Ood_portal.yml SSL entries not working

I add the following lines to odd_portal.yml, but etc/httpd/conf.d/ood-portal.conf does not get updated in any way when I run /opt/ood/ood-portal-generator/sbin/update_ood_portal. What am I doing wrong?


  • ‘SSLCertificateFile “/etc/pki/tls/certs/ood.bucknell.edu.crt”’
  • ‘SSLCertificateKeyFile “/etc/pki/tls/private/ood.bucknell.edu.key”’
  • ‘SSLCertificateChainFile “/etc/pki/tls/certs/intermediate.crt”’

Hi and welcome!

There’s logic in update_ood_portal such that we won’t replace ood-portal.conf if it’s been edited outside of that library. That is, we believe you’ve edited ood-portal.conf by hand.

You can use -f option in update_ood_portal to force an update.

Hi Jeff,

Even with “-f” it says config hasn’t changed and does not process the SSL lines:

[root@ood ~]# /opt/ood/ood-portal-generator/sbin/update_ood_portal -f
No change in Apache config.
Completed successfully!
[root@ood ~]# more /etc/httpd/conf.d/ood-portal.conf
<VirtualHost :>
ServerName ood.bucknell.edu

RewriteEngine On
RewriteCond %{REQUEST_URI} !/public/need_auth.html
RewriteRule ^.*$ /public/need_auth.html [R=301,L]

Only public assets enabled in this mode.

If you’re reading this message you need to setup authentication: https://osc.github.io/ood-documentation/latest/authe

Alias “/public” “/var/www/ood/public”
<Directory “/var/www/ood/public”>
Options FollowSymLinks
AllowOverride None
Require all granted

All that is uncommented in /etc/ood/config/ood_portal.yml is:

servername: ood.bucknell.edu

  • ‘SSLCertificateFile “/etc/pki/tls/certs/ood.bucknell.edu.crt”’
  • ‘SSLCertificateKeyFile “/etc/pki/tls/private/ood.bucknell.edu.key”’
  • ‘SSLCertificateChainFile “/etc/pki/tls/certs/intermediate.crt”’

Any ideas?



I see. Yea, we’ll show you that page until you setup authentication. Specifically, the auth section of ood_portal.yml.

There is no default authentication and the system is basically useless without it, so it’s the first thing you need to setup.


I guess I’ll try setting up auth then



That helped, thanks!

Now I just need to get Shibboleth set up properly.


1 Like

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.