Actually I have been trying to install the open Remote on the local machine and followed all the steps mentioned in the Github page, but unforetunately it hasn’t launched. I have tried typing (https://localhost) on four different browsers (Chrome, Edge, Opera, Firefox), but non of them would launch the OpenRemote app. I keep get the following message:
(Access to localhost was denied
You don’t have authorisation to view this page.
HTTP ERROR 403)
Also I have followed the suggestions mentioned in this link:
but the three alternative suggestions didn’t work.
I use:
OS: Windows 10
The version of Docker: Docker Desktop 3.3.3 (64133)
I wonder if anyone would recommend another solution please.
Yes I have disabled the firewall, but I haven’t tried to add a rule to allow the 80/443 traffic. I think I should give it a try, and I will let you know about the result. Thanks for your suggestion
Hi michal, I have just already added a rule to allow 80/443 traffic, and also disabled the firewall of the third party antivirus, and restarted everything, but unforetunately the same message still appear that says:
(Access to localhost was denied
You don’t have authorisation to view this page.
HTTP ERROR 403)
Everything seems to be running OK, but I see that you are using dual stack, and this is in fact a grey area, especially on Windows, as I never tested it there. Can you run curl with forcing ipv4 stack? E.g.
curl --insecure -I -L -4 localhost
then you should see something like this:
HTTP/1.1 302 Found
content-length: 0
location: https://localhost/
cache-control: no-cache
HTTP/1.1 302 Found
location: http://localhost/manager
content-length: 0
date: Fri, 21 May 2021 14:22:42 GMT
HTTP/1.1 302 Found
content-length: 0
location: https://localhost/manager
cache-control: no-cache
HTTP/1.1 302 Found
location: /manager/
content-type: text/html;charset=UTF-8
content-length: 64
date: Fri, 21 May 2021 14:22:42 GMT
HTTP/1.1 200 OK
expires: Sat, 22 May 2021 02:22:42 GMT
cache-control: public,max-age=43200,must-revalidate
pragma:
accept-ranges: bytes
date: Fri, 21 May 2021 14:22:42 GMT
etag: W/"index.html-1620632114000"
last-modified: Mon, 10 May 2021 07:35:14 GMT
content-type: text/html
content-length: 2639
Actually I have letterally followed the steps mentioned in the this link, but I don’t know if there is any initial setup or pre-steps that should be considered before doing this as I’m new to those stuff:
This is quite interesting use case. You are getting 403 after first redirect on mixed-content response. This response is invalid as you can see from my example you should get another redirection to http://localhost/manager, but here I think is the problem. You see, the first redirection is HTTPS and the second is HTTP. Your forbidden response is probably caused by browser setting to not accept HTTP after seeing given URL to be HTTPS capable (many browsers do that). However, as you are using curl which is very strange as this is a stateless browser, perhaps this is Windows feature? Again, some Windows expert would be helpful here.
Anyway, you don’t really need all these redirections and you can call the final URL directly. This is https://localhost/manager/ therefore please try:
This response is for sure not coming from our server as what you see there is an HSTS policy in the header which our server does not offer. Please check if you don’t have a different HTTP server running as Rich is suggesting. Also check if you get the same response on ipv6, i.e. run curl --insecure -I -L -6 https://localhost/manager/. To prove if you have another server you can bring the open remote stack down (docker-compose down) and repeat the curl calls.
Hi Michal, I have brought the stack down and run the both commands, and got the following:
C:\OpenRemote_Project>docker-compose -p openremote down
Removing network openremote_default
WARNING: Network openremote_default not found.
C:\OpenRemote_Project>curl --insecure -I -L -4 https://localhost/manager/
HTTP/1.1 404 Not Found
Date: Sat, 22 May 2021 14:19:11 GMT
Connection: close
Content-Security-Policy: block-all-mixed-content
Content-Type: text/plain; charset=utf-8
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1
Content-Length: 0
C:\OpenRemote_Project>curl --insecure -I -L -6 https://localhost/manager/
HTTP/1.1 404 Not Found
Date: Sat, 22 May 2021 14:19:19 GMT
Connection: close
Content-Security-Policy: block-all-mixed-content
Content-Type: text/plain; charset=utf-8
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1
Content-Length: 0
Also, I have used (netstat - a) as @Rich suggested and got a long list but I think the first couple of rows will be the most relevant ones as I got the following:
And I have tried the IP (0.0.0.0:443) in the broswer, and got the following error message:
This site can’t be reached
The web page at http://0.0.0.0:443/ might be temporarily down or it may have moved permanently to a new web address.
ERR_ADDRESS_INVALID
Sorry guys but I have a basic question, am I supposed to work on a server Windows, because I’m currently working on my simple PC (Surface Pro Labtop), and also am I required to do a full server installation or setup, or installing a server software on top of the steps mentioned in your get-started page?
Thank you for your cooperation and trying to solve this issue
I don’t see that the stack is indeed removed after docker-compose down. Only network is trying to be removed but not found. Is your docker installation healthy? Again what do you see when you run docker ps -a? There should be no containers running after docker-compose down.
netstat output shows that you are many open listening ports. Too many IMHO, one of them is 443 (HTTPS), end there are no 80 (HTTP) nor 8883 (MQTT). Therefore probably the OpenRemote stack wasn’t running anymore but some proces is still binding with 443 port. I’m afraid that this problem is beyond openremote, och wait — you have kubernetes running? Perhaps this guy is corrupting our stack? Can you shout it down? It is more that probable that it is hijacking the port. Note that kubernetes is declaration running system, so if you started it some time ago and haven’t sopped it properly it will recreate itself as a phoenix. It is very resilient, therefore find a way to shut down your local kubernetes cluster. Is it minikube or kind, or something similar?
Hi rich, I have tried what you suggested and I got the following:
C:\>netstat - ab
Displays protocol statistics and current TCP/IP network connections.
NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-t] [-x] [-y] [interval]
-a Displays all connections and listening ports.
-b Displays the executable involved in creating each connection or
listening port. In some cases well-known executables host
multiple independent components, and in these cases the
sequence of components involved in creating the connection
or listening port is displayed. In this case the executable
name is in [] at the bottom, on top is the component it called,
and so forth until TCP/IP was reached. Note that this option
can be time-consuming and will fail unless you have sufficient
permissions.
-e Displays Ethernet statistics. This may be combined with the -s
option.
-f Displays Fully Qualified Domain Names (FQDN) for foreign
addresses.
-n Displays addresses and port numbers in numerical form.
-o Displays the owning process ID associated with each connection.
-p proto Shows connections for the protocol specified by proto; proto
may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s
option to display per-protocol statistics, proto may be any of:
IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-q Displays all connections, listening ports, and bound
nonlistening TCP ports. Bound nonlistening ports may or may not
be associated with an active connection.
-r Displays the routing table.
-s Displays per-protocol statistics. By default, statistics are
shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6;
the -p option may be used to specify a subset of the default.
-t Displays the current connection offload state.
-x Displays NetworkDirect connections, listeners, and shared
endpoints.
-y Displays the TCP connection template for all connections.
Cannot be combined with the other options.
interval Redisplays selected statistics, pausing interval seconds
between each display. Press CTRL+C to stop redisplaying
statistics. If omitted, netstat will print the current
configuration information once.
C:\>
Hi michal, I have used docker ps -a and I got the following:
C:\>docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abffa947748b openremote/proxy:2.1.2.2 "/entrypoint.sh run" 7 minutes ago Up 7 minutes (healthy) 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 0.0.0.0:8883->8883/tcp, :::8883->8883/tcp openremote_proxy_1
102808c969d9 openremote/manager:latest "/init /bin/sh -c 'j…" 8 minutes ago Up 8 minutes (healthy) 8080/tcp openremote_manager_1
c61eb4cf8461 openremote/keycloak:12.0.1.1 "/opt/jboss/tools/do…" 9 minutes ago Up 9 minutes (healthy) 8080/tcp openremote_keycloak_1
8da49c338248 openremote/postgresql:9.6.21.0 "docker-entrypoint.s…" 10 minutes ago Up 10 minutes (healthy) 5432/tcp openremote_postgresql_1
b94913aea91c docker101tutorial "/docker-entrypoint.…" 3 days ago Exited (0) 2 days ago docker-tutorial
38d5e0d30b41 alpine/git "git clone https://g…" 3 days ago Exited (128) 2 days ago repo
C:\>
Also I have done it again after brough down OpenRemote, and got the following:
C:\OpenRemote_Project>docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b94913aea91c docker101tutorial "/docker-entrypoint.…" 3 days ago Exited (0) 2 days ago docker-tutorial
38d5e0d30b41 alpine/git "git clone https://g…" 3 days ago Exited (128) 2 days ago repo
C:\OpenRemote_Project>
What’smore, I have entered the command sfc /scannow command, and reset the network settings and ‘kubernetes’ hasn’t appeared anymore.