Hello!
I have just installer opsi in ucs, and downloaded configed.jnpl. After I trying to launch configed.jnpl happens nothing, he just stuck by loading
Can someone help a little bit with tips what can I do?
Thx.
I would try this:
- Change in /etc/opsi/opsiconfd.conf:
accepted ciphers = AES128-GCM-SHA256
- Restart of opsiconfd
Cant findt this row in opsiconfd.conf.
Oh sorry, you’ve to add this line to the service section.
Can you maybe tell me how to do this?
Hi @maksvell,
just to make sure your OPSI port is open: can you please run
nmap -p 4447 192.168.4.142
from another UCS server/Linux desktop client? This should give output similar to this:
PORT STATE SERVICE
4447/tcp open n1-rmgmt
If the port is closed, please check on the UCS server having OPSI installed if the firewall is configured correctly:
ucr search 4447
This should return something like
security/packetfilter/package/opsi4ucs/tcp/4447/all/en: Port for opsi-Webservice
security/packetfilter/package/opsi4ucs/tcp/4447/all: ACCEPT
If this is also the case, please check if the port is actually open using iptables:
iptables -L | grep 4447
This should give output similar to
ACCEPT tcp -- anywhere anywhere tcp dpt:4447
Last but not least, is the opsiconfd actually running? Check with
ps auxf | grep -v grep | grep opsiconfd
This should return output similar to
5543 28301 1.0 1.7 784292 327652 ? Sl Aug21 1859:57 /usr/bin/python /usr/bin/opsiconfd -D
root 28325 0.0 0.0 13064 4032 ? S Aug21 24:32 /bin/bash +e /usr/bin/opsiconfd-guard daemon
If no output is printed, let OPSI fix its settings and restart the OPSI process:
opsi-setup --set-rights
systemctl restart opsiconfd.service
Regards,
Timo Denissen
You have to change this section with an editor of your choice (e.g. nanon):
[service]
# The network interfaces to bind to.
# This must be the IP address of an network interface.
# Use 0.0.0.0 to listen to all interfaces
# Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
#
# Default:
# interface = 0.0.0.0
interface = 0.0.0.0
# The port where opsiconfd will listen for HTTP requests.
# Use 0 to disable HTTP protocol
# Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
#
# Default:
# http port = 0
http port = 0
# The port where opsiconfd will listen for HTTPS requests.
# Use 0 to disable HTTPS protocol
# Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
#
# Default:
# https port = 4447
https port = 4447
# The location of the server certificate.
# Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
#
# Default:
# ssl server cert = /etc/opsi/opsiconfd.pem
ssl server cert = /etc/opsi/opsiconfd.pem
# The location of the server private key
# Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect.
#
# Default:
# ssl server key = /etc/opsi/opsiconfd.pem
ssl server key = /etc/opsi/opsiconfd.pem
accepted ciphers = AES128-GCM-SHA256
Yes Port 4447 is open.
But got 1 failed by opsi-setup --set-rights
Thank you so much, your variant helped.
That’s no failure. If you havn’t bought co-financed modules, you always get this message.
Hi @maksvell,
that message is just a warning that you don’t have a module file installed. That’s like a licence for OPSI which is only needed if you want to use not-yet-free modules for OPSI.
Glad to hear that your problem could be solved 
Regards,
Timo Denissen
PS: I marked the post from @SirTux as the solution to this problem.
ps auxf | grep -v grep | grep opsiconfd
opsicon+ 10845 74.3 0.9 114468 37792 ? Rs 08:30 0:02 /usr/bin/python /usr/bin/opsiconfd -D
iptables -L | grep 4447
ACCEPT tcp -- anywhere anywhere tcp dpt:4447
I cannot open https://IP:4447/
Unable to connect