Page 1 of 1
Daemon won't start after enabled HTTPS
Posted: January 4th, 2015, 6:27 pm
by squareatom
Trying to get SSL working but not having much luck. I followed the guide @
http://wiki.sabnzbd.org/https. However, when I try to start back up the daemon it fails with nothing in log. Any suggestions?
-thanks
Re: Daemon won't start after enabled HTTPS
Posted: January 5th, 2015, 9:01 am
by shypike
Operating system?
Re: Daemon won't start after enabled HTTPS
Posted: January 5th, 2015, 11:46 am
by squareatom
$ lsb_release -d
Description: Ubuntu 14.04.1 LTS
$ sudo apt-get install python-openssl
Reading package lists... Done
Building dependency tree
Reading state information... Done
python-openssl is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
$ grep -i '^http' ~/.sabnzbd/sabnzbd.ini; echo; ls -l ~/.sabnzbd/admin/host*
https_port = 9090
https_key = /home/foobar/.sabnzbd/admin/host.key
https_cert = /home/foobar/.sabnzbd/admin/host.cert
https_chain = ""
-rw------- 1 foobar foobar 875 Jan 4 17:51 /home/foobar/.sabnzbd/admin/host.cert
-rw------- 1 foobar foobar 887 Jan 4 17:51 /home/foobar/.sabnzbd/admin/host.key
EDIT: added config info
Re: Daemon won't start after enabled HTTPS
Posted: January 12th, 2015, 6:33 pm
by nock
Have you tried doing it manually in the sabnzbd.ini ?
check that the https port 9090 actually are present, and that username and pw are set ?
Re: Daemon won't start after enabled HTTPS
Posted: January 13th, 2015, 7:12 am
by shypike
Did you enter a port number for HTTP and for HTTPS?
You can set logging level to "Debug", on the Status page or from the command line: -l2 (minus elle two),
that might show some more info.
Re: Daemon won't start after enabled HTTPS
Posted: January 13th, 2015, 6:36 pm
by squareatom
nock wrote:Have you tried doing it manually in the sabnzbd.ini ?
check that the https port 9090 actually are present, and that username and pw are set ?
This is for the GUI not the nntp server.
shypike wrote:Did you enter a port number for HTTP and for HTTPS?
You can set logging level to "Debug", on the Status page or from the command line: -l2 (minus elle two),
that might show some more info.
Yes i'm using 2 different ports for http and https. Logging is also already set to debug.
Code: Select all
https_port = 9090
https_key = /home/foobar/.sabnzbd/admin/host.key
port = 8080
ssl_type = v23
enable_https = 1
https_cert = /home/foobar/.sabnzbd/admin/host.cert
https_chain = ""
Still not getting anything from logs but here's a snip from strace.
$ sudo strace /usr/bin/python -OO /usr/bin/sabnzbdplus --daemon -l2 --pidfile /var/run/sabnzbdplus/pid
...
...
stat64("/usr/share/sabnzbdplus/cherrypy/process/socket", 0xbfb1b020) = -1 ENOENT (No such file or directory)
open("/usr/share/sabnzbdplus/cherrypy/process/socket.i386-linux-gnu.so", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
open("/usr/share/sabnzbdplus/cherrypy/process/socket.so", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
open("/usr/share/sabnzbdplus/cherrypy/process/socketmodule.so", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
open("/usr/share/sabnzbdplus/cherrypy/process/socket.py", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
open("/usr/share/sabnzbdplus/cherrypy/process/socket.pyo", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
fcntl64(3, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(9090), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now in progress)
poll([{fd=3, events=POLLOUT}], 1, 1000) = 1 ([{fd=3, revents=POLLOUT}])
getsockopt(3, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
close(3) = 0
gettimeofday({1421191289, 836307}, NULL) = 0
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
rt_sigaction(SIGINT, {SIG_DFL, [], 0}, {0x809472f, [], 0},
= 0
exit_group(2) = ?
+++ exited with 2 +++
Re: Daemon won't start after enabled HTTPS
Posted: January 13th, 2015, 9:09 pm
by sander
Why do you have host.key / host.cert (and with path), whereas my sabnzbd.ini says server.key / server.key (without path)?
Did you change that yourself?
Are you trying to use your own certificates?
Code: Select all
$ cat sabnzbd.ini | grep -e https -e ssl_type
https_port = 9090
https_key = server.key
https_chain = ""
ssl_type = v23
https_cert = server.cert
enable_https = 1
Re: Daemon won't start after enabled HTTPS
Posted: January 13th, 2015, 10:37 pm
by squareatom
sander wrote:Why do you have host.key / host.cert (and with path), whereas my sabnzbd.ini says server.key / server.key (without path)?
Did you change that yourself?
Are you trying to use your own certificates?
Code: Select all
$ cat sabnzbd.ini | grep -e https -e ssl_type
https_port = 9090
https_key = server.key
https_chain = ""
ssl_type = v23
https_cert = server.cert
enable_https = 1
It's just absolute path vs relative. They point to the same files.
Yes I changed path myself and yes i generated the certs as there were none. I tried cert/key without path and same result. Daemon doesn't start...
Re: Daemon won't start after enabled HTTPS
Posted: January 14th, 2015, 9:21 am
by sander
Ah. So we don't know if 1) it's a system/library problem or 2) a "i made my own key" problem.
I would do this:
1) Stop SABnzbd
2) Create a new user, login as that user, start SABnzbd with "sabnzbdplus" (no extra parameters!!!).
3) That should start the SABnzbd Wizard. Fill out the Wizard. In the Wizard, check the check box "Enable HTTPS access to SABnzbd."
4) Then check if HTTPS is working.
Re: Daemon won't start after enabled HTTPS
Posted: January 17th, 2015, 10:06 am
by squareatom
sander wrote:Ah. So we don't know if 1) it's a system/library problem or 2) a "i made my own key" problem.
I would do this:
1) Stop SABnzbd
2) Create a new user, login as that user, start SABnzbd with "sabnzbdplus" (no extra parameters!!!).
3) That should start the SABnzbd Wizard. Fill out the Wizard. In the Wizard, check the check box "Enable HTTPS access to SABnzbd."
4) Then check if HTTPS is working.
Still same thing. The certs weren't created either. What OS are you running?
Re: Daemon won't start after enabled HTTPS
Posted: January 17th, 2015, 11:33 am
by sander
I'm running Ubuntu.
I did my instruction on my system, and it worked: the server.* files were creates somewhere between the end of the wizard (in which I clicked "Enable HTTPS access to SABnzbd.") and SABnzbd restarting:
Code: Select all
$ ll /home/superman/.sabnzbd/admin/server*
-rw-rw-r-- 1 superman superman 631 jan 17 17:21 /home/superman/.sabnzbd/admin/server.cert
-rw-rw-r-- 1 superman superman 916 jan 17 17:21 /home/superman/.sabnzbd/admin/server.key
and I can then access
https://localhost:9090/sabnzbd (althought with the usual "untrusted" warning).
I checked sabnzbd.log, but there is no indication/logging about the certificate usage, so sabnzbd.log won't help you. ... Unless you see errors there?
Re: Daemon won't start after enabled HTTPS
Posted: September 23rd, 2015, 9:23 am
by Vorkbaard
Did you ever get this fixed? I'm running into the same problem. Using bought certificates which work fine on my web server.
Re: Daemon won't start after enabled HTTPS
Posted: September 23rd, 2015, 11:21 am
by squareatom
Nope, I gave up. Using nginx now, so this is a non issue.
Re: Daemon won't start after enabled HTTPS
Posted: September 23rd, 2015, 12:52 pm
by Vorkbaard
I'm going to try and figure it out; I hope you don't mind my stealing your topic.
It works if I copy my bought (i.e. non-self-signed) certificate files over the stock files. I think it's a permissions issue; will post back if I found a solution.