Enviroment
- Cb Response 5.2.x
- Cb Response 6.1.x
Issue
Unable to access the UI after changing over to a signed cert or port 8443 for the UI
Steps
- Verify that all changes have been made here: Migrating to a 5.2/6.1 Multihome Configuration File
- Verify this change has been made in the master configuration file /etc/cb/cb.conf. Add this line if it doesn't exist:
Note: Services need to be restarted if you have made any configuration changes to /etc/cb/cb.conf
- Verify that iptables has the allow rule to permit 8443 traffic through
/usr/share/cb/cbcheck iptables -a |
- Check that this line is present in /etc/sysconfig/iptables:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT |
Note: This line should be before the default deny lines
Note: 443 traffic should still be permitted for sensor traffic
- Restart services to commit changes if needed:
- If cb-nginx won't start, check the bottom of /var/log/cb/nginx/startup.log for errors:
tail /var/log/cb/nginx/startup.log |
Note: Multihome configurations are not necessary on the minions