CloudBolt (CMP) IP/FQDN is not reachable via browser

Problem: I can not browse my CloudBolt IP/FQDN even though the server is pingable by IP and FQDN. The firewall and SELinux are disabled on the server.

Cause: While there could be other reasons for this problem, one reason is that the generated certificate for the CMP server is not valid.

Useful log: ssl_erorr_log at /var/log/httpd/

Troubleshoot Steps:

To troubleshoot this problem follow these steps:

  1. ssh to the server as a root user

  2. Restart apache by running:

    1. systemctl restart httpd

    2. Notice apache is not restarting

  3. Go to /var/log/httpd/

  4. tail ssl_error_log

  5. Notice the last few lines of the log would show error as:

[Fri May 07 14:38:29.460719 2021] [ssl:emerg] [pid 5413] AH02241: Init: Unable to read server certificate from file /etc/pki/tls/certs/localhost.crt

[Fri May 07 14:38:29.460740 2021] [ssl:emerg] [pid 5413] SSL Library Error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long

[Fri May 07 14:38:29.460743 2021] [ssl:emerg] [pid 5413] AH02312: Fatal error initialising mod_ssl, exiting

Solution: Regenerate your SSL log and upload it to CMP server. More at https://docs.cloudbolt.io/articles/#!cloudbolt-latest-docs/ssl-certificates/q/ssl/qid/9529/qp/1

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.