Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wazuh-authd did not start correctly - etc/sslmanager.cert file generation fails #1714

Open
rauldpm opened this issue Jun 30, 2022 · 1 comment
Open

wazuh-authd did not start correctly - etc/sslmanager.cert file generation fails #1714

rauldpm opened this issue Jun 30, 2022 · 1 comment

Comments

@rauldpm
Copy link
Member

rauldpm commented Jun 30, 2022
edited
Loading

Wazuh version Install type Action performed Platform
4.3.5-1 Manager Install CentOS 7

Installation directory: /opt

Running wazuh-control start the following message has been observed:

wazuh-authd did not start correctly.

Analyzing the ossec.log file, the following messages have been found:

2022/06/30 19:02:53 wazuh-authd: INFO: Started (pid: 31435).
2022/06/30 19:02:53 wazuh-authd: ERROR: Unable to read certificate file (not found): etc/sslmanager.cert
2022/06/30 19:02:53 wazuh-authd: ERROR: SSL error. Exiting.

OpenSSL displayed the following version:

[root@centos7 vagrant]# openssl version
OpenSSL 1.0.2k-fips  26 Jan 2017

Looking at the installation log obtained using rpm -ivvh, the following is observed:

+ openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj /C=US/ST=California/CN=Wazuh/ -keyout /opt/ossec/etc/sslmanager.key -out /opt/ossec/etc/sslmanager.cert
/var/tmp/rpm-tmp.VZuplP: line 63: 31210 Bus error               openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj "/C=US/ST=California/CN=Wazuh/" -keyout /opt/ossec/etc/sslmanager.key -out /opt/ossec/etc/sslmanager.cert 2> /dev/null
+ chmod 640 /opt/ossec/etc/sslmanager.key
chmod: cannot access '/opt/ossec/etc/sslmanager.key': No such file or directory
+ chmod 640 /opt/ossec/etc/sslmanager.cert
chmod: cannot access '/opt/ossec/etc/sslmanager.cert': No such file or directory

Installation log file: install.log

It was not possible to reproduce this specific error.

Regards, Raúl.
@rauldpm
Copy link
Member Author

rauldpm commented Jun 30, 2022
edited
Loading

Update report

Creating the certificates with the same OpenSSL command failed, the certificates are created in the specified directory and Wazuh server can start successfully.

Certificate manual generation 
[root@centos7 vagrant]# openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -subj /C=US/ST=California/CN=Wazuh/ -keyout /opt/ossec/etc/sslmanager.key -out /opt/ossec/etc/sslmanager.cert
Generating a 2048 bit RSA private key
......+++
........................................................................+++
writing new private key to '/opt/ossec/etc/sslmanager.key'
-----
[root@centos7 vagrant]# /opt/ossec/bin/wazuh-control restart
wazuh-clusterd not running...
wazuh-modulesd not running...
wazuh-monitord not running...
wazuh-logcollector not running...
wazuh-remoted not running...
wazuh-syscheckd not running...
wazuh-analysisd not running...
wazuh-maild not running...
wazuh-execd not running...
wazuh-db not running...
wazuh-authd not running...
wazuh-agentlessd not running...
wazuh-integratord not running...
wazuh-dbd not running...
wazuh-csyslogd not running...
Killing wazuh-apid...
Wazuh v4.3.5 Stopped
Starting Wazuh v4.3.5...
Started wazuh-apid...
Started wazuh-csyslogd...
Started wazuh-dbd...
2022/06/30 19:34:35 wazuh-integratord: INFO: Remote integrations not configured. Clean exit.
Started wazuh-integratord...
Started wazuh-agentlessd...
Started wazuh-authd...
Started wazuh-db...
Started wazuh-execd...
Started wazuh-analysisd...
Started wazuh-syscheckd...
Started wazuh-remoted...
Started wazuh-logcollector...
Started wazuh-monitord...
Started wazuh-modulesd...
Completed.
[root@centos7 vagrant]# ps aux | grep wazuh
wazuh    31649 20.4  9.1 632276 93184 ?        Sl   19:34   0:03 /opt/ossec/framework/python/bin/python3 /opt/ossec/api/scripts/wazuh-apid.py
root     31690  0.0  0.3 126860  3484 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-authd
wazuh    31696  0.0  5.3 200980 54076 ?        S    19:34   0:00 /opt/ossec/framework/python/bin/python3 /opt/ossec/api/scripts/wazuh-apid.py
wazuh    31699  0.1  5.6 290100 57812 ?        S    19:34   0:00 /opt/ossec/framework/python/bin/python3 /opt/ossec/api/scripts/wazuh-apid.py
wazuh    31713  1.0  0.6 576680  6488 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-db
root     31737  0.0  0.1  36772  1592 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-execd
wazuh    31752  3.2  2.4 757100 24828 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-analysisd
root     31791 27.2  0.7 267968  7284 ?        SNl  19:34   0:03 /opt/ossec/bin/wazuh-syscheckd
wazuh    31808  0.1  0.4 521296  4264 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-remoted
root     31841  0.0  0.2 348128  2084 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-logcollector
wazuh    31883  0.0  0.1  36712  1588 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-monitord
root     31934  2.1  1.4 707068 14468 ?        Sl   19:34   0:00 /opt/ossec/bin/wazuh-modulesd
root     32529  0.0  0.0  12528   972 pts/0    R+   19:34   0:00 grep --color=auto wazuh
[root@centos7 **vagrant]#

Although it may be a specific memory error (Bus error) we must check if there may be a possible problem with OpenSSL and perhaps propose a solution (for example, retry the execution of the command)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rauldpm