Enviroment

• Cb Response 5.2.x
• Cb Response 6.1.x

Issue

Unable to access the UI after changing over to a signed cert or port 8443 for the UI

Steps

1. Verify that all changes have been made here: Migrating to a 5.2/6.1 Multihome Configuration File
2. Verify this change has been made in the master configuration file /etc/cb/cb.conf. Add this line if it doesn't exist:
   

   NginxWebApiHttpPort=8443

   Note: Services need to be restarted if you have made any configuration changes to /etc/cb/cb.conf

3. Verify that iptables has the allow rule to permit 8443 traffic through
   

   /usr/share/cb/cbcheck iptables -a

   1. Check that this line is present in /etc/sysconfig/iptables:
      

      -A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT

      Note: This line should be before the default deny lines

      Note: 443 traffic should still be permitted for sensor traffic

   2. Restart services to commit changes if needed:
      

      service iptables reload

4. If cb-nginx won't start, check the bottom of /var/log/cb/nginx/startup.log for errors:
   

   tail /var/log/cb/nginx/startup.log

Note: Multihome configurations are not necessary on the minions