Hi. I’ve installed open ondemand on CentOS 8 using the GitHub - OSC/ood-ansible: An ansible playbook for Open Ondemand ansible role. I’m accessing the server just via IP.
I’m using OIDC for authentication and before I configured for SSL, Open Ondemand seemed to be “working” (as in it redirected me to the OIDC provider page, and then the redirect back failed because I’d given an https address to the provider as their redirect address in anticpation of getting SSL working, but that’s ok at this stage).
The critical bit in getting that far was setting:
to avoid the ansible role configuring a ServerName in the
<VirtualHost> config which seemed to break things.
I then started configuring for SSL, discovering that actually the mod_ssl package which gets installed generates keys, so I didn’t need to do that. But the global SSL config on the server didn’t appear to have any SSLProtocol configured, so I think a minimal ssl config is:
ssl: - SSLCertificateFile /etc/pki/tls/certs/localhost.crt - SSLCertificateKeyFile /etc/pki/tls/private/localhost.key - SSLProtocol TLSv1.2 TLSv1.3
However, now if I go to
https://<my.server.id> I get the default apache landing page (as shown here). Looking at the apache logs I can see this is using TLSv1.3.
Noting that the role configures an http → https redirect, I tried going to
http://<my.server.id>. This does redirect to
https://<my.server.id>:80/ but Chrome throws:
This site can’t provide a secure connection <my.server.ip> sent an invalid response. ERR_SSL_PROTOCOL_ERROR
Any suggestions please, I am getting totally stuck!