logo

The ConnectWise Control forum has moved to ConnectWise University! This forum has been locked and is in read-only mode. Click here for instructions on how to access the new forum.

Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
bbrother  
#1 Posted : Monday, March 20, 2017 6:24:05 PM(UTC)
bbrother


Rank: Guest

Joined: 3/20/2017(UTC)
Posts: 6
Netherlands
Location: Rotterdam

Hello all,

I've tried setting up the SSL certificate in the web interface of screenconnect.
I followed the tutorial as written here; https://help.screenconne...certificate_installation

Everything was successful, I created the tar.gz file using the Windows tool.
I uploaded the tar.gz file with all the certificates and the directory tree to the ubuntu server its running on.
I of course changed the web.config file to use https and port 443.

When I tried to start screenconnect thru /etc/init.d/screenconnect start, it wont start up anymore.

Removing the extracted files makes it work again.
As far as I can troubleshoot I can see its getting stuck in a startup loop in the running processes list.

Any idea what I could try to resolve this?
Any help will be greatly appreciated

Edited by user Monday, March 20, 2017 6:24:40 PM(UTC)  | Reason: Not specified

Scott  
#2 Posted : Monday, March 20, 2017 6:24:55 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
It should kick an error (or a few errors) to the logfile. Is there anything relevant in /var/log/screenconnect ? Just tailing the last 150 or so lines should help.
ScreenConnect Team
bbrother  
#3 Posted : Monday, March 20, 2017 6:33:23 PM(UTC)
bbrother


Rank: Guest

Joined: 3/20/2017(UTC)
Posts: 6
Netherlands
Location: Rotterdam

Originally Posted by: Scott Go to Quoted Post
It should kick an error (or a few errors) to the logfile. Is there anything relevant in /var/log/screenconnect ? Just tailing the last 150 or so lines should help.




Event (2017/03/20 17:20:06.783 +01:00, ScreenConnect Web Server, Error): Failed to start service: System.Net.Sockets.SocketException: Address already in use

Server stack trace:
at System.Net.Sockets.Socket.Bind (System.Net.EndPoint local_end) [0x00000] in <filename unknown>:0
at System.Net.EndPointListener..ctor (System.Net.IPAddress addr, Int32 port, Boolean secure) [0x00000] in <filename unknown>:0
at System.Net.EndPointManager.GetEPListener (System.Net.IPAddress address, Int32 port, System.Net.HttpListener listener, Boolean secure) [0x00000] in <filename unknown>:0
at System.Net.EndPointManager.AddPrefixInternal (System.String p, System.Net.HttpListener listener) [0x00000] in <filename unknown>:0
at System.Net.EndPointManager.AddListener (System.Net.HttpListener listener) [0x00000] in <filename unknown>:0

Exception rethrown at [0]:

at (wrapper xdomain-invoke) ScreenConnect.WebServer:Startup ()
at ScreenConnect.AppDomainServiceBase.StartServiceInternal () [0x00000] in <filename unknown>:0

Unhandled Exception:
System.Net.Sockets.SocketException: Address already in use

this is about it, repeated a lot of times. It says the address/port is already in use.?
I checked wether something was running on 443, when screenconnect is running it says:

root@remote:/var/log# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 31696/mono

root@remote:/var/log# ps aux |grep 31696
root 559 0.0 0.0 12700 2036 pts/2 S+ 19:29 0:00 grep 31696
root 31696 0.9 12.0 1588288 491304 ? Sl 17:53 0:55 mono /opt/screenconnect/Bin/ScreenConnect.Service.exe startservices 7 30157 10

I guess this is the relay port? its going thru port 443.

I am assuming this is blocking the https port?

Michael L  
#4 Posted : Monday, March 20, 2017 7:27:29 PM(UTC)
Michael L


Rank: Administration

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 8/18/2015(UTC)
Posts: 98
Man
United States

Thanks: 8 times
Was thanked: 14 time(s) in 12 post(s)
You would need to check in your web.config file to see if the relay is using port 443 already or not; it's hard to tell from that error (but that's what it sounds like). Would you be able to copy in the values for your WebServerListenUri and RelayListenUri keys within the web.config file?
ConnectWise Control (ScreenConnect) Support Team
bbrother  
#5 Posted : Monday, March 20, 2017 7:35:53 PM(UTC)
bbrother


Rank: Guest

Joined: 3/20/2017(UTC)
Posts: 6
Netherlands
Location: Rotterdam

Originally Posted by: Michael L Go to Quoted Post
You would need to check in your web.config file to see if the relay is using port 443 already or not; it's hard to tell from that error (but that's what it sounds like). Would you be able to copy in the values for your WebServerListenUri and RelayListenUri keys within the web.config file?



Yes port 443 is being used for the relay port in the web.config file.

<add key="WebServerListenUri" value="http://+:80/">
<add key="RelayListenUri" value="relay://+:443/">

Can I change this without the clients having to be reinstalled/connected?
We have about 40 servers connected currently.

Edited by user Monday, March 20, 2017 7:37:27 PM(UTC)  | Reason: Not specified

Michael L  
#6 Posted : Monday, March 20, 2017 8:32:55 PM(UTC)
Michael L


Rank: Administration

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 8/18/2015(UTC)
Posts: 98
Man
United States

Thanks: 8 times
Was thanked: 14 time(s) in 12 post(s)
Ahh thanks, that makes sense - that will be the issue, as only 1 service can listen on a specific port for any given IP address at a time.

To answer your question, no, you can't change it without needing to reinstall the clients, as there is a process to follow for changing the relay outlined here. If you follow this through, the client can be reinstalled from your Host page / machine list though, and is pretty painless as long as you follow it exactly:
https://help.screenconne...nattended_access_clients

The only other options for you to keep the relay on port 443 would be:

1) Add a second public IP, private IP, and a new DNS name, and then use that new name+IP address for your web traffic on port 443. This isn't a really ideal solution though.
2) The ScreenConnect Router service exists in the product, and can be configured on Windows installations to allow you to run both web and relay traffic on the same port (443). The only real caveat to this in your case is that it doesn't work on Linux servers. :( If you have a lot of access clients (~1000+) or simultaneous sessions (~10-15+), it might be worth it for you to consider migrating the system over to Windows though.
ConnectWise Control (ScreenConnect) Support Team
bbrother  
#7 Posted : Wednesday, March 22, 2017 1:57:53 PM(UTC)
bbrother


Rank: Guest

Joined: 3/20/2017(UTC)
Posts: 6
Netherlands
Location: Rotterdam

Originally Posted by: Michael L Go to Quoted Post
Ahh thanks, that makes sense - that will be the issue, as only 1 service can listen on a specific port for any given IP address at a time.

To answer your question, no, you can't change it without needing to reinstall the clients, as there is a process to follow for changing the relay outlined here. If you follow this through, the client can be reinstalled from your Host page / machine list though, and is pretty painless as long as you follow it exactly:
https://help.screenconne...nattended_access_clients

The only other options for you to keep the relay on port 443 would be:

1) Add a second public IP, private IP, and a new DNS name, and then use that new name+IP address for your web traffic on port 443. This isn't a really ideal solution though.
2) The ScreenConnect Router service exists in the product, and can be configured on Windows installations to allow you to run both web and relay traffic on the same port (443). The only real caveat to this in your case is that it doesn't work on Linux servers. :( If you have a lot of access clients (~1000+) or simultaneous sessions (~10-15+), it might be worth it for you to consider migrating the system over to Windows though.



Thanks for your reply.
I managed to make it work by changing the relay port!
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.