I have followd the instructions: Cockpit Support to enable TOTP and enable the cockpit support
when logging in with the totp ping and in the main menu click on cockpit im getting an;
Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
systemctl status cockpit.service
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2025-03-08 10:58:19 CET; 7s ago
Docs: man:cockpit-ws(8)
Process: 4295 ExecStartPre=/usr/libexec/cockpit-certificate-ensure --for-cockpit-tls (code=exited, status=1/>
Mar 08 10:58:18 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 10:58:19 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 10:58:19 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 10:58:19 <servername> systemd[1]: Failed to start Cockpit Web Service.
Environment
ApisCP version:
cpcmd misc:cp-version
revision: efe49da72b896985bcedb83bee3bfcae6a383c4b
timestamp: 1741108131
ver_maj: 3
ver_min: 2
ver_patch: 45
ver_pre: 69-gefe49da72
dirty: false
debug: false
Operating System:
uname -r
4.18.0-553.34.1.el8_10.x86_64
What does journalctl --no-pager -an 40 -u cockpit report?
journalctl --no-pager -an 40 -u cockpit
-- Logs begin at Sat 2025-03-08 10:50:10 CET, end at Sun 2025-03-09 19:19:56 CET. --
Mar 08 11:04:56 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:56 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 11:04:56 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:57 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 11:04:57 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:57 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Start request repeated too quickly.
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:57 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:26:06 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:26:06 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:26:06 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:26:06 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:28:59 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:00 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:00 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:00 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:00 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:01 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:01 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:01 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:01 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:02 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:02 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:02 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:02 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:03 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:03 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:03 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:03 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:04 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Start request repeated too quickly.
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:04 <servername> systemd[1]: Failed to start Cockpit Web Service.
Too much noise there…
Try this:
systemctl restart cockpit
grep cockpit /var/log/messages
systemctl restart cockpit
Job for cockpit.service failed because the control process exited with error code.
See "systemctl status cockpit.service" and "journalctl -xe" for details.
systemctl status cockpit.service
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2025-03-09 20:02:25 CET; 18s ago
Docs: man:cockpit-ws(8)
Process: 340406 ExecStartPre=/usr/libexec/cockpit-certificate-ensure --for-cockpit-tls (code=exited, status=1/FAILURE)
Mar 09 20:02:23 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 09 20:02:25 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 09 20:02:25 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 09 20:02:25 <servername> systemd[1]: Failed to start Cockpit Web Service.
[root@cloud ~]#
[root@cloud ~]# grep cockpit /var/log/messages
Mar 9 20:02:23 cloud systemd[1]: cockpit-wsinstance-http.socket: Succeeded.
Mar 9 20:02:23 cloud systemd[1]: cockpit-wsinstance-https-factory.socket: Succeeded.
Mar 9 20:02:23 cloud systemd[340402]: cockpit.socket: Executable /usr/share/cockpit/motd/update-motd missing, skipping: No such file or directory
Mar 9 20:02:23 cloud systemd[340407]: cockpit-motd.service: Executable /usr/share/cockpit/motd/update-motd missing, skipping: No such file or directory
Mar 9 20:02:23 cloud systemd[1]: cockpit-motd.service: Succeeded.
Mar 9 20:02:24 cloud cockpit-certificate-ensure[340417]: mv: cannot move '0-self-signed-ca.pem' to '/etc/cockpit/ws-certs.d/0-self-signed-ca.pem': No such file or directory
Mar 9 20:02:24 cloud cockpit-certificate-ensure[340406]: cockpit-certificate-ensure: /usr/libexec/cockpit-certificate-helper exited with non-zero status 1
Mar 9 20:02:25 cloud systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 9 20:02:25 cloud systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 9 20:02:25 cloud systemd[1]: cockpit-wsinstance-https-factory.socket: Succeeded.
Mar 9 20:02:25 cloud systemd[1]: cockpit-wsinstance-http.socket: Succeeded.
Enable SSO -
cpcmd scope:set cockpit:sso-enabled True
Resolved?
cpcmd scope:set cockpit.sso-enabled True
INFO : Bootstrapper task running in background with roles: software/cockpit
1
When clicking on the Cockpit from the admin page:
Proxy Error
The proxy server could not handle the request
Reason: Error during SSL Handshake with remote server
maybe this is helpful?
PLAY [localhost] ***************************************************************
TASK [systemd/override-config : Edit /etc/systemd/system/cockpit.socket.d/override.conf] ***
changed: [localhost] => (item=Set Socket => ListenStream =
ListenStream=/run/cockpit.sock)
TASK [software/cockpit : Enable SSO for panel admin] ***************************
[WARNING]: 'local: true' specified and user 'cockpit-user' was not found in
/etc/passwd. The local user account may already exist if the local account
database exists somewhere other than /etc/passwd.
changed: [localhost]
TASK [software/cockpit : Install sssd RPM] *************************************
changed: [localhost]
TASK [software/cockpit : Enable SSSD] ******************************************
changed: [localhost]
TASK [software/cockpit : Configure sssd] ***************************************
changed: [localhost] => (item=Setting [sssd] services => nss, pam)
changed: [localhost] => (item=Setting [sssd] enable_files_domain => True)
changed: [localhost] => (item=Setting [domain/implicit_files] id_provider => files)
changed: [localhost] => (item=Setting [pam] pam_cert_auth => True)
changed: [localhost] => (item=Setting [certmap/implicit_files/cockpit-user] matchrule => <SUBJECT>^.*CN=cockpit-user$)
[WARNING]: The value True (type bool) in a string field was converted to 'True'
(type string). If this does not look like what you expect, quote the entire
value to ensure it does not change.
TASK [software/cockpit : Add PAM SSSD rule to Cockpit] *************************
changed: [localhost]
TASK [software/cockpit : Configure Cockpit] ************************************
changed: [localhost] => (item=Setting [basic] action => none)
[WARNING]: The value False (type bool) in a string field was converted to
'False' (type string). If this does not look like what you expect, quote the
entire value to ensure it does not change.
TASK [software/cockpit : Set sudo directive] ***********************************
changed: [localhost]
RUNNING HANDLER [software/cockpit : Restart sssd] ******************************
changed: [localhost]
RUNNING HANDLER [software/cockpit : Reload cockpit] ****************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to start service cockpit: Job for cockpit.service failed because the control process exited with error code.\nSee \"systemctl status cockpit.service\" and \"journalctl -xe\" for details.\n"}
NO MORE HOSTS LEFT *************************************************************
PLAY RECAP *********************************************************************
localhost : ok=31 changed=9 unreachable=0 failed=1 skipped=15 rescued=0 ignored=0
Did you have Cockpit previously enabled on the system? Here’s what I’m seeing:
[root@rocky-test ws-certs.d]# ls -la
total 12
drwxr-xr-x 2 root root 85 Mar 10 21:54 .
drwxr-xr-x 4 root root 86 Mar 10 21:53 ..
-rw-r--r-- 1 root root 2199 Mar 10 21:54 0-self-signed-ca.pem
-rw-r--r-- 1 root root 1769 Mar 10 21:54 0-self-signed.cert
-rw------- 1 root root 1704 Mar 10 21:54 0-self-signed.key
[root@rocky-test ws-certs.d]# rm -f *
[root@rocky-test ws-certs.d]# ls
# Empty
[root@rocky-test ws-certs.d]# systemctl restart cockpit
[root@rocky-test ws-certs.d]# ls
0-self-signed-ca.pem 0-self-signed.cert 0-self-signed.key
If restarting the service does not resolve it, then what is the result of the following command?
RUNTIME_DIRECTORY=/run/cockpit/ /usr/libexec/cockpit-certificate-ensure --for-cockpit-tls