ndemou Posted May 24, 2019 Report Share Posted May 24, 2019 Had no problem in test server but after upgrading our production system to 63.0 we lost access to the web interface! Tried from various IPs, from same LAN and from localhost with no success. Ports 8080 and 443 are open and LISTENing, we get connected but then the pbxctrl gives zero bytes back. I'm providing the ouput of tests from localhost with wget and openssl below. Please help as soon as possible. wget -vvvv http://localhost:8080/ --2019-05-24 13:40:19-- http://localhost:8080/ Resolving localhost (localhost)... ::1, ::1, 127.0.0.1 Connecting to localhost (localhost)|::1|:8080... connected. HTTP request sent, awaiting response... No data received. Retrying. [...same error again and again...] wget -vvvv https://localhost --2019-05-24 13:28:21-- https://localhost/ Resolving localhost (localhost)... ::1, ::1, 127.0.0.1 Connecting to localhost (localhost)|::1|:443... connected. Unable to establish SSL connection. openssl s_client -debug -host localhost -port 443 CONNECTED(00000003) write to 0x21d3500 [0x21d3580] (289 bytes => 289 (0x121)) 0000 - 16 03 01 01 1c 01 00 01-18 03 03 58 2a 59 35 05 ...........X*Y5. 0010 - 31 9e c9 3a 58 b9 82 80-ad 03 9c ee cf 4b 2a 1a 1..:X........K*. 0020 - ed 50 8c 11 cf 2b 4a 98-bd be 24 00 00 ac c0 30 .P...+J...$....0 0030 - c0 2c c0 28 c0 24 c0 14-c0 0a 00 a5 00 a3 00 a1 .,.(.$.......... 0040 - 00 9f 00 6b 00 6a 00 69-00 68 00 39 00 38 00 37 ...k.j.i.h.9.8.7 0050 - 00 36 00 88 00 87 00 86-00 85 c0 32 c0 2e c0 2a .6.........2...* 0060 - c0 26 c0 0f c0 05 00 9d-00 3d 00 35 00 84 c0 2f .&.......=.5.../ 0070 - c0 2b c0 27 c0 23 c0 13-c0 09 00 a4 00 a2 00 a0 .+.'.#.......... 0080 - 00 9e 00 67 00 40 00 3f-00 3e 00 33 00 32 00 31 ...g.@.?.>.3.2.1 0090 - 00 30 00 9a 00 99 00 98-00 97 00 45 00 44 00 43 .0.........E.D.C 00a0 - 00 42 c0 31 c0 2d c0 29-c0 25 c0 0e c0 04 00 9c .B.1.-.).%...... 00b0 - 00 3c 00 2f 00 96 00 41-c0 12 c0 08 00 16 00 13 .<./...A........ 00c0 - 00 10 00 0d c0 0d c0 03-00 0a 00 07 c0 11 c0 07 ................ 00d0 - c0 0c c0 02 00 05 00 04-00 ff 01 00 00 43 00 0b .............C.. 00e0 - 00 04 03 00 01 02 00 0a-00 0a 00 08 00 17 00 19 ................ 00f0 - 00 18 00 16 00 23 00 00-00 0d 00 20 00 1e 06 01 .....#..... .... 0100 - 06 02 06 03 05 01 05 02-05 03 04 01 04 02 04 03 ................ 0110 - 03 01 03 02 03 03 02 01-02 02 02 03 00 0f 00 01 ................ 0120 - 01 . read from 0x21d3500 [0x21d8ae0] (7 bytes => 0 (0x0)) 140427521087376:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 289 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1558694617 Timeout : 300 (sec) Verify return code: 0 (ok) --- Quote Link to comment Share on other sites More sharing options...
Support Posted May 24, 2019 Report Share Posted May 24, 2019 Can you try with http://localhost/rawlogin Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted May 24, 2019 Report Share Posted May 24, 2019 Looks to me like the PBX could not open the sockets for HTTP/HTTPS. Maybe the firewall does not like the new executable? What OS is that? Check with netstat is the ports were opened. Quote Link to comment Share on other sites More sharing options...
ndemou Posted May 24, 2019 Author Report Share Posted May 24, 2019 OS is linux/CentOS. There is not firewall (wget ...localhost...). The ports _are_ open (notice that wget reports that it gets connected but I also verified with ss). rawlogin has exactly the same behavior (I get connected but get zero bytes from the PBX). I rebooted (it's deep in the night here) with no success. Quote Link to comment Share on other sites More sharing options...
ndemou Posted May 24, 2019 Author Report Share Posted May 24, 2019 FIXED! removed webUI customization (pbxwebai and webpages directory) and it works. Quote Link to comment Share on other sites More sharing options...
ndemou Posted May 24, 2019 Author Report Share Posted May 24, 2019 Not quite fixed after all. It works for a little while then it renders pages with huge logos and unusual layout, then after trying ctrl-F5 (firefox's shortcut to *fully* reload) it stops responding. I'm seeing these lines at the logs: [6] 20190525003418: Last message repeated 3 times [3] 20190525003418: Current number of requests 50 has reached maximum 50, connections not accepted [6] 20190525003418: 140 more requests pending to acme-v02.api.letsencrypt.org:443 [6] 20190525003419: Last message repeated 2 times [3] 20190525003419: Current number of requests 50 has reached maximum 50, connections not accepted [6] 20190525003420: 140 more requests pending to acme-v02.api.letsencrypt.org:443 [6] 20190525003422: Last message repeated 5 times [3] 20190525003422: Current number of requests 50 has reached maximum 50, connections not accepted [6] 20190525003422: 140 more requests pending to acme-v02.api.letsencrypt.org:443 Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted May 25, 2019 Report Share Posted May 25, 2019 Yea... another common problem was that the previous default number of connections was just 50, which is very low. You should set that to 500 or even more (/reg_ports.htm). As for the login we have a secondary login page "rawlogin.htm" - you are not the first with that problem! Quote Link to comment Share on other sites More sharing options...
ndemou Posted May 26, 2019 Author Report Share Posted May 26, 2019 Thanks that was it! I had to temporarily firewall one IP with a lot of TCP connections in order to let me connect to the webUI. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.