Hi All,
After wresting with a few Mac OS 10.10.5 servers running Server App 5 I finally figured out how to run Kerio connect (or other Web Services apps) along side the Server App 5 services for web.
Here is a basic document outing the process.
NOTE: Kerio’s KB about this procedure is not correct for 10.10.5 and though it works for Kerio it will fill the server with error logs and break OS X Web Services.
**********************************************************************
sudo pico /Library/Server/Web/Config/Proxy/apache_serviceproxy.conf
(OR sudo -i and then the command just pico: BE CAREFUL – sudo -i gives you full root access to delete and do all sorts of nasty things)
Once in the file:
1. Press ^W (control+w) – a “find” command
2. Press ^R – (control+r) “replace” command
3. Type “*:” (without quotes) and press enter
4. Type “10.9.8.7:” (without quotes; or some other IP number that is not on your network OR is not the IP you want to bind Kerio Connect to) and press enter
5. Type “a” (to replace all)
6. Press ^X – (control+x) to exit
7. Type “y” to say yes to changes and save
What you have just done is replaced all virtual host entires with a specific IP AND Port to bind with, rather than binding to a port on ALL IPs.
The entire server needs to restart for changes to take full effect
Alter the IP address above you use in the find and replace if you have a secondary IP on the Mac in question; either virtually with a 2nd ethernet interface linked to the same physical ethernet interface, or via a secondary ethernet on a Mac Pro or via USB/Thunderbolt on other Macs. If you use another IP known to the OS you will need to alter the IP address that Kerio Connect is binding to under services in the Kerio Connect Admin web page.
As far as my testing and servers in live environments so far has shown this doesn’t fill the error logs and gives the Mac a chance to breathe.
NOTE 1:
With this method you WILL see what appears to be OS X services bound on *:80 and *:443, etc when using a command like sudo lsof -i -n -P | grep TCP. This is true inside of the overall proxy which we have bound specifically to 10.10.10.2 in this case. Kerio Connect will still happily start and run along side these OS X services. See example output of sudo lsof -i -n -P | grep TCP below (filtering anything containing 80, 443, 88, 8843, 8443, 8080 or 8800).
NOTE 2:
Leave the listen entries at the top of the file un-commented:
listen 80
listen 443
listen 8800
listen 8843
This is contrary to Kerio’s article on their KB:
Example Command: See Active TCP Web Ports
server:~ root# lsof -i -n -P | grep TCP | grep ‘:80\|:443\|:88’
kdc 102 root 6u IPv6 0x710ebe3267aea943 0t0 TCP *:88 (LISTEN)
kdc 102 root 8u IPv4 0x710ebe32690269f3 0t0 TCP *:88 (LISTEN)
mailserve 111 root 41u IPv4 0x710ebe3267aeede3 0t0 TCP *:44337 (LISTEN)
mailserve 111 root 64u IPv4 0x710ebe3279e642c3 0t0 TCP 10.10.10.3:443->10.10.10.1:58518 (ESTABLISHED)
mailserve 111 root 70u IPv4 0x710ebe3279e8cf83 0t0 TCP 10.10.10.3:443->10.10.10.1:49227 (ESTABLISHED)
mailserve 111 root 75u IPv4 0x710ebe3279d5c513 0t0 TCP 10.10.10.3:443->10.10.10.1:52602 (ESTABLISHED)
mailserve 111 root 155u IPv4 0x710ebe3279e9db93 0t0 TCP 10.10.10.3:80 (LISTEN)
mailserve 111 root 156u IPv4 0x710ebe3279e9c9f3 0t0 TCP 10.10.10.3:8800 (LISTEN)
mailserve 111 root 160u IPv4 0x710ebe3279e9b853 0t0 TCP 10.10.10.3:443 (LISTEN)
mailserve 111 root 163u IPv4 0x710ebe3279e9a6b3 0t0 TCP 10.10.10.3:8843 (LISTEN)
httpd 756 root 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 756 root 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 756 root 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 756 root 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 756 root 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)
httpd 764 _www 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 764 _www 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 764 _www 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 764 _www 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 764 _www 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)
httpd 765 _www 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 765 _www 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 765 _www 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 765 _www 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 765 _www 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)
httpd 766 _www 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 766 _www 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 766 _www 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 766 _www 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 766 _www 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)
httpd 767 _www 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 767 _www 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 767 _www 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 767 _www 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 767 _www 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)
httpd 768 _www 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 768 _www 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 768 _www 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 768 _www 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 768 _www 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)
httpd 820 _www 5u IPv6 0x710ebe3277771c43 0t0 TCP *:80 (LISTEN)
httpd 820 _www 7u IPv6 0x710ebe3277771743 0t0 TCP *:443 (LISTEN)
httpd 820 _www 9u IPv6 0x710ebe3277771243 0t0 TCP *:8008 (LISTEN)
httpd 820 _www 11u IPv6 0x710ebe3277770d43 0t0 TCP *:8800 (LISTEN)
httpd 820 _www 15u IPv6 0x710ebe3285c60743 0t0 TCP *:8843 (LISTEN)