Nagios Charm

SSL config is not working for Apache2.4

Bug #2009924 reported by Nikita Koltsov on 2023-03-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Nagios Charm	Won't Fix	Medium	Mohammed Alhabib

Bug Description

Adding SSL certificate to the charm(rev 56) deployed to bionic causing the following error:

AH00526: Syntax error on line 14 of /etc/apache2/sites-enabled/default-ssl.conf:
Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configurationAH00526: Syntax error on line 14 of /etc/apache2/sites-enabled/default-ssl.conf:
Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration

The problem caused by deprecation order keyword in apache 2.4(https://httpd.apache.org/docs/2.4/upgrading.html) to fix that either config need to be adjusted either one module need to be loaded.
Temporary fix was the done by running the following command:
sudo a2enmod access_compat

Eric Chen (eric-chen) on 2023-03-11

tags:	added: bseng-1005
Changed in charm-nagios:
status:	New → Triaged
importance:	Undecided → Medium
tags:	added: good-first-bug removed: bseng-1005

Revision history for this message

Mohammed Alhabib (alhama7a) wrote on 2023-03-24 (last edit on 2023-03-24):

We couldn't reproduce this issue. Below are the steps followed:

Deploy Nagios rev 56, then SSH to it
`juju deploy nagios central-monitor --channel latest/stable --revision 56`
`juju ssh central-monitor/0`

Check the Apache service
`systemctl status apache2` # Active (Running)

Examine Apache2 error log
`cat /var/log/apache2/error.log | less`

List enabled modules
`ls /etc/apache2/mods-enabled/` or `apache2ctl -M` # access_compat is enabled by default

Configure SSL
`juju config central-monitor ssl=on`

Re-perform the above checks again.

After that, we performed the same tests on rev 58 (latest), and got the same results. Then @nkoltsov explained to us that this issue occurred in an old cloud while configuring SSL after upgrading it from Xenial to Bionic. So the overall scenario was, upgrade from Xenial to Bionic and then add SSL to Nagios.

However, we got the same result when we performed these steps and upgraded to Bionic - The access_compat module is enabled and loaded by default.

Changed in charm-nagios:
assignee:	nobody → Mohammed Alhabib (alhama7a)
status:	Triaged → Incomplete

Revision history for this message

Nikita Koltsov (nkoltsov) wrote on 2023-07-03:

I tested it as well and I believe the issue was caused by series upgrade. So this is very complex scenario to reproduce and I believe the bug could be closed.

Revision history for this message

Eric Chen (eric-chen) wrote on 2023-09-05:

Based on Nikita's comment, let's close the bug.

tags:	removed: good-first-bug
Changed in charm-nagios:
status:	Incomplete → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.