Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1061
Views
1
Helpful
1
Replies

Cisco Business Dashboard certificate prevents starting the service.

Go to solution
DonP
Level 1
Level 1

‎03-21-2023 02:03 PM

I can no longer connect to the CBD GUI.  The issue is related to the wildcard certificate that I installed via CBD.

At the CBD VM Console, I sign in and get the status of the cisco-business-dashboard service.
This service keep restarting.  Ubuntu logs show that the service fails to start.  Every couple seconds, it tries to start again.

One error that the service sometimes reports is that it cannot start Nginx.
I check the status of Nginx (web service), and it is not running.
I tried to manually start it with this command:
/usr/lib/ciscobusiness/dashboard/bin/nginx -c /var/lib/ciscobusiness/dashboard/nginx/nginx.conf

This fails with this error:
SSL_CTX_use_certificate(“/var/lib/ciscobusiness/dashboard/certs/cert.pem”) failed
SSL_CTX_use_certificate:ee key too small

I recently uploaded the wildcard certificate we use companywide to the CBD via the GUI and the GUI accepted it without a problem. However, upon restarting the VM, it now looks like the underlying web service is rejecting the cert.
The GUI should have rejected the cert or it should configure Nginx to allow the cert.
Interestingly, CBD worked fine for 2 weeks until I restarted the VM.  Now Nginx no longer starts and I am stuck.

The only solution on the support community for a similar problem says to ‘contact the support centre’.
I tried that but was declined support because of not having a contract number (free version).

Any help you can provide to get the Business Dashboard working again would be appreciated.

Is there a way to set Nginx to allow this cert?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
DonP
Level 1
Level 1

‎03-23-2023 06:52 AM

Using this as a guide, I was able to regain access to CBD:

Ubuntu 20.04 - how to set lower SSL security level? - Ask Ubuntu

 

Edit openssl.conf file:

sudo nano /etc/ssl/openssl.cnf

Add this line at the top:

openssl_conf = openssl_init

And add these lines at the end:

[openssl_init]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
CipherString = DEFAULT@SECLEVEL=1

 

View solution in original post

1 Reply 1

Go to solution
DonP
Level 1
Level 1

‎03-23-2023 06:52 AM

Using this as a guide, I was able to regain access to CBD:

Ubuntu 20.04 - how to set lower SSL security level? - Ask Ubuntu

 

Edit openssl.conf file:

sudo nano /etc/ssl/openssl.cnf

Add this line at the top:

openssl_conf = openssl_init

And add these lines at the end:

[openssl_init]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
CipherString = DEFAULT@SECLEVEL=1

 

Customers Also Viewed These Support Documents