Hi everyone,
A few years ago I experimented with Zabbix installed on Ubuntu 16.
Now, a few years later, I want to put it to full use.
I downloaded the Applicance image. It is based Ubuntu 16.04, instead of the expected CentOS, because most documentation is for CentOS. Where is the documentation for Ubuntu ? Or why was the appliance created with Ubuntu instead of CentOS ?
Now I want to enable httpS for the webinterface, but I cannot get it to function correctly.
I have tried numerous things.
site-file is:
/etc/apache2/conf-available/zabbix.conf
Which is contrary to any non-Zabbix-documentation found online.
Even with that conf-file disabled and enabling a new site-file with contents used from online manuals I cannot get it to function.
Among other information found I think these two are the most important, but I am not sure:
I have the certificate-files (.key and .crt, wildcard) already available.
SSL-module has been enabled:
And after each change to see if it would work I restarted apache:
Contents of the original /etc/apache2/conf-available/zabbix.conf :
What is the correct way to add the lines mentioned in the Zabbix-documentation?
I altered the path to the certificates. It was pointing to /etc/httpd/ssl
For security-reasons I anonymised the domain name.
I hope you can help both me and others on this subject.
A few years ago I experimented with Zabbix installed on Ubuntu 16.
Now, a few years later, I want to put it to full use.
I downloaded the Applicance image. It is based Ubuntu 16.04, instead of the expected CentOS, because most documentation is for CentOS. Where is the documentation for Ubuntu ? Or why was the appliance created with Ubuntu instead of CentOS ?
Now I want to enable httpS for the webinterface, but I cannot get it to function correctly.
I have tried numerous things.
site-file is:
/etc/apache2/conf-available/zabbix.conf
Which is contrary to any non-Zabbix-documentation found online.
Even with that conf-file disabled and enabling a new site-file with contents used from online manuals I cannot get it to function.
Among other information found I think these two are the most important, but I am not sure:
I have the certificate-files (.key and .crt, wildcard) already available.
SSL-module has been enabled:
Code:
a2enmod ssl
Code:
service apache2 restart
Code:
# Define /zabbix alias, this is the default
<IfModule mod_alias.c>
Alias /zabbix /usr/share/zabbix
</IfModule>
<Directory "/usr/share/zabbix">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
<IfModule mod_php5.c>
php_value max_execution_time 300
php_value memory_limit 128M
php_value post_max_size 16M
php_value upload_max_filesize 2M
php_value max_input_time 300
php_value max_input_vars 10000
php_value always_populate_raw_post_data -1
php_value date.timezone Europe/Amsterdam
</IfModule>
<IfModule mod_php7.c>
php_value max_execution_time 300
php_value memory_limit 128M
php_value post_max_size 16M
php_value upload_max_filesize 2M
php_value max_input_time 300
php_value max_input_vars 10000
php_value always_populate_raw_post_data -1
php_value date.timezone Europe/Amsterdam
</IfModule>
</Directory>
<Directory "/usr/share/zabbix/conf">
Order deny,allow
Deny from all
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
<Directory "/usr/share/zabbix/app">
Order deny,allow
Deny from all
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
<Directory "/usr/share/zabbix/include">
Order deny,allow
Deny from all
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
<Directory "/usr/share/zabbix/local">
Order deny,allow
Deny from all
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
What is the correct way to add the lines mentioned in the Zabbix-documentation?
I altered the path to the certificates. It was pointing to /etc/httpd/ssl
For security-reasons I anonymised the domain name.
Code:
DocumentRoot "/usr/share/zabbix" ServerName zabbix.mydomain.nl:443 SSLCertificateFile /etc/apache2/ssl/mydomain.nl.crt SSLCertificateKeyFile /etc/apache2/ssl/mydomain.nl.key
I hope you can help both me and others on this subject.