
Ich habe vor Kurzem Cockpit installiert (und bin ziemlich zufrieden damit) und habe beschlossen, Portzilla auf meinem Cloudflare-Konto zu verwenden, um eine Subdomain einzurichten, über die ich remote auf meinen Cockpit-Server zugreifen kann. Ich habe Verbindungsfehler-Fehler erhalten und wenn ich mir das ansehe journalctl -u cockpit
, erhalte ich Folgendes:
Dec 26 00:27:52 helios systemd[1]: Starting Cockpit Web Service...
Dec 26 00:27:52 helios remotectl[22645]: Generating temporary certificate using: sscg --quiet --lifetime 3650 --key-strength 2048 --cert-key-file /etc/cockpit/ws-certs.d/0-self-signed.cert --cert-file /etc/cockpit/ws-certs.d/0-self-signed.cert --ca-file /etc/cockpit/ws-certs.d/0-self-signed-ca.pem --hostname helios --organization 90b1c6e4a5dc40aeb98d6ccf90a3257f --subject-alt-name localhost --subject-alt-name IP:127.0.0.1/255.255.255.255
Dec 26 00:27:52 helios remotectl[22645]: Error generating temporary dummy cert using sscg, falling back to openssl
Dec 26 00:27:52 helios remotectl[22645]: Generating temporary certificate using: openssl req -x509 -days 36500 -newkey rsa:2048 -keyout /etc/cockpit/ws-certs.d/0-self-signed.S4R2V0.tmp -keyform PEM -nodes -out /etc/cockpit/ws-certs.d/0-self-signed.Z6R2V0.tmp -outform PEM -subj /O=90b1c6e4a5dc40aeb98d6ccf90a3257f/CN=helios -config /tmp/ssl.conf.47R2V0 -extensions v3_req
Dec 26 00:27:52 helios systemd[1]: Started Cockpit Web Service.
Dec 26 00:27:52 helios cockpit-tls[22649]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:27:52 helios cockpit-tls[22649]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:27:55 helios cockpit-tls[22649]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:27:55 helios cockpit-tls[22649]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:27:55 helios cockpit-tls[22649]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:27:55 helios cockpit-tls[22649]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:30:08 helios systemd[1]: cockpit.service: Succeeded.
Dec 26 00:34:18 helios systemd[1]: Starting Cockpit Web Service...
Dec 26 00:34:18 helios systemd[1]: Started Cockpit Web Service.
Dec 26 00:34:18 helios cockpit-tls[25787]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:34:18 helios cockpit-tls[25787]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:34:47 helios systemd[1]: Stopping Cockpit Web Service...
Dec 26 00:34:47 helios systemd[1]: cockpit.service: Succeeded.
Dec 26 00:34:47 helios systemd[1]: Stopped Cockpit Web Service.
Dec 26 00:34:47 helios systemd[1]: Starting Cockpit Web Service...
Dec 26 00:34:47 helios systemd[1]: Started Cockpit Web Service.
Dec 26 00:34:52 helios cockpit-tls[26028]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:34:52 helios cockpit-tls[26028]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:34:54 helios cockpit-tls[26028]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:36:56 helios systemd[1]: cockpit.service: Succeeded.
Dec 26 00:38:12 helios systemd[1]: Starting Cockpit Web Service...
Dec 26 00:38:12 helios systemd[1]: Started Cockpit Web Service.
Dec 26 00:38:12 helios cockpit-tls[27201]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:38:12 helios cockpit-tls[27201]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:38:13 helios cockpit-tls[27201]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:38:13 helios cockpit-tls[27201]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:38:13 helios cockpit-tls[27201]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Dec 26 00:40:19 helios systemd[1]: cockpit.service: Succeeded.
Ich erkenne an, dass Cockpit standardmäßig keine Reverse-Proxys erkennt und diese cockpit.conf
entsprechend einstellen muss, was ich auf Anfrage bereitstellen kann. Die erforderlichen Dinge, die ich gesehen habe, wie den Origins
Eintrag (nicht sicher, ob er richtig gemacht wurde), ProtocolHeader = X-Forwarded-Proto
wurden jedoch bereits zur Konfiguration hinzugefügt. Ich bin neu hier und würde mich über jede Hilfe freuen, die ich dazu bekommen kann. Vielen Dank im Voraus