I have followd the instructions: Cockpit Support to enable TOTP and enable the cockpit support
when logging in with the totp ping and in the main menu click on cockpit im getting an;
Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
systemctl status cockpit.service
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2025-03-08 10:58:19 CET; 7s ago
Docs: man:cockpit-ws(8)
Process: 4295 ExecStartPre=/usr/libexec/cockpit-certificate-ensure --for-cockpit-tls (code=exited, status=1/>
Mar 08 10:58:18 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 10:58:19 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 10:58:19 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 10:58:19 <servername> systemd[1]: Failed to start Cockpit Web Service.
Environment
ApisCP version:
cpcmd misc:cp-version
revision: efe49da72b896985bcedb83bee3bfcae6a383c4b
timestamp: 1741108131
ver_maj: 3
ver_min: 2
ver_patch: 45
ver_pre: 69-gefe49da72
dirty: false
debug: false
Operating System:
uname -r
4.18.0-553.34.1.el8_10.x86_64
What does journalctl --no-pager -an 40 -u cockpit report?
journalctl --no-pager -an 40 -u cockpit
-- Logs begin at Sat 2025-03-08 10:50:10 CET, end at Sun 2025-03-09 19:19:56 CET. --
Mar 08 11:04:56 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:56 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 11:04:56 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:57 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 11:04:57 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:57 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Start request repeated too quickly.
Mar 08 11:04:57 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 11:04:57 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:26:06 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:26:06 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:26:06 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:26:06 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:28:59 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:00 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:00 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:00 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:00 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:01 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:01 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:01 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:01 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:02 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:02 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:02 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:02 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:03 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:03 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:03 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:03 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:04 <servername> systemd[1]: Failed to start Cockpit Web Service.
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Start request repeated too quickly.
Mar 08 15:29:04 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 08 15:29:04 <servername> systemd[1]: Failed to start Cockpit Web Service.
Too much noise there…
Try this:
systemctl restart cockpit
grep cockpit /var/log/messages
systemctl restart cockpit
Job for cockpit.service failed because the control process exited with error code.
See "systemctl status cockpit.service" and "journalctl -xe" for details.
systemctl status cockpit.service
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2025-03-09 20:02:25 CET; 18s ago
Docs: man:cockpit-ws(8)
Process: 340406 ExecStartPre=/usr/libexec/cockpit-certificate-ensure --for-cockpit-tls (code=exited, status=1/FAILURE)
Mar 09 20:02:23 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 09 20:02:25 <servername> systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 09 20:02:25 <servername> systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 09 20:02:25 <servername> systemd[1]: Failed to start Cockpit Web Service.
[root@cloud ~]#
[root@cloud ~]# grep cockpit /var/log/messages
Mar 9 20:02:23 cloud systemd[1]: cockpit-wsinstance-http.socket: Succeeded.
Mar 9 20:02:23 cloud systemd[1]: cockpit-wsinstance-https-factory.socket: Succeeded.
Mar 9 20:02:23 cloud systemd[340402]: cockpit.socket: Executable /usr/share/cockpit/motd/update-motd missing, skipping: No such file or directory
Mar 9 20:02:23 cloud systemd[340407]: cockpit-motd.service: Executable /usr/share/cockpit/motd/update-motd missing, skipping: No such file or directory
Mar 9 20:02:23 cloud systemd[1]: cockpit-motd.service: Succeeded.
Mar 9 20:02:24 cloud cockpit-certificate-ensure[340417]: mv: cannot move '0-self-signed-ca.pem' to '/etc/cockpit/ws-certs.d/0-self-signed-ca.pem': No such file or directory
Mar 9 20:02:24 cloud cockpit-certificate-ensure[340406]: cockpit-certificate-ensure: /usr/libexec/cockpit-certificate-helper exited with non-zero status 1
Mar 9 20:02:25 cloud systemd[1]: cockpit.service: Control process exited, code=exited status=1
Mar 9 20:02:25 cloud systemd[1]: cockpit.service: Failed with result 'exit-code'.
Mar 9 20:02:25 cloud systemd[1]: cockpit-wsinstance-https-factory.socket: Succeeded.
Mar 9 20:02:25 cloud systemd[1]: cockpit-wsinstance-http.socket: Succeeded.
Enable SSO -
cpcmd scope:set cockpit:sso-enabled True
Resolved?
cpcmd scope:set cockpit.sso-enabled True
INFO : Bootstrapper task running in background with roles: software/cockpit
1
When clicking on the Cockpit from the admin page:
Proxy Error
The proxy server could not handle the request
Reason: Error during SSL Handshake with remote server
maybe this is helpful?
PLAY [localhost] ***************************************************************
TASK [systemd/override-config : Edit /etc/systemd/system/cockpit.socket.d/override.conf] ***
changed: [localhost] => (item=Set Socket => ListenStream =
ListenStream=/run/cockpit.sock)
TASK [software/cockpit : Enable SSO for panel admin] ***************************
[WARNING]: 'local: true' specified and user 'cockpit-user' was not found in
/etc/passwd. The local user account may already exist if the local account
database exists somewhere other than /etc/passwd.
changed: [localhost]
TASK [software/cockpit : Install sssd RPM] *************************************
changed: [localhost]
TASK [software/cockpit : Enable SSSD] ******************************************
changed: [localhost]
TASK [software/cockpit : Configure sssd] ***************************************
changed: [localhost] => (item=Setting [sssd] services => nss, pam)
changed: [localhost] => (item=Setting [sssd] enable_files_domain => True)
changed: [localhost] => (item=Setting [domain/implicit_files] id_provider => files)
changed: [localhost] => (item=Setting [pam] pam_cert_auth => True)
changed: [localhost] => (item=Setting [certmap/implicit_files/cockpit-user] matchrule => <SUBJECT>^.*CN=cockpit-user$)
[WARNING]: The value True (type bool) in a string field was converted to 'True'
(type string). If this does not look like what you expect, quote the entire
value to ensure it does not change.
TASK [software/cockpit : Add PAM SSSD rule to Cockpit] *************************
changed: [localhost]
TASK [software/cockpit : Configure Cockpit] ************************************
changed: [localhost] => (item=Setting [basic] action => none)
[WARNING]: The value False (type bool) in a string field was converted to
'False' (type string). If this does not look like what you expect, quote the
entire value to ensure it does not change.
TASK [software/cockpit : Set sudo directive] ***********************************
changed: [localhost]
RUNNING HANDLER [software/cockpit : Restart sssd] ******************************
changed: [localhost]
RUNNING HANDLER [software/cockpit : Reload cockpit] ****************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unable to start service cockpit: Job for cockpit.service failed because the control process exited with error code.\nSee \"systemctl status cockpit.service\" and \"journalctl -xe\" for details.\n"}
NO MORE HOSTS LEFT *************************************************************
PLAY RECAP *********************************************************************
localhost : ok=31 changed=9 unreachable=0 failed=1 skipped=15 rescued=0 ignored=0
Did you have Cockpit previously enabled on the system? Here’s what I’m seeing:
[root@rocky-test ws-certs.d]# ls -la
total 12
drwxr-xr-x 2 root root 85 Mar 10 21:54 .
drwxr-xr-x 4 root root 86 Mar 10 21:53 ..
-rw-r--r-- 1 root root 2199 Mar 10 21:54 0-self-signed-ca.pem
-rw-r--r-- 1 root root 1769 Mar 10 21:54 0-self-signed.cert
-rw------- 1 root root 1704 Mar 10 21:54 0-self-signed.key
[root@rocky-test ws-certs.d]# rm -f *
[root@rocky-test ws-certs.d]# ls
# Empty
[root@rocky-test ws-certs.d]# systemctl restart cockpit
[root@rocky-test ws-certs.d]# ls
0-self-signed-ca.pem 0-self-signed.cert 0-self-signed.key
If restarting the service does not resolve it, then what is the result of the following command?
RUNTIME_DIRECTORY=/run/cockpit/ /usr/libexec/cockpit-certificate-ensure --for-cockpit-tls
Sorry im not sure if i have manual enabled Cockpit on the system.
The comment returns
RUNTIME_DIRECTORY=/run/cockpit/ /usr/libexec/cockpit-certificate-ensure --for-cockpit-tls
mv: cannot move '0-self-signed-ca.pem' to '/etc/cockpit/ws-certs.d/0-self-signed-ca.pem': No such file or directory
cockpit-certificate-ensure: /usr/libexec/cockpit-certificate-helper exited with non-zero status 1
That would cause it. What does this report?
ls -l /etc/cockpit/ws-certs.d/{,*}
ls: cannot access '/etc/cockpit/ws-certs.d/': No such file or directory
ls: cannot access '/etc/cockpit/ws-certs.d/*': No such file or directory
dnf reinstall -y cockpit-ws
upcp -sb software/cockpit
Should be good to go then 
Thx 
the page displays a sso login screen and then is stays blank.
That’s normal with the custom URL that gets rewritten. On mobile the menu is on the bottom, on desktop menu is on left. Landing page is empty. See https://x.com/i/status/1895563965918499283 around 00:22
Around 00:19 im getting the ‘login screen’ from the server.
and round 00:20/00:21 the cockpit dashboard is showing. mine stays dark / blank / not seeing anything.
Not enough information to work on, sounds like bad authentication.
After trying to login, then getting a black screen, what does this report?
systemctl status cockpit
grep cockpit /var/log/messages | tail -n30
systemctl status cockpit
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor pres>
Active: inactive (dead) since Mon 2025-03-17 20:54:37 CET; 15h ago
Docs: man:cockpit-ws(8)
Process: 405868 ExecStart=/usr/libexec/cockpit-tls (code=exited, status=0/SUC>
Process: 405866 ExecStartPre=/usr/libexec/cockpit-certificate-ensure --for-co>
Main PID: 405868 (code=exited, status=0/SUCCESS)
Mar 17 20:52:20 <servername> systemd[1]: Starting Cockpit Web Service...
Mar 17 20:52:21 <servername> systemd[1]: Started Cockpit Web Service.
Mar 17 20:54:37 <servername> systemd[1]: cockpit.service: Succeeded.
grep cockpit /var/log/messages | tail -n30
reports nothing