Rocky linux 8 new install Internal Server Error

perrymil · March 10, 2023, 2:23am

Hi,

New VM, running rocky linux VERSION=“8.7 (Green Obsidian)”

Ran through 1. Install Software From Package — Open OnDemand 2.0.20 documentation and installed ondemand-dex, created ood user

sudo groupadd ood
sudo useradd -d /home/ood -g ood -k /etc/skel -m ood

Browsed to the ip address of the server

hostIP/pun/sys/dashboard

Which shows an internal service error 500

I deleted the VM, and tried again just to be sure, but it shows the same error.

I have read a few of the support threads on here with similar problems and saw the recommendation to just go ahead and setup LDAP and skip the test user auth? Is that still current?

jeff.ohrstrom · March 10, 2023, 2:21pm

Hi and welcome!

Yea in 2.0 ondemand-dex being the default puts it into a weird state where you also need mod_auth_oidc which may not be installed.

What’s the error output from /var/log/httpd/error.log?

perrymil · March 10, 2023, 4:55pm

[Fri Mar 10 01:59:18.430419 2023] [auth_openidc:warn] [pid 10250:tid 140227985554880] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCProviderMetadataURL SHOULD be "https" for security reasons!
[Fri Mar 10 01:59:18.430436 2023] [auth_openidc:warn] [pid 10250:tid 140227985554880] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
[Fri Mar 10 01:59:51.296067 2023] [auth_openidc:warn] [pid 10254:tid 140227291105024] [client 10.96.10.55:51245] oidc_clean_expired_state_cookies: state (mod_auth_openidc_state_hy7bxXa0q9iUuPPGbiaydW4FeBA) has expired (original_url=http://10.96.14.194/pun/sys/dashboard)
[Fri Mar 10 01:59:51.296130 2023] [auth_openidc:warn] [pid 10254:tid 140227291105024] [client 10.96.10.55:51245] oidc_clean_expired_state_cookies: state (mod_auth_openidc_state_XyTukBdzP8FiG-9ZQfqs5zSOPIc) has expired (original_url=http://10.96.14.194/pun/sys/dashboard)
[Fri Mar 10 01:59:51.296175 2023] [auth_openidc:warn] [pid 10254:tid 140227291105024] [client 10.96.10.55:51245] oidc_clean_expired_state_cookies: state (mod_auth_openidc_state_bPtqevnQGnTsq7LPNE_8Lpv74vE) has expired (original_url=http://10.96.14.194/pun/sys/dashboard)
[Fri Mar 10 01:59:51.296194 2023] [auth_openidc:error] [pid 10254:tid 140227291105024] [client 10.96.10.55:51245] oidc_authenticate_user: the URL hostname (openondemand.novalocal) of the configured OIDCRedirectURI does not match the URL hostname of the URL being accessed (10.96.14.194): the "state" and "session" cookies will not be shared between the two!
[Fri Mar 10 02:00:33.091556 2023] [auth_openidc:warn] [pid 10623:tid 140682835258816] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCProviderMetadataURL SHOULD be "https" for security reasons!
[Fri Mar 10 02:00:33.091567 2023] [auth_openidc:warn] [pid 10623:tid 140682835258816] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
[Fri Mar 10 02:00:39.527930 2023] [auth_openidc:error] [pid 10627:tid 140682140808960] [client 10.96.10.55:64209] oidc_authenticate_user: the URL hostname (openondemand.novalocal) of the configured OIDCRedirectURI does not match the URL hostname of the URL being accessed (10.96.14.194): the "state" and "session" cookies will not be shared between the two!
[Fri Mar 10 02:07:12.236410 2023] [auth_openidc:warn] [pid 11436:tid 140645509582272] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCProviderMetadataURL SHOULD be "https" for security reasons!
[Fri Mar 10 02:07:12.236427 2023] [auth_openidc:warn] [pid 11436:tid 140645509582272] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
[Fri Mar 10 02:15:16.897521 2023] [auth_openidc:warn] [pid 11762:tid 140381199134144] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCProviderMetadataURL SHOULD be "https" for security reasons!
[Fri Mar 10 02:15:16.897538 2023] [auth_openidc:warn] [pid 11762:tid 140381199134144] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
[Fri Mar 10 02:16:04.859962 2023] [auth_openidc:warn] [pid 12002:tid 140064914230720] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCProviderMetadataURL SHOULD be "https" for security reasons!
[Fri Mar 10 02:16:04.859974 2023] [auth_openidc:warn] [pid 12002:tid 140064914230720] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
[Fri Mar 10 02:17:30.508287 2023] [auth_openidc:warn] [pid 12007:tid 140063975401216] [client 10.96.10.55:36339] oidc_clean_expired_state_cookies: state (mod_auth_openidc_state_ICYxiE-0MbEDimz0OxopmRnbf_s) has expired (original_url=http://10.96.14.194/pun/sys/dashboard)
[Fri Mar 10 02:17:30.508358 2023] [auth_openidc:warn] [pid 12007:tid 140063975401216] [client 10.96.10.55:36339] oidc_clean_expired_state_cookies: state (mod_auth_openidc_state_NGx0Zkq0rIeAsjQoqBELoobxs1Q) has expired (original_url=http://10.96.14.194/pun/sys/dashboard)
[Fri Mar 10 02:17:30.508376 2023] [auth_openidc:error] [pid 12007:tid 140063975401216] [client 10.96.10.55:36339] oidc_authenticate_user: the URL hostname (openondemand.novalocal) of the configured OIDCRedirectURI does not match the URL hostname of the URL being accessed (10.96.14.194): the "state" and "session" cookies will not be shared between the two!
[Fri Mar 10 02:20:35.747013 2023] [auth_openidc:error] [pid 12007:tid 140063933437696] [client 10.96.10.55:48210] oidc_authenticate_user: the URL hostname (openondemand.novalocal) of the configured OIDCRedirectURI does not match the URL hostname of the URL being accessed (10.96.14.194): the "state" and "session" cookies will not be shared between the two!

jeff.ohrstrom · March 10, 2023, 5:13pm

I think you need to set the servername in /etc/ood/config/ood_portal.yml. Once you do this, bounce httpd and see if you have the same errors.

# /etc/ood/config/ood_portal.yml
servername: 'openondemand.novalocal'

Note that you should also access apache through that servername. That is, you use that servername in the browser when you try to access the site.

system · September 6, 2023, 5:14pm

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Ondemand httpd ssl issue Get Help	6	494	April 20, 2024
Internal Server Error After Fresh Install Get Help	47	3682	September 10, 2022
Internal Server error on fresh install RHEL9 Get Help question	2	146	August 5, 2024
Installing Open OnDemand with LDAP for Authentication Get Help	7	392	December 16, 2024
Error internal 500 after change servername and adding certificates Get Help	6	341	December 6, 2023

Rocky linux 8 new install Internal Server Error

Related topics