I have just installer opsi in ucs, and downloaded configed.jnpl. After I trying to launch configed.jnpl happens nothing, he just stuck by loading
Can someone help a little bit with tips what can I do?
I would try this:
- Change in /etc/opsi/opsiconfd.conf:
accepted ciphers = AES128-GCM-SHA256
- Restart of opsiconfd
Cant findt this row in opsiconfd.conf.
Oh sorry, you’ve to add this line to the service section.
Can you maybe tell me how to do this?
just to make sure your OPSI port is open: can you please run
nmap -p 4447 192.168.4.142
from another UCS server/Linux desktop client? This should give output similar to this:
PORT STATE SERVICE 4447/tcp open n1-rmgmt
If the port is closed, please check on the UCS server having OPSI installed if the firewall is configured correctly:
ucr search 4447
This should return something like
security/packetfilter/package/opsi4ucs/tcp/4447/all/en: Port for opsi-Webservice security/packetfilter/package/opsi4ucs/tcp/4447/all: ACCEPT
If this is also the case, please check if the port is actually open using iptables:
iptables -L | grep 4447
This should give output similar to
ACCEPT tcp -- anywhere anywhere tcp dpt:4447
Last but not least, is the opsiconfd actually running? Check with
ps auxf | grep -v grep | grep opsiconfd
This should return output similar to
5543 28301 1.0 1.7 784292 327652 ? Sl Aug21 1859:57 /usr/bin/python /usr/bin/opsiconfd -D root 28325 0.0 0.0 13064 4032 ? S Aug21 24:32 /bin/bash +e /usr/bin/opsiconfd-guard daemon
If no output is printed, let OPSI fix its settings and restart the OPSI process:
opsi-setup --set-rights systemctl restart opsiconfd.service
You have to change this section with an editor of your choice (e.g. nanon):
[service] # The network interfaces to bind to. # This must be the IP address of an network interface. # Use 0.0.0.0 to listen to all interfaces # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # interface = 0.0.0.0 interface = 0.0.0.0 # The port where opsiconfd will listen for HTTP requests. # Use 0 to disable HTTP protocol # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # http port = 0 http port = 0 # The port where opsiconfd will listen for HTTPS requests. # Use 0 to disable HTTPS protocol # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # https port = 4447 https port = 4447 # The location of the server certificate. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # ssl server cert = /etc/opsi/opsiconfd.pem ssl server cert = /etc/opsi/opsiconfd.pem # The location of the server private key # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # ssl server key = /etc/opsi/opsiconfd.pem ssl server key = /etc/opsi/opsiconfd.pem accepted ciphers = AES128-GCM-SHA256
Yes Port 4447 is open.
But got 1 failed by opsi-setup --set-rights
Thank you so much, your variant helped.
That’s no failure. If you havn’t bought co-financed modules, you always get this message.
that message is just a warning that you don’t have a module file installed. That’s like a licence for OPSI which is only needed if you want to use not-yet-free modules for OPSI.
Glad to hear that your problem could be solved
PS: I marked the post from @SirTux as the solution to this problem.
ps auxf | grep -v grep | grep opsiconfd opsicon+ 10845 74.3 0.9 114468 37792 ? Rs 08:30 0:02 /usr/bin/python /usr/bin/opsiconfd -D
iptables -L | grep 4447 ACCEPT tcp -- anywhere anywhere tcp dpt:4447
I cannot open https://IP:4447/
Unable to connect