Installation of core on windows server 2012

Question

Installation of core on windows server 2012

anjanadv opened this issue 6 years ago · comments

Hello,
We have installed OpenHIM on a Windows Server 2012 VM following the documentation. But we are not able to access the Core API from the console. The error thrown by the Console while trying to login is as follows -

When trying to browse the API on port 8080 it is giving the following error -

Both the core and console are running on the same server. Core is setup as a windows service following the installation guidelines. There is no error being logged in stderr.log and stdout.log.
Console is hosted on port 80 on IIS. And core is also running on the default ports.

How can we resolve this issue?
Thanks.

Martin Brocker · Answer 1 · Thu Aug 30 2018 22:42:42 GMT+0800 (China Standard Time)

Hi @anjanadv The issue with the login seems to be related to the Self Signed certificate that gets created when installing the OpenHIM core for the first time. Clicking the link in the Console error box should present you with a browser error page to explicitly accept the Self Signed certificate. Once its been accepted, the login process should proceed.

I do however see based on your screenshot that you arent presented with the "Advanced" option in Chrome to allow the insecure certificate which is strange. Are you able to telnet to that port to verify its open and allowing request?

anjanadv · Answer 2 · Fri Aug 31 2018 16:03:00 GMT+0800 (China Standard Time)

Yes, We are able to telnet to that port. And this issue is not specific to one browser. We have observed this in all the browsers and multiple servers.

Ryan Crichton · Answer 3 · Mon Sep 03 2018 15:02:09 GMT+0800 (China Standard Time)

@anjanadv this could rather be an issue with the OpenHIM core not starting up correctly. Do you see any issues in the Core logs?

anjanadv · Answer 4 · Tue Sep 04 2018 18:59:21 GMT+0800 (China Standard Time)

@rcrichton , No, there is no error being logged in the files. The core service seems to be running absolutely fine. Attached is the screenshot of stdout, stderr is empty.

During initialization(running for the first time after installing), we noticed that it is skipping 2 certificates(screenshot below), would that be a reason for the error?

Ryan Crichton · Answer 5 · Fri Sep 07 2018 21:23:08 GMT+0800 (China Standard Time)

Those skip messages are normal. In the logs do you see something along the lines of 'API listening on port 8080'. Is there perhaps something else running on port 8080?

If you try curl https://localhost:8080/heartbeat what do you get. If you get a certificate error try curl -k https://localhost:8080/heartbeat

anjanadv · Answer 6 · Fri Sep 07 2018 22:04:50 GMT+0800 (China Standard Time)

Yes, we can see the entry 'API HTTPS Listening on port 8080'.
We are getting the following when we run then curl
curl -k https://localhost:8080/heartbeat
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

Ryan Crichton · Answer 7 · Thu Sep 13 2018 15:28:27 GMT+0800 (China Standard Time)

Sorry, I haven't seen this before. It could be an issue with self signed certificates on windows. I did find this article. Perhaps it can be of help - https://medium.com/@sslsecurity/how-to-fix-err-ssl-version-or-cipher-mismatch-error-5447c30ac78a