Internal error in login process
Closed this issue · 2 comments
claudiu-edi commented
Hello! I've followed the instructions using a VMWare CentOS 7 machine, but every time I press the Web Console button I get a page like the one below which says: Internal error in login process
I've tailed the /var/log/production.log and this is what I get:
2019-09-10T20:06:12 [I|app|945fb1b2] Started GET "/cockpit/redirect?redirect_uri=https%3A%2F%2Fforeman.local%2Fwebcon%2F%3Dforeman.local" for 192.168.146.1 at 2019-09-10 20:06:12 +0300
2019-09-10T20:06:12 [I|app|945fb1b2] Processing by CockpitController#redirect as HTML
2019-09-10T20:06:12 [I|app|945fb1b2] Parameters: {"redirect_uri"=>"https://foreman.local/webcon/=foreman.local"}
2019-09-10T20:06:12 [I|app|945fb1b2] Current user set to admin (admin)
2019-09-10T20:06:12 [I|app|945fb1b2] Redirected to https://foreman.local/webcon/=foreman.local?access_token=34637242727da0d717c640f544c528e1
2019-09-10T20:06:12 [I|app|945fb1b2] Completed 302 Found in 14ms (ActiveRecord: 3.0ms)
From the /var/log/messages I get:
Sep 10 20:06:12 foreman cockpit-ws: INFO: Running foreman-cockpit-session with settings from /etc/foreman-cockpit/settings.yml:
Sep 10 20:06:12 foreman cockpit-ws: {:foreman_url=>"https://foreman.local", :ssl_ca_file=>"/etc/puppetlabs/puppet/ssl/certs/ca.pem", :ssl_certificate=>"/etc/puppetlabs/puppet/ssl/certs/foreman.local.pem", :ssl_private_key=>"/etc/puppetlabs/puppet/ssl/private_keys/foreman.local.pem"}
Sep 10 20:06:12 foreman cockpit-ws: /usr/share/ruby/net/http.rb:921:in `connect': SSL_connect returned=1 errno=0 state=error: certificate verify failed (OpenSSL::SSL::SSLError)
Sep 10 20:06:13 foreman cockpit-ws: from /usr/share/ruby/net/http.rb:921:in `block in connect'
Sep 10 20:06:13 foreman cockpit-ws: from /usr/share/ruby/timeout.rb:52:in `timeout'
Sep 10 20:06:13 foreman cockpit-ws: from /usr/share/ruby/net/http.rb:921:in `connect'
Sep 10 20:06:13 foreman cockpit-ws: from /usr/share/ruby/net/http.rb:862:in `do_start'
Sep 10 20:06:13 foreman cockpit-ws: from /usr/share/ruby/net/http.rb:851:in `start'
Sep 10 20:06:13 foreman cockpit-ws: from /usr/share/ruby/net/http.rb:1373:in `request'
Sep 10 20:06:13 foreman cockpit-ws: from /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.8.2/extra/cockpit/foreman-cockpit-session:106:in `foreman_call'
Sep 10 20:06:13 foreman cockpit-ws: from /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.8.2/extra/cockpit/foreman-cockpit-session:288:in `<main>'
Any help is appreciated! Thanks!
claudiu-edi commented
I've managed to get over 'certificate verify failed (OpenSSL::SSL::SSLError)' by replacing
:foreman_ssl_ca: /etc/puppetlabs/puppet/ssl/certs/ca.pem
:foreman_ssl_cert: /etc/puppetlabs/puppet/ssl/certs/foreman.local.pem
:foreman_ssl_key: /etc/puppetlabs/puppet/ssl/private_keys/foreman.local.pem
with
:foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
:foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
:foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
But now I have another problem: I get the following in /var/log/messages
Sep 11 12:13:14 foreman cockpit-ws: INFO: Running foreman-cockpit-session with settings from /etc/foreman-cockpit/settings.yml:
Sep 11 12:13:14 foreman cockpit-ws: {:foreman_url=>"https://foreman.reposerver.local", :ssl_ca_file=>"/etc/foreman-proxy/foreman_ssl_ca.pem", :ssl_certificate=>"/etc/foreman-proxy/foreman_ssl_cert.pem", :ssl_private_key=>"/etc/foreman-proxy/foreman_ssl_key.pem"}
Sep 11 12:13:14 foreman smart-proxy: foreman.reposerver.local - - [11/Sep/2019:12:13:14 EEST] "GET /dynflow/tasks/count?state=running HTTP/1.1" 200 29
Sep 11 12:13:14 foreman smart-proxy: - -> /dynflow/tasks/count?state=running
Sep 11 12:13:14 foreman cockpit-ws: /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.8.2/extra/cockpit/foreman-cockpit-session:213:in `read': Permission denied - /etc/foreman-proxy/foreman_ssl_key.pem (Errno::EACCES)
Sep 11 12:13:14 foreman cockpit-ws: from /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.8.2/extra/cockpit/foreman-cockpit-session:213:in `ssh_with_proxy'
Sep 11 12:13:14 foreman cockpit-ws: from /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.8.2/extra/cockpit/foreman-cockpit-session:302:in `<main>'
claudiu-edi commented
Never mind, I got it working using:
:ssl_ca_file: /etc/foreman/proxy_ca.pem
:ssl_certificate: /etc/foreman/client_cert.pem
:ssl_private_key: /etc/foreman/client_key.pem