Mattermost site cant be reach the IP address could not be found

Hello,
when try to active mattermost, I get this message on browser:

This site can’t be reached
chat.tst.loc** ’s server IP address could not be found.

after specify the domain name of mattermost,and checking virtualhost there is no one creating for it.
and after checking logs look like there is nothing wrong.
and when trying to adding virtualhost like mattermost domain and get like the main domain of nethserver.
Best Regards

httpd -S
systemctl status mattermost

Please what is the output

httpd -S

VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:12)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:12)
         port 80 namevhost chat.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:67)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:152)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:9)
         port 80 namevhost chat.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:13)
*:443                  is a NameVirtualHost
         default server th.tst.loc (/etc/httpd/conf.d/nethserver.conf:44)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/nethserver.conf:44)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost chat.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:24)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:106)
         port 443 namevhost chat.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:18)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

systemctl status mattermost

● mattermost.service - Mattermost
   Loaded: loaded (/usr/lib/systemd/system/mattermost.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2020-02-19 20:32:39 +03; 3 days ago
 Main PID: 14640 (mattermost)
   CGroup: /system.slice/mattermost.service
           ├─14640 /opt/mattermost/bin/mattermost
           └─15013 plugins/com.mattermost.nps/server/dist/plugin-linux-amd64

Feb 19 20:32:39 th.tst.loc systemd[1]: Started Mattermost.

after check /etc/httpd/conf.d was there zz_* one of them for mattermost with the name of it’s domain name:

cat /etc/httpd/conf.d/zz_mattermost.conf

# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 
<VirtualHost *:80>
    IncludeOptional conf.d/default-virtualhost.inc
</VirtualHost>
<VirtualHost *:80>
   ServerName chat.tst.loc
   RedirectMatch 301 ^(?!/\.well-known/acme-challenge/).* https://chat.tst.loc
</VirtualHost>
<VirtualHost *:443>
  ServerName chat.tst.loc
  SSLEngine on
  ProxyPreserveHost On
  # setup the proxy
  <Proxy *>
         Order allow,deny
         Allow from all
  </Proxy>
  # Set web sockets
  RewriteEngine On
  RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
  RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
  RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
  RewriteRule .* ws://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  # Force SSL redirect
  RewriteCond %{HTTPS} !=on
  RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
  <LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
        Require all granted
        ProxyPass ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
        ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
        ProxyPassReverseCookieDomain 127.0.0.1 chat.tst.loc
  </LocationMatch>
  <Location />
        Require all granted
        ProxyPass http://127.0.0.1:8065/
        ProxyPassReverse http://127.0.0.1:8065/
        ProxyPassReverseCookieDomain 127.0.0.1 chat.tst.loc
  </Location>
</VirtualHost>

and after disable it from web-interface,the file still there and when enable it and changing domain changed to:

cat /etc/httpd/conf.d/zz_mattermost.conf

# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 
<VirtualHost *:80>
    IncludeOptional conf.d/default-virtualhost.inc
</VirtualHost>
<VirtualHost *:80>
   ServerName chit.tst.loc
   RedirectMatch 301 ^(?!/\.well-known/acme-challenge/).* https://chit.tst.loc
</VirtualHost>
<VirtualHost *:443>
  ServerName chit.tst.loc
  SSLEngine on
  ProxyPreserveHost On
  # setup the proxy
  <Proxy *>
         Order allow,deny
         Allow from all
  </Proxy>
  # Set web sockets
  RewriteEngine On
  RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
  RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
  RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
  RewriteRule .* ws://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  # Force SSL redirect
  RewriteCond %{HTTPS} !=on
  RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
  <LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
        Require all granted
        ProxyPass ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
        ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
        ProxyPassReverseCookieDomain 127.0.0.1 chit.tst.loc
  </LocationMatch>
  <Location />
        Require all granted
        ProxyPass http://127.0.0.1:8065/
        ProxyPassReverse http://127.0.0.1:8065/
        ProxyPassReverseCookieDomain 127.0.0.1 chit.tst.loc
  </Location>
</VirtualHost>

after changing domain name on mattermost

httpd -S

VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:12)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:12)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:70)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:9)
         port 80 namevhost chit.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:13)
*:443                  is a NameVirtualHost
         default server th.tst.loc (/etc/httpd/conf.d/nethserver.conf:44)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/nethserver.conf:44)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:24)
         port 443 namevhost chit.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:18)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

Best Regards

I cannot reproduce, I used the same domain name (with an internal dns redirection on my lan)

[root@ns7loc8 ~]# httpd -S
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:12)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/virtualhosts.conf:12)
         port 80 namevhost th.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:9)
         port 80 namevhost chat.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:13)
*:443                  is a NameVirtualHost
         default server th.tst.loc (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost th.tst.loc (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost chat.tst.loc (/etc/httpd/conf.d/zz_mattermost.conf:18)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default 
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

We can see some differences from your output, on your first httpd -S we saw that you created a vhost chat.tst.loc that is not needed, even a virtualhost with the default FQDN, it will break something

what is the output

db vhosts show
db proxypass show

at first logs was created vhost too fot chat.tst.loc manually but on chit.tst.loc just based on mattermost conf

db vhosts show

default=vhost
    Description=Default virtual host
    FtpPassword=
    FtpStatus=disabled
th=vhost
    Access=private
    Description=
    ForceSslStatus=enabled
    FtpStatus=disabled
    Indexes=disabled
    PasswordStatus=disabled
    ServerNames=th.tst.loc
    SslCertificate=/etc/pki/tls/certs/th-tst-loc.crt
    status=enabled

db proxypass show

no outpout
Thanks

I could be wrong but the vhost th is not needed since it is the FQDN of the server :-?

at least if you want to have some web share on the server with the FQDN, use simply /var/www/html to store it

Ok,

  1. what about server alias,I had it too?
  2. what you think the cause of problem of mattermost and should be on port:80 or else ?
    I remove it,nothing change

db vhosts show

default=vhost
    Description=Default virtual host
    FtpPassword=
    FtpStatus=disabled

Thanks

we need the errors message in

/var/log/httpd/error_log
/var/log/httpd/ssl_error_log

when the message is displayed in your browser, I feel the mistake is on your configuration since I cannot reproduce it.

What is the ssl certificate ?

How is possible when there is no request to chit.tst.loc (no ip)?
It’s self-signed certificate working well.
Thanks

/var/log/httpd/error_log

[Sun Feb 23 11:21:53.171587 2020] [mpm_prefork:notice] [pid 15622] AH00170: caught SIGWINCH, shutting down gracefully
[Sun Feb 23 11:21:54.335876 2020] [suexec:notice] [pid 20741] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Feb 23 11:21:54.342786 2020] [ssl:warn] [pid 20741] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Feb 23 11:21:54.411445 2020] [lbmethod_heartbeat:notice] [pid 20741] AH02282: No slotmem from mod_heartmonitor
[Sun Feb 23 11:21:54.418122 2020] [ssl:warn] [pid 20741] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Feb 23 11:21:54.503110 2020] [mpm_prefork:notice] [pid 20741] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured -- resuming normal operations
[Sun Feb 23 11:21:54.503146 2020] [core:notice] [pid 20741] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Sun Feb 23 13:51:14.189117 2020] [mpm_prefork:notice] [pid 20741] AH00171: Graceful restart requested, doing restart
[Sun Feb 23 13:51:14.277507 2020] [lbmethod_heartbeat:notice] [pid 20741] AH02282: No slotmem from mod_heartmonitor
[Sun Feb 23 13:51:14.282824 2020] [ssl:warn] [pid 20741] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Feb 23 13:51:14.373809 2020] [mpm_prefork:notice] [pid 20741] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 configured -- resuming normal operations
[Sun Feb 23 13:51:14.373826 2020] [core:notice] [pid 20741] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'

Show /var/log/httpd/ssl_error_log

no output
Thanks

not so bad, this is a warning because the domain name is not part of the SSL certs…

try to reproduce your configuration with a VM, and find where you have your issue

try also to use real domain name that a dns provider can point to your server, it could help also

the certificate support all of the server sub-domains
Ok,thanks

1 Like

still wondering

  1. why there is no ip reolve for the sub-domain for mattermost?
  2. when submit domain name for mattermost,look like gonna create vhost for it but there is no thing visible for it at web-interface?
  3. look like zz_mattermost.conf still aviable even after disable mattermost,are there place for site-availble or something like that?
  4. what mean of

remember to add the host name below to the "Domains" field inside the "Server certificate" page.

Thanks