[Solved] Installation: HTTPS setup broke my install

Unimus support forum
Post Reply
ben
Posts: 8
Joined: Tue Apr 06, 2021 11:12 pm

Tue Apr 06, 2021 11:44 pm

Hello,

I am a bit of a beginner with these things so thank you for being patient if I ask silly questions.

I started setting up this application on an Ubuntu 20.04 server yesterday. I was able to make the application run and complete the Setup Wizard (and a custom schedule), but the next thing I tried to tackle was setting up HTTPS following this: https://wiki.unimus.net/display/UNPUB/U ... igned+cert

I am using OpenJDK-11 and after I generated the keystore and entered the config in /etc/default/unimus, I restarted the service and when I loaded the webpage I got this error:

Failed to load the widgetset: ./VAADIN/widgetsets/AppWidgetset/AppWidgetset.nocache.js?1617742624564

After this, I was unable to load the program. I tried reversing these changes and couldn't load it anymore in http either.

Here are some logs that I found but I'm not sure if these are relevant or if I should be looking somewhere else for logs (please advise):

Code: Select all

systemctl status unimus

unimus@UNIMUS1:~$ sudo systemctl status unimus.service
● unimus.service - Unimus Server
     Loaded: loaded (/etc/systemd/system/unimus.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2021-04-06 16:25:00 PDT; 4min 14s ago
   Main PID: 4724 (java)
      Tasks: 65 (limit: 2315)
     Memory: 426.7M
     CGroup: /system.slice/unimus.service
             └─4724 /usr/bin/java -Xms256M -Xmx768M -Djava.security.egd=file:/dev/./urandom -Dserver.ssl.key-store=/opt/unimus/unimus.keystore.p12 -Dserver.ssl.k>

Apr 06 16:25:41 UNIMUS1 bash[4724]: 2021-04-06 16:25:41.754  INFO 4724 --- [uest-delivery-2] .h.ThreadPoolConfigurationRequestHandler : Configuring thread pool(s>
Apr 06 16:25:41 UNIMUS1 bash[4724]: 2021-04-06 16:25:41.753  INFO 4724 --- [uest-delivery-1] n.u.c.a.h.UpdateLogLevelRequestHandler   : Updating logging level to>
Apr 06 16:25:41 UNIMUS1 bash[4724]: 2021-04-06 16:25:41.758  INFO 4724 --- [cTaskExecutor-1] n.u.s.b.boot.step.LicenseKeyValidation   : Validating license key
Apr 06 16:25:41 UNIMUS1 bash[4724]: 2021-04-06 16:25:41.797  INFO 4724 --- [e-rsp-handler-1] .u.b.c.s.h.UpdateLogLevelResponseHandler : Core logging level has be>
Apr 06 16:25:43 UNIMUS1 bash[4724]: 2021-04-06 16:25:43.069  INFO 4724 --- [cTaskExecutor-1] n.u.s.b.boot.step.BootTcpServerStart     : Initializing Core connect>
Apr 06 16:25:43 UNIMUS1 bash[4724]: 2021-04-06 16:25:43.073  INFO 4724 --- [cTaskExecutor-1] n.unimus.business.core.OpManagementImpl  : Starting Core connection >
Apr 06 16:25:43 UNIMUS1 bash[4724]: 2021-04-06 16:25:43.279  INFO 4724 --- [pool-2-thread-1] n.u.b.sync.license.LicenseSyncerImpl     : License sync started
Apr 06 16:25:43 UNIMUS1 bash[4724]: 2021-04-06 16:25:43.630  INFO 4724 --- [pool-2-thread-1] n.u.b.sync.license.LicenseSyncerImpl     : License sync finished
Apr 06 16:25:43 UNIMUS1 bash[4724]: 2021-04-06 16:25:43.644  INFO 4724 --- [pool-2-thread-1] net.unimus.system.state.states.OkState   : Unimus is ready; enjoy th>
Apr 06 16:25:43 UNIMUS1 bash[4724]: 2021-04-06 16:25:43.695  INFO 4724 --- [pool-2-thread-1] net.unimus.business.scheduler.Scheduler  : Scheduling 'discovery / 
It seems the logs always stop at "scheduling" when I try to print the service status.

Code: Select all

cat /var/log/unimus/unimus.log

2021-04-06 16:25:07.801  INFO 4724 --- [main] n.unimus.starter.composite.Application   : Starting Application v2.0.13 on UNIMUS1 with PID 4724 (/opt/unimus/Unimus.jar started by root in /opt/unimus)
2021-04-06 16:25:07.811  INFO 4724 --- [main] n.unimus.starter.composite.Application   : The following profiles are active: jar,composite,unimus,core,unix,unimus-unix
2021-04-06 16:25:15.080  INFO 4724 --- [main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8085 (https)
2021-04-06 16:25:36.361  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.LoggingPathAccessibility  : Checking logging subsystem
2021-04-06 16:25:36.377  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.DatabaseConnectionCheck   : Testing database connection
2021-04-06 16:25:36.856  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.DatabaseConnectionCheck   : Database connection test passed
2021-04-06 16:25:36.865  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.boot.step.DatabaseUpdate         : Connecting to database (HSQL, jdbc:hsqldb:file:///etc/unimus/hsql/db;hsqldb.tx=mvcc)
2021-04-06 16:25:36.875  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.boot.step.DatabaseUpdate         : Updating database schema
2021-04-06 16:25:38.001  INFO 4724 --- [main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8085 (https)
2021-04-06 16:25:38.026  INFO 4724 --- [main] n.unimus.starter.composite.Application   : Started Application in 36.055 seconds (JVM running for 37.184)
2021-04-06 16:25:39.842  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.boot.step.DatabaseUpdate         : Database schema updated successfully
2021-04-06 16:25:41.096  INFO 4724 --- [SimpleAsyncTaskExecutor-1] net.unimus.business.database.Database    : Executing CHECKPOINT command for HSQL database.
2021-04-06 16:25:41.251  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.EncryptionKeyValidation   : Validating database encryption key
2021-04-06 16:25:41.337  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.DatabaseDataValidation    : Validating database data integrity
2021-04-06 16:25:41.577  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.InternalInitialization    : Initializing internal services
2021-04-06 16:25:41.753  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.b.step.InternalInitialization    : Internal initialization completed
2021-04-06 16:25:41.754  INFO 4724 --- [core-request-delivery-2] .h.ThreadPoolConfigurationRequestHandler : Configuring thread pool(s) to 'ThreadPoolConfigurationRequest(opId=6omit9, zoneId=Zomit6, discoveryThreadPoolConfig=ThreadPoolConfig(coreSize=100, maxSize=100, keepAliveSecs=60), backupThreadPoolConfig=ThreadPoolConfig(coreSize=100, maxSize=100, keepAliveSecs=60), pushThreadPoolConfig=ThreadPoolConfig(coreSize=100, maxSize=100, keepAliveSecs=60), scanThreadPoolConfig=ThreadPoolConfig(coreSize=20, maxSize=20, keepAliveSecs=60))'
2021-04-06 16:25:41.753  INFO 4724 --- [core-request-delivery-1] n.u.c.a.h.UpdateLogLevelRequestHandler   : Updating logging level to 'INFO'
2021-04-06 16:25:41.758  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.boot.step.LicenseKeyValidation   : Validating license key
2021-04-06 16:25:41.797  INFO 4724 --- [core-rsp-handler-1] .u.b.c.s.h.UpdateLogLevelResponseHandler : Core logging level has been set to 'INFO' for zone with number '0'
2021-04-06 16:25:43.069  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.u.s.b.boot.step.BootTcpServerStart     : Initializing Core connection server
2021-04-06 16:25:43.073  INFO 4724 --- [SimpleAsyncTaskExecutor-1] n.unimus.business.core.OpManagementImpl  : Starting Core connection server on port '5509'
2021-04-06 16:25:43.279  INFO 4724 --- [pool-2-thread-1] n.u.b.sync.license.LicenseSyncerImpl     : License sync started
2021-04-06 16:25:43.630  INFO 4724 --- [pool-2-thread-1] n.u.b.sync.license.LicenseSyncerImpl     : License sync finished
2021-04-06 16:25:43.644  INFO 4724 --- [pool-2-thread-1] net.unimus.system.state.states.OkState   : Unimus is ready; enjoy the application :)
2021-04-06 16:25:43.695  INFO 4724 --- [pool-2-thread-1] net.unimus.business.scheduler.Scheduler  : Scheduling 'discovery / backup' job 'At 12:02 AM, every day'
No logs appear after this point but I cannot connect to the application.

I also see these logs when I start the service (not sure if significant):

Code: Select all

sudo systemctl restart unimus
● unimus.service - Unimus Server
     Loaded: loaded (/etc/systemd/system/unimus.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2021-04-06 16:36:35 PDT; 28s ago
   Main PID: 5023 (java)
      Tasks: 28 (limit: 2315)
     Memory: 354.9M
     CGroup: /system.slice/unimus.service
             └─5023 /usr/bin/java -Xms256M -Xmx768M -Djava.security.egd=file:/dev/./urandom -Dserver.ssl.key-store=/opt/unimus/unimus.keystore.p12 -Dserver.ssl.keyAlias=unimus -Dserver.ssl.key-store-password=omitted -jar /opt/unimus/Unimus.jar

Apr 06 16:36:42 UNIMUS1 bash[5023]: \___,___/ /_/ /_/ /_/ /_/ /_/ /_/  \__,_/ /____/
Apr 06 16:36:42 UNIMUS1 bash[5023]: :: © 2016-2021 NetCore j.s.a. :: version 2.0.13 ::
Apr 06 16:36:43 UNIMUS1 bash[5023]: 2021-04-06 16:36:43.029  INFO 5023 --- [           main] n.unimus.starter.composite.Application   : Starting Application v2.0>
Apr 06 16:36:43 UNIMUS1 bash[5023]: 2021-04-06 16:36:43.053  INFO 5023 --- [           main] n.unimus.starter.composite.Application   : The following profiles ar>
[u]Apr 06 16:36:47 UNIMUS1 bash[5023]: WARNING: An illegal reflective access operation has occurred
Apr 06 16:36:47 UNIMUS1 bash[5023]: WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils$1 (jar:file:/opt/unimus/Unimus.jar!/BOOT-IN>
Apr 06 16:36:47 UNIMUS1 bash[5023]: WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils$1
Apr 06 16:36:47 UNIMUS1 bash[5023]: WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
Apr 06 16:36:47 UNIMUS1 bash[5023]: WARNING: All illegal access operations will be denied in a future release[/u]
I'm not sure where to look for more info. Any advice is appreciated. I'm excited to use the product!

Thanks,
Ben
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Wed Apr 07, 2021 12:07 am

Hello,

From the logs, everything looks OK. This part from the last log shows that the configuration is correct and being properly passed into Unimus:
/usr/bin/java -Xms256M -Xmx768M -Djava.security.egd=file:/dev/./urandom -Dserver.ssl.key-store=/opt/unimus/unimus.keystore.p12 -Dserver.ssl.keyAlias=unimus -Dserver.ssl.key-store-password=omitted -jar /opt/unimus/Unimus.jar
From the other log we can also see that Unimus does properly start on 8085 as HTTPS (not just plain HTTP):
Tomcat started on port(s): 8085 (https)
Started Application in 36.055 seconds (JVM running for 37.184)
So with your current setup, the problem should not be server-side.

Could you maybe try to open https://your.server.address.here:8085 in a Private / Incognito window to avoid cache issues? Does that work or show the same error?
ben
Posts: 8
Joined: Tue Apr 06, 2021 11:12 pm

Wed Apr 07, 2021 3:29 pm

Hello Thomas,

Thank you for your response.

I tried connecting the following ways with the same result (Unable to Connect):

From my workstation:
Using Firefox
Firefox incognito
Internet Explorer (I can hear the booing)

Also I tried on the server using Firefox

It looks like the discovery job tried to run as well (indicating some normal functionality):

-04-07 00:02:00.038 INFO 5023 --- [ qrtz--9] n.u.b.core.quartz.DiscoveryBackupJob : Looking for devices to

Here's a question:

The logs say that it is using Tomcat but I'm unable to find any Tomcat-specific logs (I think catalina.log is the common one) is that something I can find separately?

Thanks again,
Ben
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Wed Apr 07, 2021 3:41 pm

ben wrote:
Wed Apr 07, 2021 3:29 pm
The logs say that it is using Tomcat but I'm unable to find any Tomcat-specific logs (I think catalina.log is the common one) is that something I can find separately?
Unimus uses an embedded tomcat server - all logs are output the Unimus log file (/var/log/unimus)

Perhaps it would be best to investigate this directly - can you please create a Support Ticket on our Portal, and we can schedule a Zoom session to debug this.

Thanks!
ben
Posts: 8
Joined: Tue Apr 06, 2021 11:12 pm

Wed Apr 07, 2021 4:37 pm

Hi Thomas,

That'd be great. I dug up a little more interesting information as well while since our last communication so I'll share that when we connect in Zoom.

Thanks,
Ben
User avatar
Tomas
Posts: 1206
Joined: Sat Jun 25, 2016 12:33 pm

Wed Apr 07, 2021 7:09 pm

Just an update for anyone that finds this in the future: the issue was due to using the wrong port.
Post Reply