Non-AED Error Messages¶
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely.
If you get this error when you connect to the AED gui, this means that you have not configured AED to use the same SSL certificate you use for your website, and your have configured your website to prevent your browser from connecting to that hostname if the SSL certificate does not exactly match the same certificate your website uses.
- Change your AED gui certificate to match your websites certificate.
- Connect to the systems IP address
- (not recommended) Disable HSTS for your website
- Clearing this from your browser: http://classically.me/blogs/how-clear-hsts-settings-major-browsers
module sed_module is already loaded, skipping
- This means you have a third party installation of mod_sed that is attempting load this module twice. This message is benign and means apache has ignored this request. You can safely ignore this error message.
module unique_id_module is already loaded, skipping
- This means you have a third party installation of mod_unique_id that is attempting load this module twice. This message is benign and means apache has ignored this request. You can safely ignore this error message.
Syntax error on line 1 of /etc/httpd/conf.d/security2.conf: Cannot load /etc/httpd/modules/mod_security2.so into server: /etc/httpd/modules/mod_security2.so: cannot open shared object file: No such file or directory
- This means you have a third party installation of modsecurity that is attempting load modsecurity twice, and is likely breaking your current modsecurity installation with multiple potentially conflicting configuration settings for modsecurity. Remove and disable any third party modsecurity installations.
Aborted connection 12345 to db: ‘tortix’ user: ‘tortix’ host: ‘localhost’ (Got an error reading communication packets)
When a client or application unable to connect to mysql, the mysql server increments the Aborted_connects status variable. Unsuccessful connection attempts can occur for the following reasons:
- AED is attempting to connect to the tortix database, but has no privileges to access the database
- AED is configured to use the wrong password to log into its database
- It takes more than connect_timeout seconds to obtain a connect packet. (This is the most common cause)
This can also occur if the mysql connection is improperly disconnect or is terminated, in which case the mysql server increments the Aborted_clients status variable, and logs an Aborted connection message to the error log. The cause can be any of the following:
- The client connection to the mysql server has been sleeping more than wait_timeout or interactive_timeout seconds without issuing any requests to the server.
- A component in AED that writes to the database was abruptly terminated in the middle of a data transfer.
- The max_allowed_packet variable value is too small or queries require more memory than you have allocated for mysqld.
- Some Linux Ethernet drivers have a bug that can cause connections to abruptly close. You should test for this bug by transferring a huge file using FTP between the client and server machines. If a transfer goes in burst-pause-burst-pause mode, you are experiencing a Linux duplex syndrome. Switch the duplex mode for both your network card and hub/switch to either full duplex or to half duplex and test the results to determine the best setting.
- A problem with the thread library that causes interrupts on reads.
- Badly configured TCP/IP.
- For remote mysql servers, this can also occur does to network problems, and bad hardware include but not limited to hubs, switches, cables, and so forth. This can be diagnosed properly only by replacing hardware.
Could not create SSH tunnel. Please make sure forwarding is enabled on the server
- Check to ensure that SSH_ALLOWTCPFORWARDING
- If you are atempting to forward X to your desktop, you will need to enable SSH_X11FORWARDING as well.
Directive ‘UseDNS’ is not allowed within a Match Block
This occurs when sshd configuration has been modified to include Match blocks and the directive is not supported as part of the match. There is no way to explicitly end Match blocks (note: see solution 2 below for one way to work around this)
Solution 1: Match blocks need to be at the end of the sshd_config file, and all global configuration options must occur before these Match blocks.
Solution 2: Another option is to have a line with nothing but Match on it, which effectively matches everything and therefore is the same as ‘ending’ the block.
Problem with the SSL CA cert (path? access rights?)
That means someone/something has corrupted or replaced the root CA cerificates your operating system uses to verify SSL cerificates. That means it either cant find them, access them or they have been modified/corrupted so that some or all of the root CAs certificates are missing. When this happens, yum cant confirm that SSL connections are valid. While this is an operating system level error, and something we’d advise you discuss with your OS vendor and/or hosting company, the following is the standard command to tell your OS to reinstall its SSL root CAs:yum reinstall ca-certificates
If you are using any third party repos, we advise you disable them in case they are the source of this error. For example, if you are using EPEL:yum --disablerepo="epel" reinstall ca-certificates
You may need to disable additional repos, if those repos use SSL to download updates. yum will continue to fail as it tries to access repos that are accessed over SSL. Therefore, you will need to disable any repos that use SSL.
On some systems this may also be caused by an interrupted install of nss package updates from the OS vendor. Reinstallation of the nss packages may also be required:yum reinstall nss*
If you would like our assistance with this OS level issue, we’d be happy to help you with and put a quote together for these services. Please contact support for a quote.