Hi!
aso wrote:
If this does not work, please refer to your firewall settings.
You right! The firewall settings are the case. The mentioned problem started from moving from HTTP to HTTPS service.
In the OpenEmm Installation guide, there is only these lines regarding firewall and HTTP service :
Code: Select all
# firewall-cmd --zone=public --add-port=8080/tcp --permanent
# firewall-cmd --zone=public --add-port=25/tcp --permanent
# firewall-cmd --zone=public --add-forwardport=port=80:proto=tcp:toport=8080 --permanent
There no information regarding the HTTPS settings. So I add one rule after moving TOMCAT to SSL (8443). The firewall settings started to look like this:
Code: Select all
target: default
icmp-block-inversion: no
interfaces: ens160
sources:
services: dhcpv6-client ssh
ports: 8080/tcp 25/tcp 8443/tcp
protocols:
masquerade: no
forward-ports: port=80:proto=tcp:toport=8443:toaddr=
port=443:proto=tcp:toport=8443:toaddr=
port=80:proto=tcp:toport=8080:toaddr=
source-ports:
icmp-blocks:
rich rules:
After that, the wktohtml stop processing the URL with the forbidden error (network error).
I can't manage the rules required to firewall the correct way. But after adding the redirect from 443 to 8443 the OpenEmm backend works fine besides wktohtml.
Tried one more thing - I changed the system.url to the system.url =
https://mydomain:8443 and this resolve some problem with wktohtml - the PDF pages started to generate and the preview icons also but without the images within.
And there are the new line's in the log:
Code: Select all
2021-07-10 11:15:26,201: ERROR [https-openssl-apr-8443-exec-1] com.agnitas.emm.core.logon.beans.LogonStateBundle - Unexpected logon state: PENDING. Expected: COMPLETE.
(hostId: `null`, admin: `?`)
Please let me know the firewallD settings which are correct for https service.
Best Regads,