Jump to content


Photo

Monyog Over Ssl (Https)


  • Please log in to reply
11 replies to this topic

#1 andrewa

andrewa

    Newbie

  • Members
  • Pip
  • 6 posts
  • Gender:Male
  • Location:Bulgaria
  • Interests:work, sex, alchohol

Posted 29 April 2012 - 06:31 PM

I followed FAQ advice #14, which deals with this issue but I stumbled on line:
10. Configure proxy in Apache described in FAQ 12 and restart Apache.
FAQ12 concerns the configuration of virtual host, not proxy; that is what I presume p.10 refers to.
I have installed successfully certificates, configured mods and I guess I make a mistake at this point in the httpd.conf:

<VirtualHost 1.1.1.1:443>
DocumentRoot /var/www/html
ServerName monyog
SSLEngine On
SSLCertificateFile /etc/pki/mine/certs/my.crt
SSLCertificateKeyFile /etc/pki/mine/private/my.key
</VirtualHost>

<VirtualHost monyog>
ServerName monyog
ServerAlias http://1.1.1.1
Redirect permanent / http://1.1.1.1:5555>/
</VirtualHost>

Here 1.1.1.1 stands for my IP address. In /etc/hosts I have added:
1.1.1.1 monyog
supposing that I should replace 'monyog.mydomain.com' with 'monyog' in the advice FAQ12.

The result is that when I try to access MONyog interface with http://1.1.1.1:555 in IE or Mozilla, it works OK in http mode. But when I try https://1.1.1.1:555 no connection is established. Help needed.

Another point: there is a local IP 192.168.0.1 address for the second ethernet card of this machine (Fedora14 OS); will MONyog be accessible from the LAN? https mode is not a must for the LAN members.

#2 Rituparna Kashyap

Rituparna Kashyap

    Newbie

  • Members
  • Pip
  • 7 posts
  • Gender:Male

Posted 30 April 2012 - 11:59 AM

10. Configure proxy in Apache described in FAQ 12 and restart Apache.

Actually it should be FAQ 13 instead of FAQ 12. The link is wrong, we will change it in next version.

#3 andrewa

andrewa

    Newbie

  • Members
  • Pip
  • 6 posts
  • Gender:Male
  • Location:Bulgaria
  • Interests:work, sex, alchohol

Posted 30 April 2012 - 02:04 PM

"proxy" is discussed in FAQ13 and "virtual host" in FAQ12, that is clear. I think that virtual host trick should be used to start NONyog in https, not proxy. Is that correct?
Please, post a working httpd.conf setup for that purpose.
I have seen a mistake in my first post above:
Redirect permanent / http://1.1.1.1:5555>/ is actually without ">". The httpd.conf file is correct, the post is wrong. But https does not work Posted Image

#4 Supratik

Supratik

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts
  • Gender:Male

Posted 01 May 2012 - 02:17 PM

Hi

MONyog does not have HTTPS support present in it's core yet. You need to configure your Apache server to act as a web proxy for MONyog.

The setup can be configured without the help of VirtualHost if you are planning to run only MONyog through it.
The minimum configuration you will need to configure Apache web proxy is explained in FAQ 13.

If you want to configure the same using VirtualHost please compile and load the required modules as explained in the FAQ 13 (1 - 4).
Once the required modules are loaded you may now use the below configuration which uses VirtualHost method.

<VirtualHost 1.1.1.1:443>
DocumentRoot /var/www/html
ServerName mysever.mydomain.com
SSLEngine On
SSLCertificateFile /etc/pki/mine/certs/my.crt
SSLCertificateKeyFile /etc/pki/mine/private/my.key

ProxyRequests Off
<Proxy *>
	    Order deny,allow
	    Allow from all
</Proxy>

ProxyHTMLExtended On
ProxyPass	   /monyog/  http://1.1.1.2:5555/
ProxyHTMLURLMap http://1.1.1.2:5555 /monyog
ProxyPreserveHost On
<Location /monyog/>
	    ProxyPassReverse /
	    ProxyHTMLEnable On
	    ProxyHTMLURLMap  /	  /monyog/
	    RequestHeader    unset  Accept-Encoding
</Location>
</VirtualHost>

I am assuming your Apache web server is running in IP address 1.1.1.1 and MONyog is running in IP address 1.1.1.2 and the
host name is myserver.mydomain.com.

Now MONyog can be accessed from https://myserver.mydomain.com/monyog/

Please make sure you have required ports opened in your firewall.

You may make changes in the above configuration as required.


Please let me know if you need further assistance.

#5 andrewa

andrewa

    Newbie

  • Members
  • Pip
  • 6 posts
  • Gender:Male
  • Location:Bulgaria
  • Interests:work, sex, alchohol

Posted 01 May 2012 - 06:36 PM

Thanks!
I followed the above listed configuration but I am still missing something. My server has no registered domain name and I use its IP to access it from a remote host for the testing. IP 1.1.1.2 is set to the LAN IP 192.168.10.254 of this CPU. So I have the following in httpd.conf:

<VirtualHost 1.1.1.1:443>
DocumentRoot /var/www/html
ServerName 1.1.1.1
SSLEngine On
SSLCertificateFile /etc/pki/mine/certs/my.crt
SSLCertificateKeyFile /etc/pki/mine/private/my.key
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyHTMLExtended On
ProxyPass /monyog/ http://192.168.10.254:5555/
ProxyHTMLURLMap http://192.168.10.254:5555 /monyog
ProxyPreserveHost On
<Location /monyog/>
ProxyPassReverse /
ProxyHTMLEnable On
ProxyHTMLURLMap / /monyog/
RequestHeader unset Accept-Encoding
</Location>
</VirtualHost>

https is allowed in the firewall, Apache is serving other services (like zoneminder).
The result is that when I access https://1.1.1.1/monyog/ from a remote IP, I get the log on screen, type in the correct password but nothing happens after I click LOGIN
If a false PW is typed in, a message "Authentication failed . . ." pops up.
I access http://1.1.1.1:5555 from a remote IP as well as from LAN with http://192.168.10.254:5555 and log on without problems.

I checked for error messages in the log files and found none. Here is a long extract from /var/log/httpd/access_log concerning a login attempt:
--remote IP-- - - [01/May/2012:21:00:38 +0300] "GET /monyog/ HTTP/1.1" 302 - "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-
1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:38 +0300] "GET /monyog/mlogin.html HTTP/1.1" 200 2981 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005
Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/css/monyog.css?v=-1590587077 HTTP/1.1" 200 38951 "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/css/custom-theme/jquery-ui-1.8.14.custom.css?v=-1590587077 HTTP/1.1" 200 33077
"https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/img/mon.png?v=-1590587077 HTTP/1.1" 200 2151 "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/lib/jquery.cookie.js?v=-1590587077 HTTP/1.1" 200 985 "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/lib/jquery-1.5.2.min.js?v=-1590587077 HTTP/1.1" 200 87294 "https://1.1.1.1/monyog/mlogin.html"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/lib/jquery-ui-1.8.14.custom.min.js?v=-1590587077 HTTP/1.1" 200 203782
"https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/lib/jquery.address-1.4.min.js?v=-1590587077 HTTP/1.1" 200 9656 "https://1.1.1.1/monyog/mlogin.html"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/lib/persist/persist-min.js?v=-1590587077 HTTP/1.1" 200 9365 "https://1.1.1.1/monyog/mlogin.html"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/favicon.ico HTTP/1.1" 200 1150 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005
Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/js/monyogplugin.js?v=-1590587077 HTTP/1.1" 200 22692 "https://1.1.1.1/monyog/mlogin.html"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/js/monyoglogin.js?v=-1590587077 HTTP/1.1" 200 1808 "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0
(X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/img/user-gradient.gif?v=-1590587077 HTTP/1.1" 200 9387 "https://1.1.1.1/mony...ss/monyog.css?v=-
1590587077" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/img/helplogout.gif?v=-1590587077 HTTP/1.1" 200 239 "https://1.1.1.1/mony...ss/monyog.css?v=-
1590587077" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/js/monyogconfig.js?v=-1590587077 HTTP/1.1" 200 10157 "https://1.1.1.1/monyog/mlogin.html"
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:39 +0300] "GET /monyog/img/disable_button_bg.png?v=-1590587077 HTTP/1.1" 200 1015
"https://1.1.1.1/mony...s?v=-1590587077" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:40 +0300] "POST /monyog/mlogin.html HTTP/1.1" 200 79 "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:40 +0300] "GET /monyog/img/button-normal.gif?v=-1590587077 HTTP/1.1" 200 250 "https://1.1.1.1/mony...ss/monyog.css?v=-
1590587077" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:57 +0300] "POST /monyog/mindex.html HTTP/1.1" 200 161 "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"
--remote IP-- - - [01/May/2012:21:00:57 +0300] "POST /monyog/mlogin.html HTTP/1.1" 200 - "https://1.1.1.1/monyog/mlogin.html" "Mozilla/5.0 (X11; U; Linux i686; en-
US; rv:1.9.2.10) Gecko/20101005 Fedora/3.6.10-1.fc14 Firefox/3.6.10"

Lines with timestamp up to 21:00:40 are for the first window after I type in the browser https:.... and the last 2 lines with timestamp 21:00:57 are after I click LOGIN link.

Any idea?

#6 andrewa

andrewa

    Newbie

  • Members
  • Pip
  • 6 posts
  • Gender:Male
  • Location:Bulgaria
  • Interests:work, sex, alchohol

Posted 01 May 2012 - 10:16 PM

I have moved a little forward. I had installed modules/mod_proxy_html.so from RPM, not by building it with apxs command (it was not available on my system). RPM installs the module via conf file in conf.d folder where it loads also mod_xml2enc.so. I installed apxs command and built the mod_proxy_html.so as described in FAQ13 resolving one minor problem: a file is missing in /usr/include/apr-1 folder.
mod_proxy_html.c:66:25: fatal error: mod_xml2enc.h: No such file or directory
I copied it from:
cp /proc/19834/cwd/mod_xml2enc.h mod_xml2enc.h and the build up succeeded.
After installing all modules in httpd.conf:
.......
LoadFile /usr/lib/libxml2.so
LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule xml2enc_module modules/mod_xml2enc.so
.....
I reached the following situation:
1. https://1.1.1.1/monyog/ - I get LOGON window of MONyog
2. insert PW, click LOGON - I get error403 and browser address is https://1.1.1.1/mindex.html
3. I add /monyog in browser address https://1.1.1.1/monyog/mindex.html - MONyog window opens with servers active, menus available and MONITORS tab selected but no data.
4. I click on menu tabs and they get selected, but no data is shown - just blank background.
5. Click LOGOUT - opens confirmation dialogue and after OK get https://1.1.1.1/mlogin.html in the browser address and error403 The requested URL /mlogin.html was not found on this server, Apache/2.2.17 (Fedora) Server at 1.1.1.1 Port 443
I guess Apache is now communicating with https on WAN IP 1.1.1.1, the proxy is redirecting the data to the LAN IP 192.168.10.254 but there is some issue with the path redirection at some point and the data ends in /.... rather than /monyog/....
Any idea?

#7 Supratik

Supratik

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts
  • Gender:Male

Posted 02 May 2012 - 06:08 AM

Can you please tell me which version of MONyog you are using ?

We found that the current MONyog version is having some issue with Apache web proxy.
We are currently looking into this issue with priority and soon will update you with the fix.

#8 Mahesh

Mahesh

    Advanced Member

  • Admin
  • PipPipPip
  • 495 posts
  • Gender:Male
  • Location:Bangalore,India
  • Interests:MySQL, Cricket, Music..

Posted 02 May 2012 - 09:43 AM

We have fixed this issue, We can give you a special build.
Please let us know which MONyog build you are using (Windows, Linux - 32/64 RPM OR Linux -32/64 TAR package).

Also let us know which version of MONyog you are using currently? and build type: TRIAL/Licensed?

#9 andrewa

andrewa

    Newbie

  • Members
  • Pip
  • 6 posts
  • Gender:Male
  • Location:Bulgaria
  • Interests:work, sex, alchohol

Posted 02 May 2012 - 02:52 PM

I am using 5.12 trial, downloaded from Your site a few days ago. RPM 32 bit version installed on Fedora14.

I am not a professional MySQL support, I take care of the company servers and a trial install on some CPU is OK for me to tune up the systems at the start and then check them from time to time.

#10 Mahesh

Mahesh

    Advanced Member

  • Admin
  • PipPipPip
  • 495 posts
  • Gender:Male
  • Location:Bangalore,India
  • Interests:MySQL, Cricket, Music..

Posted 03 May 2012 - 12:35 PM

Please download and install this special build v5.12 (not released) which will show data on all pages.
http://webyog.com/do....1.2-3.i386.rpm

Let us know whether this build solves your problems?

#11 andrewa

andrewa

    Newbie

  • Members
  • Pip
  • 6 posts
  • Gender:Male
  • Location:Bulgaria
  • Interests:work, sex, alchohol

Posted 03 May 2012 - 08:28 PM

Thanks for the great job! Now it works fine over SSL. The version shown is 5.12 N2.
Do You have plans to release different language versions? I am willing to do Bulgarian translation.

#12 Mahesh

Mahesh

    Advanced Member

  • Admin
  • PipPipPip
  • 495 posts
  • Gender:Male
  • Location:Bangalore,India
  • Interests:MySQL, Cricket, Music..

Posted 04 May 2012 - 07:33 AM

Thanks for confirmation Posted Image

Currently we do not have any plan as such for MONyog to release in diffrent languages.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users