Hi,
I get this error after adding some webhook HTTP to our app.
I install the Emqx on Ubuntu 20.04, any step that i missed ?
please help.
Hi,
I get this error after adding some webhook HTTP to our app.
I install the Emqx on Ubuntu 20.04, any step that i missed ?
please help.
Hi, this error should be about Authentication using HTTP Server, not WebHook. The log content should refer to your TLS configuration error. Could you provide your configuration content and EMQX version conveniently?
Thanks for your reply,
I’m new to installing EMQX on my server and there are no special configurations.
I’m using EMQX v 5.0.17.
Should I re-installing the EMQX?
Could you provide the contents of these two files, etc/emqx.conf
and data/configs/cluster-override.conf
?
here is the etc/emqx.conf and I cannot find the data/configs/cluster-override.conf file
node {
name = "emqx@127.0.0.1"
cookie = "emqxsecretcookie"
data_dir = "/var/lib/emqx"
}
log {
file_handlers.default {
level = warning
file = "/var/log/emqx/emqx.log"
}
}
cluster {
name = emqxcl
discovery_strategy = manual
}
listeners.tcp.default {
bind = "0.0.0.0:1883"
max_connections = 1024000
}
listeners.ssl.default {
bind = "0.0.0.0:8883"
max_connections = 512000
ssl_options {
keyfile = "/etc/emqx/certs/key.pem"
certfile = "/etc/emqx/certs/cert.pem"
cacertfile = "/etc/emqx/certs/cacert.pem"
}
}
listeners.ws.default {
bind = "0.0.0.0:8083"
max_connections = 1024000
websocket.mqtt_path = "/mqtt"
}
listeners.wss.default {
bind = "0.0.0.0:8084"
max_connections = 512000
websocket.mqtt_path = "/mqtt"
ssl_options {
keyfile = "/etc/emqx/certs/key.pem"
certfile = "/etc/emqx/certs/cert.pem"
cacertfile = "/etc/emqx/certs/cacert.pem"
}
}
# listeners.quic.default {
# enabled = true
# bind = "0.0.0.0:14567"
# max_connections = 1024000
# keyfile = "/etc/emqx/certs/key.pem"
# certfile = "/etc/emqx/certs/cert.pem"
#}
dashboard {
listeners.http {
bind = 18083
}
default_username = "admin"
default_password = "public"
}
authorization {
deny_action = ignore
no_match = allow
cache = { enable = true }
sources = [
{
type = file
enable = true
# This file is immutable to EMQX.
# Once new rules are created from dashboard UI or HTTP API,
# the file 'data/authz/acl.conf' is used instead of this one
path = "/etc/emqx/acl.conf"
}
]
}
This is really a strange error.
Can you please confirm at what step the error you mentioned first appears?
And can you confirm whether the EMQX instance you are operating is the one you think? I think you may be accessing other EMQX instances
If I check the log in /var/log/emqx/emqx.log.1
The log: That was like the EMQX trying to get the cert file, but not found.
if I’m not mistaken, I used to fill out the form Authentication and check TLS support and I didn’t fill in the fields, then I go back to the list Authentication and showed the error.
The form doesn’t have a validation if the TLS was filled or not.
If you are accessing the same instance, when you encounter that error in the Dashboard, the error log will also be output in the log file. So it looks like you’re accessing different instances.
And this log is a bug, it will be fixed in recent versions.
How about this, here is the latest log when I access the authentication page:
2023-03-01T06:11:38.033632+00:00 [warning] mfa: minirest_handler:apply_callback/3, line: 116, exception: throw, path: /authentication, reason: #{kind => validation_error,reason => integrity_validation_failure,result => false,schema_module => emqx_authn_http,validation_name => check_ssl_opts}, stacktrace: [{emqx_authn,do_check_config_maybe_throw,3,[{file,"emqx_authn.erl"},{line,82}]},{emqx_authn,check_config,2,[{file,"emqx_authn.erl"},{line,45}]},{lists,map,2,[{file,"lists.erl"},{line,1243}]},{emqx_authn_api,get_raw_config_with_defaults,1,[{file,"emqx_authn_api.erl"},{line,1119}]},{emqx_authn_api,list_authenticators,1,[{file,"emqx_authn_api.erl"},{line,832}]},{minirest_handler,apply_callback,3,[{file,"minirest_handler.erl"},{line,111}]},{minirest_handler,handle,2,[{file,"minirest_handler.erl"},{line,44}]},{minirest_handler,init,2,[{file,"minirest_handler.erl"},{line,27}]},{cowboy_handler,execute,2,[{file,"cowboy_handler.erl"},{line,41}]},{cowboy_stream_h,execute,3,[{file,"cowboy_stream_h.erl"},{line,318}]},{cowboy_stream_h,request_process,3,[{file,"cowboy_stream_h.erl"},{line,302}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,226}]}]
Can you provide a screenshot of the authentication page? As mentioned earlier, this error should only appear if you have configured authentication.
But you did not find the data/configs/cluster-override.conf
file. Another question, did you not find the cluster-override.conf
file in the data/configs
directory, or simply did not find data/configs
Directory?
If it is the latter, you can read this document first: Files and directories
Here the screenshoot
Ahh sorry my bad, i find that files in
/var/lib/emqx/configs
Here the result inside cluster-override.conf
authentication = [
{
backend = "http"
body {password = "${password}", username = "${username}"}
connect_timeout = "5s"
enable_pipelining = 100
headers {"content-type" = "application/json"}
mechanism = "password_based"
method = "post"
pool_size = 8
request_timeout = "5s"
ssl {enable = false, verify = "verify_peer"}
url = "https://bfd3-180-252-173-9.ap.ngrok.io/mq/auth"
},
{
backend = "built_in_database"
mechanism = "password_based"
password_hash_algorithm {name = "sha256", salt_position = "suffix"}
user_id_type = "username"
}
]
log {
console_handler {
burst_limit {
enable = true
max_count = 10000
window_time = "1s"
}
chars_limit = "unlimited"
drop_mode_qlen = 3000
enable = true
flush_qlen = 8000
formatter = "text"
level = "warning"
max_depth = 100
overload_kill {
enable = true
mem_size = "30MB"
qlen = 20000
restart_after = "5s"
}
single_line = true
supervisor_reports = "error"
sync_mode_qlen = 100
time_offset = "system"
}
file_handlers {
default {
burst_limit {
enable = true
max_count = 10000
window_time = "1s"
}
chars_limit = "unlimited"
drop_mode_qlen = 3000
enable = true
file = "/var/log/emqx/emqx.log"
flush_qlen = 8000
formatter = "text"
level = "warning"
max_depth = 100
max_size = "50MB"
overload_kill {
enable = true
mem_size = "30MB"
qlen = 20000
restart_after = "5s"
}
rotation {count = 10, enable = true}
single_line = true
supervisor_reports = "error"
sync_mode_qlen = 100
time_offset = "system"
}
}
}
Hello, it should be because your URL prefix is https://
, but you have disabled SSL
ssl {enable = false}
You can change it to:
ssl {enable = true, verify = "verify_peer"}
url = "https://bfd3-180-252-173-9.ap.ngrok.io/mq/auth"
At the same time you also need to provide the correct SSL configuration, such as cacertfile
or
ssl {enable = false, verify = "verify_peer"}
url = "http://bfd3-180-252-173-9.ap.ngrok.io/mq/auth"
There is indeed a problem with the readability of the error report here, and I have already reported it to the R&D team.
In addition, if the authentication here is not what you need, you can also directly delete the authentication part of the configuration.
Thanks for the reply.
I change ssl {enable = false}
to true
and restart the EMQX,
Now the authentication page is working.
Thanks.