I’m testing a fresh install of OnDemand v3 on RHEL9. When I try to launch the login screen I get an HTTP 500 error (Internal Server Error). I’m using dex (ldap) and checked the apache error logs for the OOD instance and this is all I’m showing. I don’t see anything being created in the ondemand-nginx logs folder.
[Tue Feb 06 20:21:08.735446 2024] [auth_openidc:error] [pid 15110:tid 15301] [client 10.0.0.160:41248] oidc_util_http_call: curl_easy_perform() failed on: https://ood.REDACTED/dex/.well-known/openid-configuration ()
[Tue Feb 06 20:21:08.735480 2024] [auth_openidc:error] [pid 15110:tid 15301] [client 10.0.0.160:41248] oidc_provider_static_config: could not retrieve metadata from url: https://ood.REDACTED/dex/.well-known/openid-configuration
This is the /etc/ood/config/ood_portal.yml file
servername: {{REDACTED}
# Default based on if ssl key for ood-portal-generator is defined
# Only used if SSL is disabled
# Only used if SSL is enabled
# tls_cert and tls_key take OnDemand configured values for ssl and copy keys to /etc/ood/dex maintaining file names
# Client ID, defaults to servername or FQDN
# Client secret, value auto generated
# A value that is a filesystem path can be used to store secret in a file
# The OnDemand redirectURI is auto-generated, this option allows adding additional URIs
# Additional Dex OIDC clients to configure
# The following example is to configure OpenLDAP
# Docs: https://github.com/dexidp/dex/blob/master/Documentation/connectors/ldap.md
ssl:
- 'SSLCertificateFile "/etc/ssl/private/cert.crt"'
- 'SSLCertificateKeyFile "/etc/ssl/private/private_key.key"'
dex_uri: /dex
dex:
ssl: true
connectors:
- type: ldap
id: ldap
name: LDAP
config:
host: {{REDACTED}
insecureSkipVerify: false
insecureNoSSL: true
bindDN: CN=Admin,OU=Users,OU=hpclab,DC=hpclab,DC=local
bindPW: {{REDACTED}
userSearch:
baseDN: dc=hpclab,dc=local
filter: "(objectClass=user)"
username: name
idAttr: name
emailAttr: name
nameAttr: name
preferredUsernameAttr: name
host_regex: '[^/]+'
node_uri: '/node'
rnode_uri: '/rnode'
user_map_cmd: '/etc/ood/add_user.sh'