Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dashboard container in docker: Blank page, empty reply from server #1591

Open
arminus opened this issue Oct 22, 2024 · 2 comments
Open

Dashboard container in docker: Blank page, empty reply from server #1591

arminus opened this issue Oct 22, 2024 · 2 comments
Assignees
@vcerenu
Labels
community

Comments

@arminus
Copy link

arminus commented Oct 22, 2024

Installation as outlined in https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html only change is that I map the dashboard's 5601 to external 5601 since 443 is already taken on that box (but using 443 makes no difference). All containers start without apparent errors but I only get a blank page on 5601 and this from curl:

curl --trace - localhost:5601
== Info:   Trying 127.0.0.1:5601...
== Info: Connected to localhost (127.0.0.1) port 5601 (#0)
=> Send header, 78 bytes (0x4e)
0000: 47 45 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a GET / HTTP/1.1..
0010: 48 6f 73 74 3a 20 6c 6f 63 61 6c 68 6f 73 74 3a Host: localhost:
0020: 35 36 30 31 0d 0a 55 73 65 72 2d 41 67 65 6e 74 5601..User-Agent
0030: 3a 20 63 75 72 6c 2f 37 2e 38 38 2e 31 0d 0a 41 : curl/7.88.1..A
0040: 63 63 65 70 74 3a 20 2a 2f 2a 0d 0a 0d 0a       ccept: */*....
== Info: Empty reply from server
== Info: Closing connection 0
curl: (52) Empty reply from server

curl https://localhost:9200/_cluster/health\?pretty -k -u admin:SecretPassword

{
  "cluster_name" : "opensearch",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 1,
  "number_of_data_nodes" : 1,
  "discovered_master" : true,
  "discovered_cluster_manager" : true,
  "active_primary_shards" : 11,
  "active_shards" : 11,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.0
}

docker ps

2d7e5b0a3687   wazuh/wazuh-dashboard:4.9.1                  "/entrypoint.sh"         About an hour ago   Up About an hour       443/tcp, 0.0.0.0:5601->5601/tcp, :::5601->5601/tcp                                                                                                              single-node-wazuh.dashboard-1
72ceb476dead   wazuh/wazuh-indexer:4.9.1                    "/entrypoint.sh open…"   About an hour ago   Up About an hour       0.0.0.0:9200->9200/tcp, :::9200->9200/tcp                                                                                                                       single-node-wazuh.indexer-1
141ea31619f0   wazuh/wazuh-manager:4.9.1                    "/init"                  About an hour ago   Up About an hour       0.0.0.0:1514-1515->1514-1515/tcp, :::1514-1515->1514-1515/tcp, 0.0.0.0:514->514/udp, :::514->514/udp, 0.0.0.0:55000->55000/tcp, :::55000->55000/tcp, 1516/tcp   single-node-wazuh.manager-1

netstat for 5601

tcp        0      0 0.0.0.0:5601            0.0.0.0:*               LISTEN      3972021/docker-prox

OS: Debian 12

Docker Info

Client: Docker Engine - Community Version: 27.3.1 Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.17.1 Path: /usr/libexec/docker/cli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.29.7 Path: /usr/libexec/docker/cli-plugins/docker-compose

Server:
Containers: 10
Running: 10
Paused: 0
Stopped: 0
Images: 21
Server Version: 27.3.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
runc version: v1.1.14-0-g2c9f560
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.1.0-26-amd64
Operating System: Debian GNU/Linux 12 (bookworm)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.823GiB
Name: netcup02
ID: ce9c6f84-9fd3-40e6-b231-395f8e4e496f
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

Manager logs:
_single-node-wazuh.manager-1_logs.txt

Indexer logs:
_single-node-wazuh.indexer-1_logs.txt

Dashboard logs:
_single-node-wazuh.dashboard-1_logs.txt

What can I do to further debug this and/or get more log output?
@vcerenu vcerenu self-assigned this Oct 29, 2024
@vcerenu
Copy link
Member

vcerenu commented Oct 29, 2024

Hi @arminus

I'm trying the change you mentioned and I have a connection to the dashboard.

  • single-node/docker-compose.yml
  wazuh.dashboard:
    image: wazuh/wazuh-dashboard:4.9.1
    hostname: wazuh.dashboard
    restart: always
    ports:
      - 5601:5601
    environment:
      - INDEXER_USERNAME=admin
      - INDEXER_PASSWORD=SecretPassword
      - WAZUH_API_URL=https://wazuh.manager
      - DASHBOARD_USERNAME=kibanaserver
      - DASHBOARD_PASSWORD=kibanaserver
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
    volumes:
      - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
      - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
      - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
      - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
    depends_on:
      - wazuh.indexer
    links:
      - wazuh.indexer:wazuh.indexer
      - wazuh.manager:wazuh.manager

I did the test you added in the description, for both localhost and 0.0.0.0:

$ curl --trace - localhost:5601
== Info: Host localhost:5601 was resolved.
== Info: IPv6: ::1
== Info: IPv4: 127.0.0.1
== Info:   Trying [::1]:5601...
== Info: Connected to localhost (::1) port 5601
=> Send header, 77 bytes (0x4d)
0000: 47 45 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a GET / HTTP/1.1..
0010: 48 6f 73 74 3a 20 6c 6f 63 61 6c 68 6f 73 74 3a Host: localhost:
0020: 35 36 30 31 0d 0a 55 73 65 72 2d 41 67 65 6e 74 5601..User-Agent
0030: 3a 20 63 75 72 6c 2f 38 2e 35 2e 30 0d 0a 41 63 : curl/8.5.0..Ac
0040: 63 65 70 74 3a 20 2a 2f 2a 0d 0a 0d 0a          cept: */*....
== Info: Empty reply from server
== Info: Closing connection
curl: (52) Empty reply from server
$ curl --trace - 0.0.0.0:5601
== Info:   Trying 0.0.0.0:5601...
== Info: Connected to 0.0.0.0 (127.0.0.1) port 5601
=> Send header, 75 bytes (0x4b)
0000: 47 45 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a GET / HTTP/1.1..
0010: 48 6f 73 74 3a 20 30 2e 30 2e 30 2e 30 3a 35 36 Host: 0.0.0.0:56
0020: 30 31 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 01..User-Agent: 
0030: 63 75 72 6c 2f 38 2e 35 2e 30 0d 0a 41 63 63 65 curl/8.5.0..Acce
0040: 70 74 3a 20 2a 2f 2a 0d 0a 0d 0a                pt: */*....
== Info: Empty reply from server
== Info: Closing connection
curl: (52) Empty reply from server

After this I performed the test by adding https:// before the tested host:

$ curl --trace - https://0.0.0.0:5601
== Info:   Trying 0.0.0.0:5601...
== Info: Connected to 0.0.0.0 (127.0.0.1) port 5601
== Info: ALPN: curl offers h2,http/1.1
=> Send SSL data, 5 bytes (0x5)
0000: 16 03 01 02 00                                  .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: 01 00 01 fc 03 03 f1 d1 50 80 2e 87 92 90 c0 d8 ........P.......
0010: 0d a3 f2 a6 61 16 7b c3 75 89 74 6e 5d 91 db 55 ....a.{.u.tn]..U
0020: 6a 0a 83 d2 26 3d 20 dd 06 13 5c da 56 15 73 8c j...&= ...\.V.s.
0030: 87 b7 f5 8b 83 5c b3 a4 96 e2 29 1d 5e fd 71 6f .....\....).^.qo
0040: 1e d1 73 97 22 66 83 00 3e 13 02 13 03 13 01 c0 ..s."f..>.......
0050: 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 ,.0.........+./.
0060: 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 ..$.(.k.#.'.g...
0070: 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 ..9.....3.....=.
0080: 3c 00 35 00 2f 00 ff 01 00 01 75 00 0b 00 04 03 <.5./.....u.....
0090: 00 01 02 00 0a 00 16 00 14 00 1d 00 17 00 1e 00 ................
00a0: 19 00 18 01 00 01 01 01 02 01 03 01 04 00 10 00 ................
00b0: 0e 00 0c 02 68 32 08 68 74 74 70 2f 31 2e 31 00 ....h2.http/1.1.
00c0: 16 00 00 00 17 00 00 00 31 00 00 00 0d 00 2a 00 ........1.....*.
00d0: 28 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 (...............
00e0: 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 03 ................
00f0: 01 03 02 04 02 05 02 06 02 00 2b 00 05 04 03 04 ..........+.....
0100: 03 03 00 2d 00 02 01 01 00 33 00 26 00 24 00 1d ...-.....3.&.$..
0110: 00 20 fc 56 88 5d f1 bb ac c2 6f da 69 52 c8 03 . .V.]....o.iR..
0120: 23 ce e1 11 24 3d 46 32 3e fc b0 a9 f8 15 c5 f8 #...$=F2>.......
0130: 2c 7d 00 15 00 ca 00 00 00 00 00 00 00 00 00 00 ,}..............
0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
== Info:  CAfile: /etc/ssl/certs/ca-certificates.crt
== Info:  CApath: /etc/ssl/certs
<= Recv SSL data, 5 bytes (0x5)
0000: 16 03 03 00 7a                                  ....z
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 122 bytes (0x7a)
0000: 02 00 00 76 03 03 41 25 92 41 d4 37 31 51 a1 86 ...v..A%.A.71Q..
0010: 0c 83 bc 3e 1e 35 69 96 8a 45 88 d0 13 38 df f2 ...>.5i..E...8..
0020: dc 24 d7 7b 07 a9 20 dd 06 13 5c da 56 15 73 8c .$.{.. ...\.V.s.
0030: 87 b7 f5 8b 83 5c b3 a4 96 e2 29 1d 5e fd 71 6f .....\....).^.qo
0040: 1e d1 73 97 22 66 83 13 02 00 00 2e 00 2b 00 02 ..s."f.......+..
0050: 03 04 00 33 00 24 00 1d 00 20 b0 f2 6b ff 81 50 ...3.$... ..k..P
0060: 48 91 3e 69 d5 a4 84 39 d0 93 6a c1 71 6c ce 62 H.>i...9..j.ql.b
0070: 7c c2 e3 1a c9 36 9b bd d2 4f                   |....6...O
<= Recv SSL data, 5 bytes (0x5)
0000: 14 03 03 00 01                                  .....
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 00 26                                  ....&
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
<= Recv SSL data, 21 bytes (0x15)
0000: 08 00 00 11 00 0f 00 10 00 0b 00 09 08 68 74 74 .............htt
0010: 70 2f 31 2e 31                                  p/1.1
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 03 98                                  .....
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 903 bytes (0x387)
0000: 0b 00 03 83 00 00 03 7f 00 03 7a 30 82 03 76 30 ..........z0..v0
0010: 82 02 5e a0 03 02 01 02 02 14 67 b8 da de b9 92 ..^.......g.....
0020: fe e6 25 c7 09 87 9d f0 b2 45 45 b8 ee 87 30 0d ..%......EE...0.
0030: 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 35 31 ..*.H........051
0040: 0e 30 0c 06 03 55 04 0b 0c 05 57 61 7a 75 68 31 .0...U....Wazuh1
0050: 0e 30 0c 06 03 55 04 0a 0c 05 57 61 7a 75 68 31 .0...U....Wazuh1
0060: 13 30 11 06 03 55 04 07 0c 0a 43 61 6c 69 66 6f .0...U....Califo
0070: 72 6e 69 61 30 1e 17 0d 32 34 31 30 32 39 31 32 rnia0...24102912
0080: 32 39 33 32 5a 17 0d 33 34 31 30 32 37 31 32 32 2932Z..341027122
0090: 39 33 32 5a 30 5c 31 0b 30 09 06 03 55 04 06 13 932Z0\1.0...U...
00a0: 02 55 53 31 13 30 11 06 03 55 04 07 0c 0a 43 61 .US1.0...U....Ca
00b0: 6c 69 66 6f 72 6e 69 61 31 0e 30 0c 06 03 55 04 lifornia1.0...U.
00c0: 0a 0c 05 57 61 7a 75 68 31 0e 30 0c 06 03 55 04 ...Wazuh1.0...U.
00d0: 0b 0c 05 57 61 7a 75 68 31 18 30 16 06 03 55 04 ...Wazuh1.0...U.
00e0: 03 0c 0f 77 61 7a 75 68 2e 64 61 73 68 62 6f 61 ...wazuh.dashboa
00f0: 72 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d rd0.."0...*.H...
0100: 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 ..........0.....
0110: 01 01 00 9e 55 ec 72 9b 73 8e 06 d0 0b e9 a8 a1 ....U.r.s.......
0120: 1a 51 41 39 d3 aa 5c 08 d3 8e a1 c8 f9 c4 8a 09 .QA9..\.........
0130: b6 e9 7d 22 05 0d 89 0a d6 42 97 08 e4 ab a8 14 ..}".....B......
0140: 0e 54 76 ba ab fa ae 8e 01 29 a9 01 4c a4 6b 47 .Tv......)..L.kG
0150: 86 17 21 d1 f7 87 73 3f 6d 04 05 64 66 89 63 3b ..!...s?m..df.c;
0160: c4 97 17 27 45 a4 05 8c d5 d8 76 0f d2 7c 9b 85 ...'E.....v..|..
0170: 3c ce 2f d7 0d 4b be d5 d2 48 2c a9 1f dc d4 8e <./..K...H,.....
0180: 4a a9 ba 86 26 4c a4 7f ac a6 93 e3 9b 1b 84 9e J...&L..........
0190: a9 ca 48 e6 87 da bb 0a 94 84 65 b7 d6 31 36 cd ..H.......e..16.
01a0: 50 80 fc be 99 76 71 fc 1c 9b 51 e0 80 4d 6b 3f P....vq...Q..Mk?
01b0: d4 b3 f5 4e 03 3b db 59 c2 48 5b 23 ac 72 f6 4f ...N.;.Y.H[#.r.O
01c0: 6a 44 01 03 0e 77 4c da b9 62 f4 e8 5f 0e 26 3c jD...wL..b.._.&<
01d0: 15 df 74 ae 9f d6 67 43 35 79 3a b9 9d 0d 8a 27 ..t...gC5y:....'
01e0: 43 85 68 89 15 ef b5 1d 77 f3 17 51 ed 46 ef ba C.h.....w..Q.F..
01f0: fe d3 7d 9e 1d b2 29 a3 85 8c 4a da 35 7d 32 d2 ..}...)...J.5}2.
0200: 63 de 75 24 50 40 36 a1 c6 37 a6 32 a3 cf 3a d1 [email protected]..:.
0210: 2c ba 49 02 03 01 00 01 a3 57 30 55 30 1f 06 03 ,.I......W0U0...
0220: 55 1d 23 04 18 30 16 80 14 0e dc 5b 29 5b d5 7a U.#..0.....[)[.z
0230: f8 2c 92 df 6b dc 37 31 6e cd 54 b9 c5 30 09 06 .,..k.71n.T..0..
0240: 03 55 1d 13 04 02 30 00 30 0b 06 03 55 1d 0f 04 .U....0.0...U...
0250: 04 03 02 04 f0 30 1a 06 03 55 1d 11 04 13 30 11 .....0...U....0.
0260: 82 0f 77 61 7a 75 68 2e 64 61 73 68 62 6f 61 72 ..wazuh.dashboar
0270: 64 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 d0...*.H........
0280: 03 82 01 01 00 3d ee 23 13 09 8e de fd e9 0a 4c .....=.#.......L
0290: d2 62 5d 4e f2 bc ff 6f c4 31 79 20 63 e9 db f2 .b]N...o.1y c...
02a0: d0 4f 73 6d 80 72 15 ac 99 78 79 cc e0 ab dc 4d .Osm.r...xy....M
02b0: 30 ce 49 6b 36 ae d5 53 46 f7 71 94 4f 2d 85 70 0.Ik6..SF.q.O-.p
02c0: 8e 67 d6 e3 28 ec ac 40 b8 f2 6b 4e 59 6a 0a 48 .g..([email protected]
02d0: da f7 e1 b1 5a b2 ca 46 5a 71 06 e7 21 f3 ce 9e ....Z..FZq..!...
02e0: 68 62 58 af 96 03 19 52 1f 01 4a 21 d0 87 2c da hbX....R..J!..,.
02f0: b9 c1 92 07 5c 49 a5 c4 4d 57 46 01 66 89 19 ce ....\I..MWF.f...
0300: 35 8b a6 9b 9d 62 82 22 b8 2a 11 72 92 4f 1f 79 5....b.".*.r.O.y
0310: d1 45 61 02 0f ad a5 85 07 dd da e1 d5 26 31 04 .Ea..........&1.
0320: e1 ca 5c 0a 22 c9 5f 4f 8a ae b4 9b 03 48 27 75 ..\."._O.....H'u
0330: c1 ac ba 23 7e 04 fa 85 46 e8 b0 eb 79 c4 08 c7 ...#~...F...y...
0340: 30 91 05 e2 52 c8 45 44 35 d7 35 b6 0b 80 f1 9b 0...R.ED5.5.....
0350: b7 44 dd 60 25 b7 f3 69 52 dc 8c fd ec e7 a7 2b .D.`%..iR......+
0360: b3 78 88 15 13 39 81 8f cb db 6a a5 fc c4 33 1a .x...9....j...3.
0370: 1f fa ba b6 b5 8e 91 b5 b0 05 50 f4 f1 b4 e8 5f ..........P...._
0380: 89 47 1d 9a c7 00 00                            .G.....
=> Send SSL data, 5 bytes (0x5)
0000: 15 03 03 00 02                                  .....
== Info: TLSv1.3 (OUT), TLS alert, unknown CA (560):
=> Send SSL data, 2 bytes (0x2)
0000: 02 30                                           .0
== Info: SSL certificate problem: unable to get local issuer certificate
== Info: Closing connection
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
$ curl --trace - https://0.0.0.0:5601
== Info:   Trying 0.0.0.0:5601...
== Info: Connected to 0.0.0.0 (127.0.0.1) port 5601
== Info: ALPN: curl offers h2,http/1.1
=> Send SSL data, 5 bytes (0x5)
0000: 16 03 01 02 00                                  .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: 01 00 01 fc 03 03 42 31 74 de 18 3d ad 5f 11 96 ......B1t..=._..
0010: 11 49 cd 5f 23 d4 77 f8 94 fe 94 f5 11 58 90 38 .I._#.w......X.8
0020: 65 55 5d b7 bf b1 20 8f 4c 52 69 f5 7b d2 58 b6 eU]... .LRi.{.X.
0030: d3 fb 6b 38 2f 3b f1 f7 1a aa e8 bb 36 e1 a1 d3 ..k8/;......6...
0040: 49 87 2f 58 2f 18 18 00 3e 13 02 13 03 13 01 c0 I./X/...>.......
0050: 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 ,.0.........+./.
0060: 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 ..$.(.k.#.'.g...
0070: 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 ..9.....3.....=.
0080: 3c 00 35 00 2f 00 ff 01 00 01 75 00 0b 00 04 03 <.5./.....u.....
0090: 00 01 02 00 0a 00 16 00 14 00 1d 00 17 00 1e 00 ................
00a0: 19 00 18 01 00 01 01 01 02 01 03 01 04 00 10 00 ................
00b0: 0e 00 0c 02 68 32 08 68 74 74 70 2f 31 2e 31 00 ....h2.http/1.1.
00c0: 16 00 00 00 17 00 00 00 31 00 00 00 0d 00 2a 00 ........1.....*.
00d0: 28 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 (...............
00e0: 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 03 ................
00f0: 01 03 02 04 02 05 02 06 02 00 2b 00 05 04 03 04 ..........+.....
0100: 03 03 00 2d 00 02 01 01 00 33 00 26 00 24 00 1d ...-.....3.&.$..
0110: 00 20 36 c6 27 12 0d 4e 3c 24 df 1c 04 75 c6 81 . 6.'..N<$...u..
0120: d3 ea de 3f 91 74 0c 4e 13 33 0b cc b2 16 f3 85 ...?.t.N.3......
0130: b2 64 00 15 00 ca 00 00 00 00 00 00 00 00 00 00 .d..............
0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
== Info:  CAfile: /etc/ssl/certs/ca-certificates.crt
== Info:  CApath: /etc/ssl/certs
<= Recv SSL data, 5 bytes (0x5)
0000: 16 03 03 00 7a                                  ....z
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 122 bytes (0x7a)
0000: 02 00 00 76 03 03 30 be 3f d1 fd f7 bc 04 eb 79 ...v..0.?......y
0010: c6 e6 57 f9 38 cb 34 25 8d 6f 04 70 60 eb a9 ef ..W.8.4%.o.p`...
0020: bb 20 42 b9 2f ef 20 8f 4c 52 69 f5 7b d2 58 b6 . B./. .LRi.{.X.
0030: d3 fb 6b 38 2f 3b f1 f7 1a aa e8 bb 36 e1 a1 d3 ..k8/;......6...
0040: 49 87 2f 58 2f 18 18 13 02 00 00 2e 00 2b 00 02 I./X/........+..
0050: 03 04 00 33 00 24 00 1d 00 20 63 24 d0 cf de fa ...3.$... c$....
0060: 39 6e c5 46 19 6a c2 58 e8 d9 19 96 db 93 6f 64 9n.F.j.X......od
0070: c8 cb 3e 7e a9 48 f6 57 a8 69                   ..>~.H.W.i
<= Recv SSL data, 5 bytes (0x5)
0000: 14 03 03 00 01                                  .....
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 00 26                                  ....&
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
<= Recv SSL data, 21 bytes (0x15)
0000: 08 00 00 11 00 0f 00 10 00 0b 00 09 08 68 74 74 .............htt
0010: 70 2f 31 2e 31                                  p/1.1
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 03 98                                  .....
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 903 bytes (0x387)
0000: 0b 00 03 83 00 00 03 7f 00 03 7a 30 82 03 76 30 ..........z0..v0
0010: 82 02 5e a0 03 02 01 02 02 14 67 b8 da de b9 92 ..^.......g.....
0020: fe e6 25 c7 09 87 9d f0 b2 45 45 b8 ee 87 30 0d ..%......EE...0.
0030: 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 35 31 ..*.H........051
0040: 0e 30 0c 06 03 55 04 0b 0c 05 57 61 7a 75 68 31 .0...U....Wazuh1
0050: 0e 30 0c 06 03 55 04 0a 0c 05 57 61 7a 75 68 31 .0...U....Wazuh1
0060: 13 30 11 06 03 55 04 07 0c 0a 43 61 6c 69 66 6f .0...U....Califo
0070: 72 6e 69 61 30 1e 17 0d 32 34 31 30 32 39 31 32 rnia0...24102912
0080: 32 39 33 32 5a 17 0d 33 34 31 30 32 37 31 32 32 2932Z..341027122
0090: 39 33 32 5a 30 5c 31 0b 30 09 06 03 55 04 06 13 932Z0\1.0...U...
00a0: 02 55 53 31 13 30 11 06 03 55 04 07 0c 0a 43 61 .US1.0...U....Ca
00b0: 6c 69 66 6f 72 6e 69 61 31 0e 30 0c 06 03 55 04 lifornia1.0...U.
00c0: 0a 0c 05 57 61 7a 75 68 31 0e 30 0c 06 03 55 04 ...Wazuh1.0...U.
00d0: 0b 0c 05 57 61 7a 75 68 31 18 30 16 06 03 55 04 ...Wazuh1.0...U.
00e0: 03 0c 0f 77 61 7a 75 68 2e 64 61 73 68 62 6f 61 ...wazuh.dashboa
00f0: 72 64 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d rd0.."0...*.H...
0100: 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 ..........0.....
0110: 01 01 00 9e 55 ec 72 9b 73 8e 06 d0 0b e9 a8 a1 ....U.r.s.......
0120: 1a 51 41 39 d3 aa 5c 08 d3 8e a1 c8 f9 c4 8a 09 .QA9..\.........
0130: b6 e9 7d 22 05 0d 89 0a d6 42 97 08 e4 ab a8 14 ..}".....B......
0140: 0e 54 76 ba ab fa ae 8e 01 29 a9 01 4c a4 6b 47 .Tv......)..L.kG
0150: 86 17 21 d1 f7 87 73 3f 6d 04 05 64 66 89 63 3b ..!...s?m..df.c;
0160: c4 97 17 27 45 a4 05 8c d5 d8 76 0f d2 7c 9b 85 ...'E.....v..|..
0170: 3c ce 2f d7 0d 4b be d5 d2 48 2c a9 1f dc d4 8e <./..K...H,.....
0180: 4a a9 ba 86 26 4c a4 7f ac a6 93 e3 9b 1b 84 9e J...&L..........
0190: a9 ca 48 e6 87 da bb 0a 94 84 65 b7 d6 31 36 cd ..H.......e..16.
01a0: 50 80 fc be 99 76 71 fc 1c 9b 51 e0 80 4d 6b 3f P....vq...Q..Mk?
01b0: d4 b3 f5 4e 03 3b db 59 c2 48 5b 23 ac 72 f6 4f ...N.;.Y.H[#.r.O
01c0: 6a 44 01 03 0e 77 4c da b9 62 f4 e8 5f 0e 26 3c jD...wL..b.._.&<
01d0: 15 df 74 ae 9f d6 67 43 35 79 3a b9 9d 0d 8a 27 ..t...gC5y:....'
01e0: 43 85 68 89 15 ef b5 1d 77 f3 17 51 ed 46 ef ba C.h.....w..Q.F..
01f0: fe d3 7d 9e 1d b2 29 a3 85 8c 4a da 35 7d 32 d2 ..}...)...J.5}2.
0200: 63 de 75 24 50 40 36 a1 c6 37 a6 32 a3 cf 3a d1 [email protected]..:.
0210: 2c ba 49 02 03 01 00 01 a3 57 30 55 30 1f 06 03 ,.I......W0U0...
0220: 55 1d 23 04 18 30 16 80 14 0e dc 5b 29 5b d5 7a U.#..0.....[)[.z
0230: f8 2c 92 df 6b dc 37 31 6e cd 54 b9 c5 30 09 06 .,..k.71n.T..0..
0240: 03 55 1d 13 04 02 30 00 30 0b 06 03 55 1d 0f 04 .U....0.0...U...
0250: 04 03 02 04 f0 30 1a 06 03 55 1d 11 04 13 30 11 .....0...U....0.
0260: 82 0f 77 61 7a 75 68 2e 64 61 73 68 62 6f 61 72 ..wazuh.dashboar
0270: 64 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 d0...*.H........
0280: 03 82 01 01 00 3d ee 23 13 09 8e de fd e9 0a 4c .....=.#.......L
0290: d2 62 5d 4e f2 bc ff 6f c4 31 79 20 63 e9 db f2 .b]N...o.1y c...
02a0: d0 4f 73 6d 80 72 15 ac 99 78 79 cc e0 ab dc 4d .Osm.r...xy....M
02b0: 30 ce 49 6b 36 ae d5 53 46 f7 71 94 4f 2d 85 70 0.Ik6..SF.q.O-.p
02c0: 8e 67 d6 e3 28 ec ac 40 b8 f2 6b 4e 59 6a 0a 48 .g..([email protected]
02d0: da f7 e1 b1 5a b2 ca 46 5a 71 06 e7 21 f3 ce 9e ....Z..FZq..!...
02e0: 68 62 58 af 96 03 19 52 1f 01 4a 21 d0 87 2c da hbX....R..J!..,.
02f0: b9 c1 92 07 5c 49 a5 c4 4d 57 46 01 66 89 19 ce ....\I..MWF.f...
0300: 35 8b a6 9b 9d 62 82 22 b8 2a 11 72 92 4f 1f 79 5....b.".*.r.O.y
0310: d1 45 61 02 0f ad a5 85 07 dd da e1 d5 26 31 04 .Ea..........&1.
0320: e1 ca 5c 0a 22 c9 5f 4f 8a ae b4 9b 03 48 27 75 ..\."._O.....H'u
0330: c1 ac ba 23 7e 04 fa 85 46 e8 b0 eb 79 c4 08 c7 ...#~...F...y...
0340: 30 91 05 e2 52 c8 45 44 35 d7 35 b6 0b 80 f1 9b 0...R.ED5.5.....
0350: b7 44 dd 60 25 b7 f3 69 52 dc 8c fd ec e7 a7 2b .D.`%..iR......+
0360: b3 78 88 15 13 39 81 8f cb db 6a a5 fc c4 33 1a .x...9....j...3.
0370: 1f fa ba b6 b5 8e 91 b5 b0 05 50 f4 f1 b4 e8 5f ..........P...._
0380: 89 47 1d 9a c7 00 00                            .G.....
=> Send SSL data, 5 bytes (0x5)
0000: 15 03 03 00 02                                  .....
== Info: TLSv1.3 (OUT), TLS alert, unknown CA (560):
=> Send SSL data, 2 bytes (0x2)
0000: 02 30                                           .0
== Info: SSL certificate problem: unable to get local issuer certificate
== Info: Closing connection
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

I recommend that you try to enter https://0.0.0.0:5601 to see if you can access the dashboard, since the assignment to localhost may depend on the configuration of the host where you are performing these tests.

@arminus
Copy link
Author

arminus commented Oct 30, 2024
edited
Loading

Thanks for looking into this. The reason was actually twofold. Originally, I had tried to run this through a caddy proxy which still doesn't work (but then it probably doesn't make sense to put an https proxy in front of an https endpoint on 5601?). When I began testing accessing it directly on port 5601, I had forgotten that on this box I need to also add ufw forward rules to the docker network (and not plain in rules) - the lack of which actually blocked access to 5601 from the outside.

So, all well now, I'd just like to know if and how I could runs this behind a caddy proxy. I use https://github.com/lucaslorentz/caddy-docker-proxy across the board (here with an upstreams 5601) , with Wazuh, I only get a blank page, not the login when I access it through the proxy.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vcerenu vcerenu

Labels
community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@arminus @vcerenu