Hi there, I don't seem to be able to change the SSL listen port to 8080 for GOCD server deployed with RPMs on RHEL 7.3 (GOCD 17.10 tested).
I have configured GO_SERVER_SSL_PORT to be 8080 in /etc/default/go-server as follows: GO_SERVER_PORT=8153 GO_SERVER_SSL_PORT=8080 SERVER_WORK_DIR=/var/lib/go-server DAEMON=Y I am using my own SSL cert as documented in https://docs.gocd.org/17.10.0/installation/ssl_tls/custom_server_certificate.html but have observed the same behaviour in an experimental build of 17.11 <https://build.gocd.org/go/files/installers-PR/633/dist/1/dist/dist/rpm/go-server-17.11.0-5387.noarch.rpm> where I used the default self-signed certificate. Using Firefox or curl - I'm always redirected from the 8080 port set to 8443 when not authenticated. The following curl statement is run on the gocd server. 'gocd-server' in /etc/hosts points to the IP address of the GOCD server (192.168.178.15). No proxies configured. gocd-server:root:/root # curl --cacert ca.crt -v https://gocd-server:8080/go /home * About to connect() to gocd-server port 8080 (#0) * Trying 192.168.178.15... * Connected to gocd-server (192.168.178.15) port 8080 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: ca.crt CApath: none * NSS: client certificate not found (nickname not specified) * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * Server certificate: * subject: CN=gocd-server * start date: Sep 06 12:22:28 2017 GMT * expire date: Sep 06 12:22:28 2022 GMT * common name: gocd-server * issuer: CN=My CA > GET /go/home HTTP/1.1 > User-Agent: curl/7.29.0 > Host: gocd-server:8080 > Accept: */* > < HTTP/1.1 302 Found < Date: Thu, 14 Sep 2017 13:12:14 GMT < Set-Cookie: JSESSIONID=orh3ia1v4s1dpnefhc2v2evp;Path=/go;Expires=Thu, 28-Sep-2017 13:12:14 GMT;Secure;HttpOnly < Expires: Thu, 01 Jan 1970 00:00:00 GMT < Location: https://gocd-server:8443/go/auth/login < Content-Length: 0 < * Connection #0 to host gocd-server left intact Strangely no problem with other ports (9000 and 8081 tested). gocd-server:root:/root # curl --cacert ca.crt -v https://gocd-server:8081/go /home * About to connect() to gocd-server port 8081 (#0) * Trying 192.168.178.15... * Connected to gocd-server (192.168.178.15) port 8081 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: ca.crt CApath: none * NSS: client certificate not found (nickname not specified) * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * Server certificate: * subject: CN=gocd-server * start date: Sep 06 12:22:28 2017 GMT * expire date: Sep 06 12:22:28 2022 GMT * common name: gocd-server * issuer: CN=Puppet CA: config.shared.sp.vodafone.com > GET /go/home HTTP/1.1 > User-Agent: curl/7.29.0 > Host: gocd-server:8081 > Accept: */* > < HTTP/1.1 302 Found < Date: Thu, 14 Sep 2017 13:34:05 GMT < Set-Cookie: JSESSIONID=1dt9ank0ghnd7aluwlheptn3f;Path=/go;Expires=Thu, 28-Sep-2017 13:34:05 GMT;Secure;HttpOnly < Expires: Thu, 01 Jan 1970 00:00:00 GMT < Location: https://gocd-server:8081/go/auth/login < Content-Length: 0 < * Connection #0 to host gocd-server left intact SELinux is running in permissive mode - not seeing anything in the audit log. Is this just an issue with my environment? Kind Regards, David -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
