Update_ood_portal Not working as expected in ODD 3

Hello,

We’re trying to install OOD v3.0.1 from scratch on a fresh system, but it seems that restarting the httpd service which triggers the /opt/ood/ood-portal-generator/sbin/update_ood_portal does not generate/update the /etc/httpd/conf.d/ood-portal.conf file properly. Below is a simple ood_portal.yml file with servername and SSL lines (the hostname and filenames are concealed):

servername: ondemand.<...>.edu
ssl:
  - 'SSLEngine on'
  - 'SSLCertificateFile "path/to/file.cer"'
  - 'SSLCertificateKeyFile "/path/to/file.key"'

Now when I restart the httpd service or run /opt/ood/ood-portal-generator/sbin/update_ood_portal directly, I only see the following lines in the /etc/httpd/conf.d/ood-portal.conf:

<VirtualHost *:*>
  ServerName ondemand.hpcc.ttu.edu

  RewriteEngine On
  RewriteCond %{REQUEST_URI} !/public/need_auth.html
  RewriteRule ^.*$ /public/need_auth.html [R=301,L]

  # Only public assets enabled in this mode.
  # If you're reading this message you need to setup authentication: https://osc.github.io/ood-documentation/latest/authentication.html
  Alias "/public" "/var/www/ood/public"
  <Directory "/var/www/ood/public">
    Options FollowSymLinks
    AllowOverride None
    Require all granted
  </Directory>
</VirtualHost>

Also, the httpd service fails with the following lines:

systemd[1]: Starting The Apache HTTP Server...
update_ood_portal[2268222]: No change in Apache config.
httpd[2268238]: AH00526: Syntax error on line 85 of /etc/httpd/conf.d/ssl.conf:
httpd[2268238]: SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty
systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
systemd[1]: httpd.service: Failed with result 'exit-code'.
systemd[1]: Failed to start The Apache HTTP Server.

This basically means the configuration in ood-portal.conf is not correct to suppress the ssl.conf.

I’m not sure what we’re missing here. We didn’t have this issue on OOD2 with the same instructions we followed on this page.

Hey sorry for the trouble.

Reading this I’m a bit confused, what is the 'SSLEngine on' doing? I’ve not seen that before. What happens when you remove that line, and issue the update_ood_portal command followed by the httpd restart?

Which OS are you using for this?

Thanks for the quick response. So, I removed the SSLEngine on from /etc/ood/config/ood_portal.yml and issued the update_ood_portal command and nothing changed:

# /opt/ood/ood-portal-generator/sbin/update_ood_portal
No change in Apache config.
Completed successfully!

Restarting the httpd.service doesn’t help either. I’m not sure whether update_ood_portal picks up the correct file.

We’re using Rocky 8.6.

Hello,

Any update on this? I managed to remove and reinstall ondemand package and all the dependencies and still have the same issue. The update_ood_portal does not work as it used to be in v2. I will dig down further to see if I can find anything.

All I know so far is that the update_ood_portal does not pick up the ssl line from ood_portal.yml:

[root@ondemand]# grep -v "#\|^[[:space:]]*$" /etc/ood/config/ood_portal.yml
---
servername: ondemand.<...>.edu
ssl:
  - 'SSLCertificateFile "/path/to/Cert.cer"'
  - 'SSLCertificateKeyFile "/path/to/Key.key"'

The server name and SSL certificate/Key are fine and were working in OODv2. Are there any changes in the syntax of the ood_portal.yml file in v3?

You need to setup authentication.

Basically - you need to setup auth before the system will move forward. It’ll continue to show you that page telling you you need to setup auth until you setup authentication.

I’ve reworked the documentation a bit so I’d ask if you can take a look and see if it reads better than it did before?

Hi Jeff,

Thanks for the response. I’ll move forward with setting up the auth and let you know if I run into any issues.

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.