Categories
MacAdmin

Kerio Connect (Or Other Web Services) on a Mac with Server App 5

Hi All,

After wresting with a few Mac OS 10.10.5 servers running Server App 5 I finally figured out how to run Kerio connect (or other Web Services apps) along side the Server App 5 services for web.

Here is a basic document outing the process.

NOTE: Kerio’s KB about this procedure is not correct for 10.10.5 and though it works for Kerio it will fill the server with error logs and break OS X Web Services.

**********************************************************************

sudo pico /Library/Server/Web/Config/Proxy/apache_serviceproxy.conf

(OR sudo -i and then the command just pico: BE CAREFUL – sudo -i gives you full root access to delete and do all sorts of nasty things)

Once in the file:

1. Press ^W (control+w) – a “find” command
2. Press ^R – (control+r) “replace” command
3. Type “*:” (without quotes) and press enter
4. Type “10.9.8.7:” (without quotes; or some other IP number that is not on your network OR is not the IP you want to bind Kerio Connect to) and press enter
5. Type “a” (to replace all)
6. Press ^X – (control+x) to exit
7. Type “y” to say yes to changes and save

What you have just done is replaced all virtual host entires with a specific IP AND Port to bind with, rather than binding to a port on ALL IPs.

The entire server needs to restart for changes to take full effect

Alter the IP address above you use in the find and replace if you have a secondary IP on the Mac in question; either virtually with a 2nd ethernet interface linked to the same physical ethernet interface, or via a secondary ethernet on a Mac Pro or via USB/Thunderbolt on other Macs. If you use another IP known to the OS you will need to alter the IP address that Kerio Connect is binding to under services in the Kerio Connect Admin web page.

As far as my testing and servers in live environments so far has shown this doesn’t fill the error logs and gives the Mac a chance to breathe.

NOTE 1:

With this method you WILL see what appears to be OS X services bound on *:80 and *:443, etc when using a command like sudo lsof -i -n -P | grep TCP.  This is true inside of the overall proxy which we have bound specifically to 10.10.10.2 in this case. Kerio Connect will still happily start and run along side these OS X services.  See example output of sudo lsof -i -n -P | grep TCP below (filtering anything containing 80, 443, 88, 8843, 8443, 8080 or 8800).

NOTE 2:

Leave the listen entries at the top of the file un-commented:

listen 80
listen 443
listen 8800
listen 8843

 

This is contrary to Kerio’s article on their KB:

http://kb.kerio.com/product/kerio-connect/troubleshooting/cannot-start-http-or-https-services-on-mac-os-636.html

Example Command: See Active TCP Web Ports

server:~ root# lsof -i -n -P | grep TCP | grep ‘:80\|:443\|:88’

kdc        102           root    6u  IPv6 0x710ebe3267aea943      0t0    TCP *:88 (LISTEN)

kdc        102           root    8u  IPv4 0x710ebe32690269f3      0t0    TCP *:88 (LISTEN)

mailserve  111           root   41u  IPv4 0x710ebe3267aeede3      0t0    TCP *:44337 (LISTEN)

mailserve  111           root   64u  IPv4 0x710ebe3279e642c3      0t0    TCP 10.10.10.3:443->10.10.10.1:58518 (ESTABLISHED)

mailserve  111           root   70u  IPv4 0x710ebe3279e8cf83      0t0    TCP 10.10.10.3:443->10.10.10.1:49227 (ESTABLISHED)

mailserve  111           root   75u  IPv4 0x710ebe3279d5c513      0t0    TCP 10.10.10.3:443->10.10.10.1:52602 (ESTABLISHED)

mailserve  111           root  155u  IPv4 0x710ebe3279e9db93      0t0    TCP 10.10.10.3:80 (LISTEN)

mailserve  111           root  156u  IPv4 0x710ebe3279e9c9f3      0t0    TCP 10.10.10.3:8800 (LISTEN)

mailserve  111           root  160u  IPv4 0x710ebe3279e9b853      0t0    TCP 10.10.10.3:443 (LISTEN)

mailserve  111           root  163u  IPv4 0x710ebe3279e9a6b3      0t0    TCP 10.10.10.3:8843 (LISTEN)

httpd      756           root    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      756           root    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      756           root    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      756           root   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      756           root   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

httpd      764           _www    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      764           _www    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      764           _www    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      764           _www   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      764           _www   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

httpd      765           _www    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      765           _www    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      765           _www    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      765           _www   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      765           _www   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

httpd      766           _www    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      766           _www    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      766           _www    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      766           _www   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      766           _www   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

httpd      767           _www    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      767           _www    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      767           _www    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      767           _www   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      767           _www   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

httpd      768           _www    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      768           _www    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      768           _www    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      768           _www   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      768           _www   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

httpd      820           _www    5u  IPv6 0x710ebe3277771c43      0t0    TCP *:80 (LISTEN)

httpd      820           _www    7u  IPv6 0x710ebe3277771743      0t0    TCP *:443 (LISTEN)

httpd      820           _www    9u  IPv6 0x710ebe3277771243      0t0    TCP *:8008 (LISTEN)

httpd      820           _www   11u  IPv6 0x710ebe3277770d43      0t0    TCP *:8800 (LISTEN)

httpd      820           _www   15u  IPv6 0x710ebe3285c60743      0t0    TCP *:8843 (LISTEN)

By Aaron

“Aaron David” Polley, son of Ray Polley and Cindy L Spear, was born in Saint John, New Brunswick, Canada, October 10th, 1987. He was happily united with his wife Amie Sara Polley on August 24th, 2012, in the Sunshine Coast, Queensland, Australia.

He grew up in a musical family that had a long history of accomplished musicians and songwriters. His own writing ability surfaced at the age of 7 when his first musical arrangement was used in a church service as a congregational song.