Internal Server error on fresh install RHEL9

Get Help
1

I’m testing a fresh install of OnDemand v3 on RHEL9. When I try to launch the login screen I get an HTTP 500 error (Internal Server Error). I’m using dex (ldap) and checked the apache error logs for the OOD instance and this is all I’m showing. I don’t see anything being created in the ondemand-nginx logs folder.

[Tue Feb 06 20:21:08.735446 2024] [auth_openidc:error] [pid 15110:tid 15301] [client 10.0.0.160:41248] oidc_util_http_call: curl_easy_perform() failed on: https://ood.REDACTED/dex/.well-known/openid-configuration ()
[Tue Feb 06 20:21:08.735480 2024] [auth_openidc:error] [pid 15110:tid 15301] [client 10.0.0.160:41248] oidc_provider_static_config: could not retrieve metadata from url: https://ood.REDACTED/dex/.well-known/openid-configuration

This is the /etc/ood/config/ood_portal.yml file

servername: {{REDACTED}
  # Default based on if ssl key for ood-portal-generator is defined
  # Only used if SSL is disabled
  # Only used if SSL is enabled
  # tls_cert and tls_key take OnDemand configured values for ssl and copy keys to /etc/ood/dex maintaining file names
  # Client ID, defaults to servername or FQDN
  # Client secret, value auto generated
  # A value that is a filesystem path can be used to store secret in a file
   # The OnDemand redirectURI is auto-generated, this option allows adding additional URIs
  # Additional Dex OIDC clients to configure
  # The following example is to configure OpenLDAP
  # Docs: https://github.com/dexidp/dex/blob/master/Documentation/connectors/ldap.md
ssl:
  - 'SSLCertificateFile "/etc/ssl/private/cert.crt"'
  - 'SSLCertificateKeyFile "/etc/ssl/private/private_key.key"'
dex_uri: /dex
dex:
    ssl: true
    connectors:
        - type: ldap
          id: ldap
          name: LDAP
          config:
            host: {{REDACTED}
            insecureSkipVerify: false
            insecureNoSSL: true
            bindDN: CN=Admin,OU=Users,OU=hpclab,DC=hpclab,DC=local
            bindPW: {{REDACTED}
            userSearch:
              baseDN: dc=hpclab,dc=local
              filter: "(objectClass=user)"
              username: name
              idAttr: name
              emailAttr: name
              nameAttr: name
              preferredUsernameAttr: name
host_regex: '[^/]+'
node_uri: '/node'
rnode_uri: '/rnode'
user_map_cmd: '/etc/ood/add_user.sh'
2

I figured it out eventually. I reviewed some errors in /var/log/audit/audit.log and realized I needed to install ondemand-selinux

1 Like