Project

General

Profile

Tâche #23833

Scénario #23694: EOLE 2.7.0 et certificats SSL : faire fonctionner les services qui ne démarrent plus suite à la génération par openssl des clés privées

Le service zephir_web tourne en nobody

Added by Fabrice Barconnière almost 3 years ago. Updated almost 3 years ago.

Status:
Fermé
Priority:
Normal
Start date:
03/21/2018
Due date:
% Done:

100%

Estimated time:
2.00 h
Spent time:
Remaining (hours):
0.0

Description

L'accès à l'interface web de Zéphir est impossible.

2018-05-04T08:21:38.366970+02:00 zephir.ac-test.fr zephir_web: [twisted.protocols.tls.TLSMemoryBIOFactory] #011  File "/usr/lib/python2.7/dist-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
2018-05-04T08:21:38.367138+02:00 zephir.ac-test.fr zephir_web: [twisted.protocols.tls.TLSMemoryBIOFactory] #011    raise exception_type(errors)
2018-05-04T08:21:38.367292+02:00 zephir.ac-test.fr zephir_web: [twisted.protocols.tls.TLSMemoryBIOFactory] #011OpenSSL.SSL.Error: [('system library', 'fopen', 'Permission denied'), ('BIO routines', 'file_ctrl', 'system lib'), ('SSL routines', 'SSL_CTX_use_PrivateKey_file', 'system lib')]

Associated revisions

Revision b3cfe6e4 (diff)
Added by Fabrice Barconnière almost 3 years ago

Web interface is running in nobody. Adapt SSL configuration.

ref #23833

Revision cc8edf7a (diff)
Added by Fabrice Barconnière almost 3 years ago

Web interface is running in nobody. Adapt SSL configuration.

ref #23833

Revision c610637e (diff)
Added by Fabrice Barconnière almost 3 years ago

Genconfig in zephir web interface : flask cookie has changed

ref #23833

Revision 2029a9c9 (diff)
Added by Fabrice Barconnière almost 3 years ago

Unused import in python posttemplate

ref #23833

Revision bc7a44e7 (diff)
Added by Joël Cuissinat almost 3 years ago

Genconfig1 in zephir web interface : flask cookie has changed

Ref: #23833

History

#1 Updated by Fabrice Barconnière almost 3 years ago

  • Status changed from Nouveau to En cours

#2 Updated by Fabrice Barconnière almost 3 years ago

  • Remaining (hours) changed from 2.0 to 3.0

#3 Updated by Fabrice Barconnière almost 3 years ago

  • Status changed from En cours to Résolu
  • % Done changed from 0 to 100
  • Remaining (hours) changed from 3.0 to 0.5

#4 Updated by Joël Cuissinat almost 3 years ago

La correction effectuée dans zephir-parc:c610637e doit également être appliquée pour l'édition des serveurs 2.5 (genconfig1) :

root@zephir:~# tail -fn0 /var/log/rsyslog/local/zephir_web/zephir_web.alert.log 
2018-05-07T16:34:17.645220+02:00 zephir.ac-test.fr zephir_web: [wsgi] [2018-05-07 16:34:17,643] ERROR in zephir_views: 'TWISTED_SESSION'
2018-05-07T16:34:17.645316+02:00 zephir.ac-test.fr zephir_web: [wsgi] #011Traceback (most recent call last):
2018-05-07T16:34:17.645379+02:00 zephir.ac-test.fr zephir_web: [wsgi] #011  File "/usr/lib/python2.7/dist-packages/zephir/web/zephirgenconfig1/zephir_views.py", line 166, in init_serveur
2018-05-07T16:34:17.645440+02:00 zephir.ac-test.fr zephir_web: [wsgi] #011    init_zephir(get_zephir_id(), data, session_data)
2018-05-07T16:34:17.645536+02:00 zephir.ac-test.fr zephir_web: [wsgi] #011  File "/usr/lib/python2.7/dist-packages/zephir/web/zephirgenconfig1/zephir_views.py", line 82, in get_zephir_id
2018-05-07T16:34:17.645612+02:00 zephir.ac-test.fr zephir_web: [wsgi] #011    return request.cookies['TWISTED_SESSION']
2018-05-07T16:34:17.645694+02:00 zephir.ac-test.fr zephir_web: [wsgi] #011KeyError: 'TWISTED_SESSION'

#5 Updated by Joël Cuissinat almost 3 years ago

OK pour moi.

root@zephir:~# ls -lR /etc/zephir/ssl/
/etc/zephir/ssl/:
total 8
drwxr-xr-x 2 nobody nogroup 4096 mai    7 16:24 certs
drwx------ 2 nobody nogroup 4096 mai    7 16:24 private

/etc/zephir/ssl/certs:
total 4
-rw-r--r-- 1 nobody nogroup 1464 mai    7 16:24 zephir.crt

/etc/zephir/ssl/private:
total 4
-rw------- 1 nobody nogroup 1675 mai    7 16:24 zephir.key

#6 Updated by Joël Cuissinat almost 3 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) changed from 0.5 to 0.0

Also available in: Atom PDF