Both are set to 8080 Input Arguments "-Dcruise.server.ssl.port\u003d8080" System Properties "cruise.server.ssl.port": "8080",
There is no problem with the initial redirect. curl --cacert ca.crt -v https://gocd-server:8080 redirects to Location: /go/home but then curl --cacert ca.crt -v https://gocd-server:8080/go/home redirects to Location: https://gocd-server:8443/go/auth/login The 2nd redirect is fully qualified. Is this an issue with the authentication plugin integration? No issue with ports 8081, 9000 or 8154 (of course). Kind Regards, David On Thursday, 14 September 2017 16:00:05 UTC+2, Ketan Padegaonkar wrote: > > If you make a request for http://your-server:8153/go/api/support and look > for "*System Properties*" and "*Input Arguments*", do you see the > property *cruise.server.ssl.port* set to port 8080, if not there's likely > a problem reading /etc/default/go-server. > > On Thu, Sep 14, 2017 at 7:14 PM David Newhook <[email protected] > <javascript:>> wrote: > >> Hi there, >> >> I don't seem to be able to change the SSL listen port to 8080 for GOCD >> server deployed with RPMs on RHEL 7.3 (GOCD 17.10 tested). >> >> I have configured GO_SERVER_SSL_PORT to be 8080 in /etc/default/go-server >> as follows: >> >> GO_SERVER_PORT=8153 >> GO_SERVER_SSL_PORT=8080 >> SERVER_WORK_DIR=/var/lib/go-server >> DAEMON=Y >> >> I am using my own SSL cert as documented in >> https://docs.gocd.org/17.10.0/installation/ssl_tls/custom_server_certificate.html >> >> but have observed the same behaviour in an experimental build of 17.11 >> <https://build.gocd.org/go/files/installers-PR/633/dist/1/dist/dist/rpm/go-server-17.11.0-5387.noarch.rpm> >> >> where I used the default self-signed certificate. Using Firefox or curl - >> I'm always redirected from the 8080 port set to 8443 when not >> authenticated. The following curl statement is run on the gocd server. >> 'gocd-server' in /etc/hosts points to the IP address of the GOCD server >> (192.168.178.15). No proxies configured. >> >> gocd-server:root:/root # curl --cacert ca.crt -v https://gocd-server:8080 >> /go/home >> * About to connect() to gocd-server port 8080 (#0) >> * Trying 192.168.178.15... >> * Connected to gocd-server (192.168.178.15) port 8080 (#0) >> * Initializing NSS with certpath: sql:/etc/pki/nssdb >> * CAfile: ca.crt >> CApath: none >> * NSS: client certificate not found (nickname not specified) >> * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 >> * Server certificate: >> * subject: CN=gocd-server >> * start date: Sep 06 12:22:28 2017 GMT >> * expire date: Sep 06 12:22:28 2022 GMT >> * common name: gocd-server >> * issuer: CN=My CA >> > GET /go/home HTTP/1.1 >> > User-Agent: curl/7.29.0 >> > Host: gocd-server:8080 >> > Accept: */* >> > >> < HTTP/1.1 302 Found >> < Date: Thu, 14 Sep 2017 13:12:14 GMT >> < Set-Cookie: JSESSIONID=orh3ia1v4s1dpnefhc2v2evp;Path=/go;Expires=Thu, >> 28-Sep-2017 13:12:14 GMT;Secure;HttpOnly >> < Expires: Thu, 01 Jan 1970 00:00:00 GMT >> < Location: https://gocd-server:8443/go/auth/login >> < Content-Length: 0 >> < >> * Connection #0 to host gocd-server left intact >> >> Strangely no problem with other ports (9000 and 8081 tested). >> gocd-server:root:/root # curl --cacert ca.crt -v https://gocd-server:8081 >> /go/home >> * About to connect() to gocd-server port 8081 (#0) >> * Trying 192.168.178.15... >> * Connected to gocd-server (192.168.178.15) port 8081 (#0) >> * Initializing NSS with certpath: sql:/etc/pki/nssdb >> * CAfile: ca.crt >> CApath: none >> * NSS: client certificate not found (nickname not specified) >> * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 >> * Server certificate: >> * subject: CN=gocd-server >> * start date: Sep 06 12:22:28 2017 GMT >> * expire date: Sep 06 12:22:28 2022 GMT >> * common name: gocd-server >> * issuer: CN=Puppet CA: config.shared.sp.vodafone.com >> > GET /go/home HTTP/1.1 >> > User-Agent: curl/7.29.0 >> > Host: gocd-server:8081 >> > Accept: */* >> > >> < HTTP/1.1 302 Found >> < Date: Thu, 14 Sep 2017 13:34:05 GMT >> < Set-Cookie: JSESSIONID=1dt9ank0ghnd7aluwlheptn3f;Path=/go;Expires=Thu, >> 28-Sep-2017 13:34:05 GMT;Secure;HttpOnly >> < Expires: Thu, 01 Jan 1970 00:00:00 GMT >> < Location: https://gocd-server:8081/go/auth/login >> < Content-Length: 0 >> < >> * Connection #0 to host gocd-server left intact >> >> SELinux is running in permissive mode - not seeing anything in the audit >> log. Is this just an issue with my environment? >> >> Kind Regards, >> >> David >> >> -- >> You received this message because you are subscribed to the Google Groups >> "go-cd" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
