New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
System Checks might not work for internal hostname without TLD #18567
Comments
I can confirm this locally, as I use a non-TLD self signed server config and the following error is shown:
A quick hack to disabling the CURL_VERIFYPEER and CURL_VERIFYHOST options on the request allows the check to complete successfully, so this error is probably caused by CURL rejecting the self signed certificate. Although the HSR check could be changed make the request with the $acceptInvalidSslCertificate parameter, I don't think we'd want to accept invalid certs by default. It might be better to have a config option to always allow self signed certificates for specific named hosts so internal server setups with https can be supported. Something like:
Then sendHttpRequestBy() could disable CURL_VERIFYPEER and CURL_VERIFYHOST options if the request if for a host in that list. |
Could this maybe be resolved by using a custom certificate bundle then? There is a config option for it: https://github.com/matomo-org/matomo/blob/4.x-dev/config/global.ini.php#L833 |
FYI not sure if the user is seeing the same error message as you do:
|
Looks like it's a different issue from ssl certs then. That message is shown if there was a response but it didn't include the string What is shown if |
The output looks okay and there clearly isn't any issue with server itself accessing it. I think we'll need to see details of the response or error to work out why the check code is failing. Would it be possible to temporarily add the following line to
That should spit out an error showing the exact response and any possible exception message. If that's not appropriate then I could submit a PR for the HSR plugin to add some detailed debug logs for when this check fails, but that would only be available in the next plugin release. |
A user encountered an error in the System Check (Specifically for the HSR plugin).
The check showed that the URL was not accessible. After further testing they confirmed that devices on the network can access the link and they are able to use cURL and wget to access the URL from the Matomo server directly and it returned the expected results.
The main thing that appears to be different is that this is an internal only Matomo server that does not use a TLD. So for example it's just using a URL such as:
https://matomo-site/matomo/plugins/
The same result showed when doing the System Check in the UI and through a console command.
The text was updated successfully, but these errors were encountered: