ModSecurity: PCRE compiled version="8.39 "; loaded version="8.39 2016-06-14"
[Thu Nov 21 11:18:40.987104 2024] [:notice] [pid 447883] ModSecurity: LUA compiled version="Lua 5.1"
[Thu Nov 21 11:18:40.987106 2024] [:notice] [pid 447883] ModSecurity: YAJL compiled version="2.1.0"
[Thu Nov 21 11:18:40.987108 2024] [:notice] [pid 447883] ModSecurity: LIBXML compiled version="2.9.10"
[Thu Nov 21 11:18:40.987110 2024] [:notice] [pid 447883] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Thu Nov 21 11:18:41.194191 2024] [mpm_prefork:notice] [pid 447994] AH00163: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1f configured -- resuming normal operations
[Thu Nov 21 11:18:41.194220 2024] [core:notice] [pid 447994] AH00094: Command line: '/usr/sbin/apache2'




NOTE :
I´ve changed at 09:31 am

Or in other words :
How can I disable LDAPS through CLI ?

Hi @regionalverbandruhr,

Thanks for reaching out. What theme are you using? I will have to do some research on disabling LDAP from the CLI.

In the meantime, the following is from another post on the forum, with similar errors. You could try verifying the questions asked, to see if you can get the problems resolved.

Can the XI server ping the new AD server? Is the AD server listed by name or IP under Admin > users > LDAP/AD Integration? If by name can the name be resolved to the correct IP from the XI command line? Is there an entry for the AD server in /etc/hosts? If the IP address changed there could be new routes or firewalls that may be preventing the traffic from XI to AD.

Try:

Code: Select all

ping ad_hostname
ping ad_ip_addr

telnet ad_ip_addr 389 (or 636 depending on AD settings)

traceroute ad_ip_addr

If you need faster or more in-depth support than this forum can provide, please consider going to our Customer Support Portal via the support.nagios.com web site, where you can register for access and login to create a case.

regionalverbandruhr wrote: ↑Thu Nov 21, 2024 8:39 am Or in other words :
How can I disable LDAPS through CLI ?
drift boss

Have you fixed it yet?

Hi @Musiyda,

Are you also experiencing this issue?

This is an interesting one because as far as we can tell, no amount of LDAP breakage/dysfunction should cause this behavior for the interface. I have to wonder if something else happened at the same time as some LDAP configuration. Yes the logs posted say that XI can't reach the LDAP server but that doesn't break the interface.

I also see ModSecurity in the logs, which is something we definitely know has the potential to break parts of the interface, but not the whole interface/login page. ModSecurity basically protects form inputs, and while there are "forms" on the login page, for one we've tested ModSecurity on the login page and haven't had problems, and for two it only does its work after you've put input into forms, so it wouldn't prevent the interface entirely.

Interestingly the ModSecurity setting can be changed from the command line, but there isn't a way to change the LDAP setting from the command line.

In any case, we are awaiting more info from the original poster. A lot of times when we don't get info back it is because the original poster solved the issue either with our help or on their own, and then abandon the post (or go on vacation, or whatever).

Aaron

Hey guys ,
i´m neither dead nor in vacation

I was working on other projects.

I´ve tried the pings, telnet and have observed the route , everything is working fine and I still can´t reach the website.

I´ve also restarted the server several times , have checked the enabled sites and so on.

Everything looks good.

Actually i´ve also contacted the nagios support but they seem helpless too.

Paralelly i´m waiting for reply from a colleague who is familiar with apache systems on linux systems.

I will definetely inform you if we found the problem.

If you got new ideas , i´m waiting for your responses too.

Thank you all

Disable ldap til you figure out why the ID is wrong?

https://lx-nagios-xi-01.ABCDEF.local/nagiosxi/login.php
[Thu Nov 21 11:11:55.789070 2024] [ssl:warn] [pid 1544] AH01909: 127.0.1.1:443:0 server certificate does NOT include an ID which matches the server name

Not LDAP , but LDAPS , yes.

It was the only thing i´ve changed on the WEB GUI before this problem began.

Before i´ve activated LDAPS , i´ve uploaded our wild card certificate and have filled the required entries ( Dc-Name etc. ).

The nagios support is also speechless and cannot help me actually.

I will keep you up to date , if i get more infos.

Make sure the firewall is still allowing port 80 and 443 through the firewall.

Here is an example on enabling both http and https services:
Restart firewalld to ensure the changes are loaded.

If that does not work, see if you can access the XI server using the IP address.

Thank You.

THAT WAS A GAME CHANGER !

I´ve made a lot of pings from each directions , but i´ve forgotten that ping is running through ICMP and is using a different port.

After doing your workaround , i can reach the Web GUI again.

THANK YOU VERY MUCH !

Now I will work on our LDAPS connection in a new thread.