Tranquil IT Forum

Contact us
at https://forum.tranquil.it/

Error 502 after update 2.6

https://forum.tranquil.it/viewtopic.php?t=4127

Page 1 of 2

Error 502 after update 2.6

Published: Dec 4, 2024 - 4:32 PM
by Sphinx
Good morning,

I updated our WAPT server to version 2.6 and I now have a 502 error on the web page and I can no longer log in to the admin console.

I followed this documentation: https://www.wapt.fr/fr/doc/wapt-server-upgrade.html

I'm stuck on the Keberos verification because I don't know how to enter credentials, but the configuration is theoretically correct. Here's the error message:

Code: Select all

{'success': False, 'groups': [], 'error': False, 'msg': 'Kerberos EGssApi: Failed to acquire credentials for specified user - No credentials were supplied, or the credentials were unavailable or inaccessible'}
- Installed WAPT version: upgraded from 2.5 to 2.6
- Server OS: Linux debian 12
- Operating system of the administration machine: Windows 11

Re: Error 502 after update 2.6

Published: Dec 5, 2024 - 10:17
by dcardon
Hello Sphinx,

are there any server-side logs? Is the Kerberos module properly loaded in Nginx? Did you successfully run the postconf? Are you using a DNS name to connect? Do you receive a service ticket on the client side when you try to connect, etc.?

The WAPT server's web interface is now protected by authentication (login/password or Kerberos).

Was the Kerberos configuration working before?

Best regards,

Denis

Re: Error 502 after update 2.6

Published: Dec 5, 2024 - 10:59
by Sphinx
Hello,

I reverted to a previous snapshot to continue using WAPT while I try to figure out what's wrong, but I'm going to try the update again to see if there's anything in the logs and if the Kerberos module loads correctly.

I followed the documentation for the update carefully, and I even had to add the line `dns_lookup_realm = true` to `/etc/krb5.conf`. I also ran the postconf script.

What do you mean by "a client-side service ticket"?

And yes, Kerberos works perfectly in version 2.5.

Thank you for your help!

Re: Error 502 after update 2.6

Published: Dec 5, 2024 - 12:08 PM
by fschelfaut
Good morning,

Once you upgraded to WAPT version 2.6, did you run the following script? /opt/wapt/waptserver/scripts/testing-ldap-connectivity.sh
It allows you to test and validate the WAPT server configuration!

In your file krb5.conf Do you only have these settings? (Everything else can be removed):

Code: Select all

[libdefaults]
  default_realm = MYDOMAIN.LAN
  dns_lookup_kdc = true
  dns_lookup_realm = true
Flavien,

Re: Error 502 after update 2.6

Published: Dec 5, 2024 - 4:07 PM
by Sphinx
Good morning,

Yes, I was referring to the script /opt/wapt/waptserver/scripts/testing-ldap-connectivity.sh when I mentioned this error in my first message:
I'm stuck on the Keberos verification because I don't know how to enter credentials, but the configuration is theoretically correct. Here's the error message:

Code: Select all

{'success': False, 'groups': [], 'error': False, 'msg': 'Kerberos EGssApi: Failed to acquire credentials for specified user - No credentials were supplied, or the credentials were unavailable or inaccessible'}

As I said, I had to add the line "dns_lookup_realm = true" to krb5.conf, the other two were already present.
When you say I can delete everything else, is it recommended to do so? Because I have lines after in my current configuration.

Thank you for your help

Re: Error 502 after update 2.6

Published: Dec 10, 2024 - 3:29 PM
by Sphinx
Good morning,

I tried running the update again and I'm getting this error in the waptserver logs:

Code: Select all

 UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 1199: ordinal not in range(128)

Re: Error 502 after update 2.6

Published: Dec 10, 2024 - 4:37 PM
by dcardon
Hello Sphinx,

this message lacks some context. There must be other things on the line; what comes before/after?

Regards,

Denis

Re: Error 502 after update 2.6

Published: Dec 10, 2024 - 5:19 PM
by Sphinx
Yes, I have those lines above

Code: Select all

2024-12-10T15:14:37.911627+01:00 SRVWAPT waptserver[55255]: WaptMemcache server started on port 11212
2024-12-10T15:14:37.911785+01:00 SRVWAPT waptserver[55255]: 2024-12-10T14:14:36
2024-12-10T15:14:37.911813+01:00 SRVWAPT waptserver[55255]: OK started
2024-12-10T15:14:37.911833+01:00 SRVWAPT waptserver[55255]: Keys Count 1
2024-12-10T15:14:37.911847+01:00 SRVWAPT waptserver[55255]: UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 1199: ordinal not in range(128)
2024-12-10T15:18:34.814776+01:00 SRVWAPT waptserver[612]: Traceback (most recent call last):
2024-12-10T15:18:34.814855+01:00 SRVWAPT waptserver[612]:   File "<string>", line 92, in <module>
2024-12-10T15:18:34.814890+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/waptserver/model.py", line 52, in <module>
2024-12-10T15:18:34.815140+01:00 SRVWAPT waptserver[612]:     from waptserver.app import app
2024-12-10T15:18:34.815172+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/waptserver/app.py", line 36, in <module>
2024-12-10T15:18:34.815468+01:00 SRVWAPT waptserver[612]:     app = FlaskApp(__name__, static_folder='./templates/static')
2024-12-10T15:18:34.815508+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/waptserver/app.py", line 28, in __init__
2024-12-10T15:18:34.815518+01:00 SRVWAPT waptserver[612]:     self.conf = load_config()
2024-12-10T15:18:34.815527+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/waptserver/config.py", line 203, in load_config
2024-12-10T15:18:34.815994+01:00 SRVWAPT waptserver[612]:     _config.read(cfgfile)
2024-12-10T15:18:34.816027+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/lib/python3.9/configparser.py", line 697, in read
2024-12-10T15:18:34.816936+01:00 SRVWAPT waptserver[612]:     self._read(fp, filename)
2024-12-10T15:18:34.816984+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/lib/python3.9/configparser.py", line 1020, in _read
2024-12-10T15:18:34.817155+01:00 SRVWAPT waptserver[612]:     for lineno, line in enumerate(fp, start=1):
2024-12-10T15:18:34.817196+01:00 SRVWAPT waptserver[612]:   File "/opt/wapt/lib/python3.9/encodings/ascii.py", line 26, in decode
2024-12-10T15:18:34.817638+01:00 SRVWAPT waptserver[612]:     return codecs.ascii_decode(input, self.errors)[0]
2024-12-10T15:18:34.817676+01:00 SRVWAPT waptserver[612]: UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 1199: ordinal not in range(128)

Re: Error 502 after update 2.6

Published: Dec 17, 2024 - 3:56 PM
by Sphinx
Hello,

I'm writing to bring up my problem again.
Does anyone have any idea what might be causing it?

Sincerely.

Re: Error 502 after update 2.6

Published: Dec 17, 2024 - 5:43 PM
by htouvet
It looks like a waptserver.ini file that isn't encoded in UTF-8 but contains non-ASCII characters?
Are there any accented characters or anything like that in your server configuration file?
Time zone set to UTC+02:00
Page 1 of 2

Developed by phpBB® Forum Software © phpBB Limited

Official French translation © Qiaeru