If you make a request for http://your-server:8153/go/api/support and look for "*System Properties*" and "*Input Arguments*", do you see the property *cruise.server.ssl.port* set to port 8080, if not there's likely a problem reading /etc/default/go-server.
On Thu, Sep 14, 2017 at 7:14 PM David Newhook <[email protected]> wrote: > Hi there, > > I don't seem to be able to change the SSL listen port to 8080 for GOCD > server deployed with RPMs on RHEL 7.3 (GOCD 17.10 tested). > > I have configured GO_SERVER_SSL_PORT to be 8080 in /etc/default/go-server > as follows: > > GO_SERVER_PORT=8153 > GO_SERVER_SSL_PORT=8080 > SERVER_WORK_DIR=/var/lib/go-server > DAEMON=Y > > I am using my own SSL cert as documented in > https://docs.gocd.org/17.10.0/installation/ssl_tls/custom_server_certificate.html > but have observed the same behaviour in an experimental build of 17.11 > <https://build.gocd.org/go/files/installers-PR/633/dist/1/dist/dist/rpm/go-server-17.11.0-5387.noarch.rpm> > where I used the default self-signed certificate. Using Firefox or curl - > I'm always redirected from the 8080 port set to 8443 when not > authenticated. The following curl statement is run on the gocd server. > 'gocd-server' in /etc/hosts points to the IP address of the GOCD server > (192.168.178.15). No proxies configured. > > gocd-server:root:/root # curl --cacert ca.crt -v https://gocd-server:8080/ > go/home > * About to connect() to gocd-server port 8080 (#0) > * Trying 192.168.178.15... > * Connected to gocd-server (192.168.178.15) port 8080 (#0) > * Initializing NSS with certpath: sql:/etc/pki/nssdb > * CAfile: ca.crt > CApath: none > * NSS: client certificate not found (nickname not specified) > * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > * Server certificate: > * subject: CN=gocd-server > * start date: Sep 06 12:22:28 2017 GMT > * expire date: Sep 06 12:22:28 2022 GMT > * common name: gocd-server > * issuer: CN=My CA > > GET /go/home HTTP/1.1 > > User-Agent: curl/7.29.0 > > Host: gocd-server:8080 > > Accept: */* > > > < HTTP/1.1 302 Found > < Date: Thu, 14 Sep 2017 13:12:14 GMT > < Set-Cookie: JSESSIONID=orh3ia1v4s1dpnefhc2v2evp;Path=/go;Expires=Thu, > 28-Sep-2017 13:12:14 GMT;Secure;HttpOnly > < Expires: Thu, 01 Jan 1970 00:00:00 GMT > < Location: https://gocd-server:8443/go/auth/login > < Content-Length: 0 > < > * Connection #0 to host gocd-server left intact > > Strangely no problem with other ports (9000 and 8081 tested). > gocd-server:root:/root # curl --cacert ca.crt -v https://gocd-server:8081/ > go/home > * About to connect() to gocd-server port 8081 (#0) > * Trying 192.168.178.15... > * Connected to gocd-server (192.168.178.15) port 8081 (#0) > * Initializing NSS with certpath: sql:/etc/pki/nssdb > * CAfile: ca.crt > CApath: none > * NSS: client certificate not found (nickname not specified) > * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > * Server certificate: > * subject: CN=gocd-server > * start date: Sep 06 12:22:28 2017 GMT > * expire date: Sep 06 12:22:28 2022 GMT > * common name: gocd-server > * issuer: CN=Puppet CA: config.shared.sp.vodafone.com > > GET /go/home HTTP/1.1 > > User-Agent: curl/7.29.0 > > Host: gocd-server:8081 > > Accept: */* > > > < HTTP/1.1 302 Found > < Date: Thu, 14 Sep 2017 13:34:05 GMT > < Set-Cookie: JSESSIONID=1dt9ank0ghnd7aluwlheptn3f;Path=/go;Expires=Thu, > 28-Sep-2017 13:34:05 GMT;Secure;HttpOnly > < Expires: Thu, 01 Jan 1970 00:00:00 GMT > < Location: https://gocd-server:8081/go/auth/login > < Content-Length: 0 > < > * Connection #0 to host gocd-server left intact > > SELinux is running in permissive mode - not seeing anything in the audit > log. Is this just an issue with my environment? > > Kind Regards, > > David > > -- > You received this message because you are subscribed to the Google Groups > "go-cd" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
