How to renew Lets encrypt certificate in ejabberd configured server? My server is Debian-jessie and I have tried to renew SSL certificates using the below command,
certbot certonly -d mydomainname
But it produced an unexpected error:
Failed authorization procedure. : urn:acme:error:connection ::Timeout
during connect (likely firewall problem). Skipping.
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
Found the proper answer for this:
You need to stop the service ejabberd service before you do the
process,
service ejabberd stop
Then move the expired ssl pem file to somewhere else,
mv /etc/ejabberd/ejabberd.pem /etc/ejabberd/ejabberd.pem.backup
Go to the directory where the cert boot locating,
cd /root
Enter the below command in-order to renew the certificate for the
required domain
certbot certonly --webroot -w /etc/ejabberd -d yourdomain.com --force-renewal --rsa-key-size 4096
Then merge the generated ssl files to the ejabberd configuration file
cat /etc/letsencrypt/live/yourdomain.com/privkey.pem /etc/letsencrypt/live/chat.yourdomain.com/fullchain.pem > ejabberd.pem
Then move the pem file to the ejabberd root path
mv ejabberd.pem /etc/ejabberd
chown ejabberd /etc/ejabberd/ejabberd.pem
Enable ejabberd service
service ejabberd start
service ejabberd status
So all of a sudden, after a week of using it, I get an error message on my zabbix server gui (http://localhost/zabbix/.)
The error says: Zabbix server is not running: the information displayed may not be current.
Any idea why is this happening ll of a sudden and out of the blue? I restarted the machine - which should automatically restore the zabbix server upon startup - but it's still not running.
I also researched for a startup or restart command but true to form with zabbix helpful, clear documentation is non-existent.
EDIT:
Some more info:
MySQL is running normally. I'm able to select, insert into, whatever I want.
Doing /etc/init.d/zabbix-server status results in * zabbix_server is not running
The last entry in zabbix_server.log is Zabbix Server stopped. Zabbix 2.2.9 (revision 52686).
Doing sudo /etc/init.d/zabbix-server start results in * Starting Zabbix server zabbix_server but the status is still not running and the log file doesn't have any new entries.
just get into the zabbix.conf.php
>$sudo vim /etc/zabbix/web/zabbix.conf.php
>$ZBX_SERVER = '**your zabbix ip address or DNS name**';
>$ZBX_SERVER_PORT = '10051';
>$ZBX_SERVER_NAME = '**your zabbix hostname**';
just change the ip address you can resolve the error
Zabbix server is not running: the information displayed may not be current
After that restart the zabbix server
>$sudo service zabbix-server restart
To verify go to Dashboard Administration -> queue there you see data
i resolved my error like this works fine for me.
To solve the problem zabbix server is not running you have to :
First - Check that all of the database parameters in zabbix.conf.php ( /etc/zabbix/web/zabbix.conf.php) and zabbix_server.conf ( /etc/zabbix/zabbix_server.conf) to be the same. Including:
• DBHost
• DBName
• DBUser
• DBPassword
Second- Change SElinux parameters:
#setsebool -P httpd_can_network_connect on
#setsebool -P httpd_can_connect_zabbix 1
#setsebool -P zabbix_can_network 1
After all, restart all services:
#service zabbix-server restart
#service httpd restart
worth a try.
Edit this file: sudo nano /etc/default/zabbix-server
Adjust the START property to yes:
START=yes
Then try to run Zabbix again: sudo service zabbix-server start
This may happen because of the old and new IP address
I have faced same issue which was solve by below method:
vim /etc/zabbix/web/zabbix.conf.php
$ZBX_SERVER = new ip address
then restart zabbix server
I was using a special character in my DB password - wrapping the DBPassword option in /etc/zabbix/zabbix_server.conf and doing sudo service zabbix-server restart got me back up and running.
Not Working
DBPassword=MyString?
Working
DBPassword='MyString?'
Solution might be this simple:
sudo su
nano /etc/zabbix/zabbix-server.conf
Remove "#" in front of DBPassword=YourPassword (will change from blue to grey)
Ctrl x (Y to save and press enter to exit)
service zabbix-server restart
Now you can refresh your browser running ZABBIX. If not, you will have to do the same steps for CacheSize=32M
You do not have to change anything in /etc/zabbix/web/zabbix.conf.php (localhost is fine)
When editing anything, remember "#" in front of line means invisible to linux.
As Zabbix Senior Instructor and Consultant Hernandes Martins says in his "Zabbix server is not running what to do?" blog post:
This is the first step that should be checked regardless of the situation, always view the logs, from the moment the error message appeared in the zabbix web interface always view the log.
By following his advice I could be able to identify the cause of the issue with my Zabbix server, and then apply the solution related to the specific problem.
In my case, as I've commented in the page:
The problem in my server was of "4. Resource Allocation Issues". Just like you wrote above, Zabbix was showing out of memory errors on the log when trying to start the server.
After increasing the value of parameter CacheSize I tried to restart the service, but it didn't respond. So, I ended up restarting the whole machine. Fortunately, in the end it resolved the problem for good.
So, take a look at the log with command tail -f /var/log/zabbix/zabbix_server.log on the terminal/prompt, watch for any errors, and tackle the problem according to what it makes sense for your particular case.
Looks like the problem was that I created a Database monitoring Item programmatically and it triggered a bug that caused the server to shutdown.
Once I deleted the item the server came back up, and creating subsequent Items didn't kill it.
The deadly Item had a value_type of Numeric unsigned, -1 programmatically, while the newly created Items have a value_type of float, which is 0 programmatically.
The whole thing has a voodoo element to it but it did solve my problem.
Maybe is configuration issue
nano /etc/zabbix/zabbix_server.conf
DBHost=localhost
DBName=zabbix_db
DBUser=zabbix_user
DBPassword=XXXXXXX
works for me on Zabbix 3.0 Centos 7
The zabbix-server daemon doesn't seem to like passwords with special characters in them. Unsure whether quotes would work in the configuration I just removed special characters from the database password, updated the configuration files and restarted the daemon.
Configuration parsing errors don't show up in logs for some reason.
Install nmap (( # yum/apt-get install nmap ))tool and check to find out which port the zabbix is listenning to?(( # nmap -sT -p1-65535 localhost )) 10050 or 10051?
The result should be somthing like this:
Starting Nmap 6.40 ( http://nmap.org ) at 2016-11-01 22:54 IRST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00032s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 65530 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
3306/tcp open mysql
10050/tcp open unknown <--- In my case this is it
Then open /etc/zabbix/web/zabbix.conf.php and check the line starting with: $ZBX_SERVER_PORT , it's value should be the same number you saw in the nmap scan result. Change it and restart zabbix-server and httpd and you are good to go!
There maybe IP address conflict, try host 'Zabbix server'
On RHEL/CentOS/OEL 6
Check that the firewall is allowing connection to Zabbix Server port which is 10051, as a user with root priv:
vi /etc/sysconfig/iptables
and add the following lines
-A INPUT -m state --state NEW -m tcp -p tcp --dport 10051 -j ACCEPT
restart iptables
# service iptables restart
If you have disabled IPV6, you need to also edit the hosts file and remove IPV6 line for "localhost"
# vi /etc/hosts
remove or comment out "#" the ipv6 line for localhost
::1 localhost6.localdomain6 localhost6
restart the zabbix-server and check if the error message is gone.
I was in the same trouble.
For my case, that was a conflict between /etc/zabbix/zabbix_agentd.conf and zabbix_server.conf parameters.
I adjusted
"DBHost=localhost",
"DBName=zabbix",
"DBUser=zabbix",
"DBPassword=******",
"DebugLevel=3"
"ListenPort".
If you run the default installation, you should keep ListenPort=10051 for the server and 10050 for the agent.
Cheers!
In my case it happens when introducing host with templates, graphs,trigger etc, the server falls.
The problem was that by default the cache is at 128k and you have to change it.
sudo nano /etc/zabbix/zabbix-server.conf
Uncheck # Sizecache and add 32M for example.
Cachesize=32M
restart service and voila!! server working
service zabbix-server start
My problem was caused by having external ip in $ZBX_SERVER setting.
I changed it to localhost instead so that ip was resolved internally,
$sudo nano /etc/zabbix/web/zabbix.conf.php
Changed
$ZBX_SERVER = 'external ip was written here';
to
$ZBX_SERVER = 'localhost';
then
$sudo service zabbix-server restart
Zabbix 3.4 on Ubuntu 14.04.3 LTS
I had the same issue.
I forgotten selinux conf, not all is ok:
setsebool -P httpd_can_connect_zabbix on
In my case, this occurred because the password in the server config file was commented out.
Open the server config file: # sudo vim /etc/zabbix/zabbix-server.conf
Scroll down to db user and below there will be the password with a # commenting out. Remove the hash and insert your DB password.
In my case i had to disable Linux SE
[root#webserverlocaldomain /]# setenforce 0
Disable Firewall
[root#webserverlocaldomain /]# systemctl stop firewalld
Edit config file uncommenting#
[root#webserverlocaldomain /]# vi /etc/zabbix/zabbix_server.conf
ListenPort=10051
DBHost=localhost
DBPassword=password
Then restart the services
[root#webserverlocaldomain /]# systemctl restart zabbix-server zabbix-agent httpd
#getsebool -a
//httpd_can_network_connect off
#setsebool httpd_can_network_connect on
#getsebool httpd_can_network_connect
#service zabbix-server restart
in my case after installing zabbix from sources (removed zabbix 4.0 because upgrading to 4.2 wasn't possible via apt on a Raspbian GNU/Linux 9.4 stretch) it loaded the config from /usr/local/etc/zabbix_server.conf instead from /etc/zabbix/zabbix_server.conf
After deleting /usr/local/etc/zabbix_server.conf and creating a symlink pointing to the correct config file in /etc/zabbix/zabbix_server.conf it started to work
I solved this problem on Ubuntu 18.04 by uninstalling Zabbix and reinstalling it again from scratch.
The initial installation didn't work because I had followed old posts/guides/tutorials, even from Zabbix documentation itself, so these might probably be outdated. So, the trick was to find and follow the most updated guide to Zabbix installation from its docs.
Here are the two links I followed for uninstalling and reinstalling Zabbix:
How to uninstall Zabbix: https://www.quora.com/How-do-I-uninstall-Zabbix-server-agent-in-Ubuntu
How to (properly) install Zabbix: https://www.zabbix.com/download?zabbix=4.0&os_distribution=ubuntu&os_version=18.04_bionic&db=postgresql
When installing Zabbix from the link above, your choosen Zabbix Version, OS Distribution, OS Version or Database may be different from the ones I've selected, but following the instructions on this page will probably be also the right way for you to install your chosen Zabbix configuration without getting errors post installation.
Never had the problem until it suddenly appeared once, for me, the solution was to add (uncomment) the following line in /etc/zabbix/zabbix_server.conf
ListenIP=0.0.0.0
i had similar problem and my gui reported problem with cache, i change it zabbix-server.conf to 32M and now is ok, zabbix is an intelligent tool, please if it possible check problems in gui first. I had to much hosts ... for default cache.
I have a Fedora 21 server running on a local private LAN. I have setup a minecraft server. It is running on port 25565 and running the server produces no errors. My problem is that I cannot get the client to connect to it. The client connects fine to minecraft servers outside of the local private LAN and when I tested minecraft server on an Ubuntu desktop, the windows machine was able to connect to that server. So, it seems isolated to the Fedora 21 machine. It is running as a server, so no GUI! I have performed a netstat -a on it and see that it states that it is listening to port 25565. I have turned off firewalld ('sudo systemctl stop firewalld' and then 'sudo systemctl disable firewalld' just to be sure) to see if that was blocking it. I was still not able to connect. I can provide other information as needed. Oh, I am also using Java 1.8u25 and minecraft_server.1.8.1.
Thanks for your help.
I have found the problem. Apparently the change requires a server reboot. Perhaps just restarting the service may also take care of the issue but definitely rebooting the server cleared the problem.
EDIT: I have found that using iptables will open the firewall to allow the game to connect. I only stated that turning off firewalld allows the game to operate after saving iptables and restarting firewalld.
This should work (let me know if it doesn't):
Be sure to place this before any REJECT statements in the iptables.
You can use iptables -L --line-numbers | less to display the table. I pipe it out to "less" because the table can be quite long and this way one can easily scroll through the information.
iptables -I INPUT ## -p tcp --dport 25565 -j ACCEPT
iptables -I INPUT ## -p udp --dport 25565 -j ACCEPT
iptables-save
To do a restart of the firewalld type sudo systemctl restart firewalld.
Also keep in mind that this is for the default port in server.properties file. Obviously if the default port is changed in this file, then so would the iptables setting.
Hopefully this will help anyone who may run into this same problem.
I have been trying to setup Zabbix to monitor my 2 tomcat servers on 2 different Amazon EC2 machines, but in vain.
The Z on the host is green, however te JMX is red with these errors
- ZBX_TCP_READ() failed: [4] Interrupted system call
- Someother error [111] connection refused
and many such errors, one after another, in the sense I resolve an error to see one more new error popping up.
These are some assumptions
All the machines run Ubuntu 12.10 and later
Server's IP address: 66.55.12.120 (Runs Zabbix server v2.2.4 (revision 46772) (23 June 2014) )
Agent's IP address: 87.52.45.198 ( Runs Zabbix agent v2.2.2 (revision 42525) (12 February 2014) )
My local machine's IP address: 76.89.54.111
Here is what I've done so far.
On Server Side:
1) Installed Zabbix_server using sudo apt-get install zabbix-server-mysql.
2) The GUI, mysql database all have been installed and configured.
3) The following are the only 3 changes that I've made in the file /etc/zabbix/zabbix_server.conf
...
JavaGateway=localhost
JavaGatewayPort=10052
StartJavaPollers=5
...
4) The Zabbix Java gateway was installed using sudo apt-get install zabbix-java-gateway.
5) The following are the only 3 changes that I've made in the file
/etc/zabbix/zabbix_java_gateway.conf
...
LISTEN_IP="127.0.0.1"
LISTEN_PORT=10052
START_POLLERS=5
...
On Client Side:
1) Installed Zabbix Client using
sudo apt-get install zabbix-agent
2) The following are the only 3 changes that I've made in the file
/etc/zabbix/zabbix_agentd.conf
...
Server=66.55.12.120
StartAgents=5
ServerActive=66.55.12.120:10051
Hostname=Security-test-JMX-EC2
... <br />
3) The Hostname is the same as the one that is mentioned while creating the Host on the GUI.
I believe that there are some issues with the IP and ports. So, here are the outbound rules for both the machines as obtained from Amazon EC2 Security Groups for the machines
OUTBOUND RULES for SERVER SECURITY GROUP:
Type Protocol Port Source Reasoning
Custom- TCP 8080 0.0.0.0/0
TCP Rule
All ICMP All N/A 0.0.0.0/0
Custom- TCP 10052 27.52.52.128/32 For access from Agent
TCP Rule
Custom- TCP 8081 76.84.120.130/32 To access Zabbix GUI from-
TCP Rule -my local machine's web browser
Custom- TCP 10051 27.52.52.128/32 As the agent responds to-
TCP Rule -the server on Port 10051TCP Rule-
-Must allow inbound communications-
- from the agent.
Custom- TCP 11000 27.52.52.128/32 The agent's JMX reporting-
TCP Rule -happens on port 11000(not on 12345).
OUTBOUND RULES for CLIENT SECURITY GROUP:
Type Protocol Port Source
HTTPS TCP 443 0.0.0.0/0
Custom- TCP 10050 66.55.12.120/32
TCP Rule
Custom- TCP 10052 66.55.12.120/32
TCP Rule
Custom- TCP 11000 66.55.12.120/32
TCP Rule
HTTP TCP 80 76.89.54.111/32
Custom- TCP 8080 76.89.54.111/32
TCP Rule
Custom- TCP 8443 76.89.54.111/32
TCP Rule
What am I missing? Please guide me.
Any help is appreciated.
Thanks
Goutham
If you can, then run VisualVm (probably using a tunneled X session) on the zabbix host, and see if you can connect to the target JVM with that. If you can't connect from that, you won't be able to connect from Zabbix.
Try with the following CATALINA_OPTS, replacing with the IP on the target that you want JMX to listen on:
export CATALINA_OPTS="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.local.only=falseom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=<LOCAL_IP>"
This will disable all JMX security so be aware!
Once you hopefully get it to connect, the "Tomcat JMX" items in Zabbix are also all incorrect! e.g.
Incorrect Zabbix default:
jmx["Catalina:type=GlobalRequestProcessor,name=http-8080",bytesReceived]
Correct entry:
jmx["Catalina:type=ThreadPool,name=\"http-bio-8080\"", bytesReceived]
Note the escaped quotes and incorrect thread name. Add the Mbeans plugin to VisualVM, and use that to browse the MBeans on the target VM, and check the Zabbix names.
It does work eventually, but is a real pain to setup. Zabbix is however one of the few open source monitoring tools that supports JMX at all!
By default, JMX does not work very well with firewalls. You might find related bug reports on Zabbix tracker useful: ZBX-5326 and ZBX-6815. The first one contains a workaround for Tomcat which might work for you.
#gvatreya wrote:
Server: (Runs Zabbix server)
Agent: (Runs Zabbix agent)
It looks like you have to start Zabbix Java gateway as well on host where it is installed (it is a daemon/service).
I configured as follows:
Server: (Runs Zabbix server, Zabbix Java gateway)
Agent: (Runs Zabbix agent)
I think it is possible to install it on a dedicated host.
Have you tried adding -Djava.net.preferIPv4Stack=true to the VM options?
to make it work add next java_opts to your tomcat startup script
-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.port=2345
-Dcom.sun.management.jmxremote.rmi.port=12345
-Djava.rmi.server.hostname=<tomcat_hostname>
I have a problem here that I had my XAMP up and running, I installed ZEND Framework, ZEND Server and ZEND Studio into my system. Now the problem is that localhost is not working. I researched to find out that both can be on a pc and run but I will have to choose between the apache for the two. I stopped the services of Apache Zend but my localhost did not start.
I also checked the error log of apache the last entry is of Today i.e. Tue 10:28am. and XAMP control panel just displays cannot start apache service.
I have changed the apache config file by changing the localhost server port to 8080 instead of 80. But no success yet. MYSQL is also shutting down unexpectedly.
Any help is appreciated.
I have a same problem when I installed Skype. Skype by default use 80 port number. So you can change it from Skype`s options. For more info see this link..
http://www.youtube.com/watch?v=n7wj1aaNwbU
Try to run this below command in cmd prompt
netstat -ano|find "port no"
Eg:
netstat -ano|find "3306"
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 5164
TCP [::]:3306 [::]:0 LISTENING 5164
You could even use the pid number and check in windows task manager who is utilizing these pid so that you would come to know the exact process name
Please provide error log file if possible.