https listener won't start
daenney opened this issue · comments
Daenney commented
2020-04-26 19:39:45.917 [error] [Plugins] Load plugin emqx_dashboard failed, cannot start plugin emqx_dashboard for {bad_return,^M
{{emqx_dashboard_app,^M
start,^M
[normal,^M
[]]},^M
{'EXIT',^M
{{{shutdown,^M
{failed_to_start_child,^M
ranch_acceptors_sup,^M
{listen_error,^M
'https:dashboard',^M
{options,^M
{verify,^M
"verify_none"}}}}},^M
{child,^M
undefined,^M
{ranch_listener_sup,^M
'https:dashboard'},^M
{ranch_listener_sup,^M
start_link,^M
['https:dashboard',^M
ranch_ssl,^M
#{connection_type =>^M
supervisor,^M
max_connections =>^M
512,^M
num_acceptors =>^M
4,^M
socket_opts =>^M
[{next_protocols_advertised,^M
[<<"h2">>,^M
<<"http/1.1">>]},^M
{alpn_preferred_protocols,^M
[<<"h2">>,^M
<<"http/1.1">>]},^M
{port,^M
18084},^M
{honor_cipher_order,^M
true},^M
{reuse_sessions,^M
true},^M
{secure_renegotiate,^M
false},^M
{verify,^M
"verify_none"},^M
{cacertfile,^M
"/etc/emqx/certs/chain.pem"},^M
{certfile,^M
"/etc/emqx/certs/cert.pem"},^M
{keyfile,^M
"/etc/emqx/certs/key.pem"},^M
{ciphers,^M
["ECDHE-ECDSA-AES128-GCM-SHA256",^M
"ECDHE-RSA-AES128-GCM-SHA256",^M
"ECDHE-ECDSA-AES256-GCM-SHA384",^M
"ECDHE-RSA-AES256-GCM-SHA384",^M
"ECDHE-ECDSA-CHACHA20-POLY1305",^M
"ECDHE-RSA-CHACHA20-POLY1305",^M
"DHE-RSA-AES128-GCM-SHA256",^M
"DHE-RSA-AES256-GCM-SHA384"]},^M
{versions,^M
['tlsv1.2']}]},^M
config:
##--------------------------------------------------------------------
## HTTPS Listener
## The port that the Dashboard HTTPS listener will bind.
##
## Value: Port
##
## Examples: 18084
dashboard.listener.https = 18084
## The acceptor pool for external Dashboard HTTPS listener.
##
## Value: Number
dashboard.listener.https.acceptors = 4
## Maximum number of concurrent Dashboard HTTPS connections.
##
## Value: Number
dashboard.listener.https.max_clients = 512
## Set up the socket for IPv6.
##
## Value: false | true
dashboard.listener.https.inet6 = false
## Listen on IPv4 and IPv6 (false) or only on IPv6 (true). Use with inet6.
##
## Value: false | true
dashboard.listener.https.ipv6_v6only = false
## Path to the file containing the user's private PEM-encoded key.
##
## Value: File
dashboard.listener.https.keyfile = /etc/emqx/certs/key.pem
## Path to a file containing the user certificate.
##
## Value: File
dashboard.listener.https.certfile = /etc/emqx/certs/cert.pem
## Path to the file containing PEM-encoded CA certificates.
##
## Value: File
dashboard.listener.https.cacertfile = /etc/emqx/certs/chain.pem
## See: 'listener.ssl.<name>.dhfile' in emq.conf
##
## Value: File
## dashboard.listener.https.dhfile = {{ platform_etc_dir }}/certs/dh-params.pem
## See: 'listener.ssl.<name>.vefify' in emq.conf
##
## Value: vefify_peer | verify_none
dashboard.listener.https.verify = verify_none
## See: 'listener.ssl.<name>.fail_if_no_peer_cert' in emq.conf
##
## Value: false | true
## dashboard.listener.https.fail_if_no_peer_cert = false
## TLS versions only to protect from POODLE attack.
##
## Value: String, seperated by ','
dashboard.listener.https.tls_versions = tlsv1.2
## See: 'listener.ssl.<name>.ciphers' in emq.conf
##
## Value: Ciphers
dashboard.listener.https.ciphers = ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-CHACHA20-POLY1305,DHE-RSA-AES128-GCM-SHA256,DHE-RSA-AES256-GCM-SHA384
## See: 'listener.ssl.<name>.secure_renegotiate' in emq.conf
##
## Value: on | off
dashboard.listener.https.secure_renegotiate = off
## See: 'listener.ssl.<name>.reuse_sessions' in emq.conf
##
## Value: on | off
dashboard.listener.https.reuse_sessions = on
## See: 'listener.ssl.<name>.honor_cipher_order' in emq.conf
##
## Value: on | off
dashboard.listener.https.honor_cipher_order = on
I've commented all the dashboard.listener.http
since I don't want to enable non-TLS enabled endpoints.
Daenney commented
Ah, I should've mentioned that. It's version 4.0.6 of EMQX (the Debian/Ubuntu package).
alexandrim0 commented
Hello!
I met the same problem with 4.0.5 (docker).