Re: [389-users] Admin Server - Encryption Tab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 

 

From: Rich Megginson [mailto:rmeggins@xxxxxxxxxx]
Sent: 09 February 2012 17:39
To: MATON Brett
Cc: General discussion list for the 389 Directory server project.
Subject: Re: [389-users] Admin Server - Encryption Tab

 

On 02/09/2012 09:37 AM, MATON Brett wrote:

 

 

From: Rich Megginson [mailto:rmeggins@xxxxxxxxxx]
Sent: 09 February 2012 17:23
To: General discussion list for the 389 Directory server project.
Cc: MATON Brett
Subject: Re: [389-users] Admin Server - Encryption Tab

 

On 02/09/2012 09:12 AM, MATON Brett wrote:

 

 

From: Rich Megginson [mailto:rmeggins@xxxxxxxxxx]
Sent: 09 February 2012 16:51
To: General discussion list for the 389 Directory server project.
Cc: MATON Brett
Subject: Re: [389-users] Admin Server - Encryption Tab

 

On 02/09/2012 08:45 AM, MATON Brett wrote:

Platform RHEL6.2 x86_64 (EPEL repository enabled)

 

$ rpm -qa | grep 389

389-admin-console-doc-1.1.8-1.el6.noarch

389-ds-base-libs-1.2.9.14-1.el6_2.2.x86_64

389-admin-console-1.1.8-1.el6.noarch

389-adminutil-1.1.14-2.el6.x86_64

389-ds-console-1.2.6-1.el6.noarch

389-ds-1.2.2-1.el6.noarch

389-ds-base-1.2.9.14-1.el6_2.2.x86_64

389-ds-console-doc-1.2.6-1.el6.noarch

389-console-1.1.7-1.el6.noarch

389-admin-1.1.25-1.el6.x86_64

gpg-pubkey-b3892132-4c63febc

389-dsgw-1.1.7-2.el6.x86_64

 

I can only access the Encryption Tab of 389 Admin Server from the local host.

When I try to access it from a remote desktop, it hangs for want of a better description at “Loading” the progress bar in the bottom right corner fills up and then starts over.

 

Nothing to note in the logs other than:

Blah admserv_host_ip_check: ap_get_remote_host could not resolve blah

 

Which is another thread...

 

This happens whether I’m using LDAPS to plain vanilla LDAP.

 

Any thoughts ?

you do seem to have the magic bug finger . . .  (I have my Moments J )

try 389-console -D 9 -f console.log
to see if there is anything interesting in the console.log

hmm - try
rm -rf ~/.389-console
to clear out the jar file cache
then run the console again

 

New output, attached complete log (Googlizing the NMC errors didn’t return much...):

Not sure why you are getting NoSuchMethodError
That seems like a mismatch between jar files

Try updating to the latest packages from epel-testing on both the client and the server

server - yum update --enablerepo=epel-testing idm-console-framework 389-console 389-admin-console 389-ds-console 389-admin
client - yum update --enablerepo=epel-testing idm-console-framework 389-console
unless the client is also a server, in which case use the packages for server

  I’ll Update the server now and try it again, the client is running on Windows 7 x64 (http://port389.org/download/389-Console-1.1.6-x86_64.msi)

 

http://<DS FQDN>:9830/[7:0] close> Closed

ClassLoader: :loadClass():name:java.lang.StringBuffer

security=off

familyList=RSA

RSA-activated=on

RSA-token=internal (software)

RSA-cert=<DS FQDN>

familyList=NULL

ssl2-activated=on

ssl2=-des,-rc2export,-rc4export,-desede3,-rc4,-rc2

ssl3-activated=on

ssl3=+rsa_rc2_40_md5,+rsa_rc4_128_md5,+rsa_3des_sha,+rsa_rc4_40_md5,-rsa_null_sha,+fips_des_sha,+fips_3des_sha,+rsa_des_sha,-rsa_null_md5,+rsa_aes_128_sha,+rsa_aes_256_sha,+rsa_des_56_sha,+rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha,+rsa_des_56_sha,+rsa_rc4_56_sha

clientauth=off

 

Framework.setCursor(): Discarding change of cursor

TurnOnSSL:getPanel()

ResourceSet: NOT found in cache loader558648009:com.netscape.management.client.security.securityResource

CommManager> New CommRecord (http://<DS FQDN>:9830/admin-serv/tasks/configuration/SecurityOp)

http://<DS FQDN>:9830/[8:0] open> Ready

http://<DS FQDN>:9830/[8:0] accept> http://<DS FQDN>:9830/admin-serv/tasks/configuration/SecurityOp

http://<DS FQDN>:9830/[8:0] send> POST  \

http://<DS FQDN>:9830/[8:0] send> /admin-serv/tasks/configuration/SecurityOp \

http://<DS FQDN>:9830/[8:0] send>  HTTP/1.0

http://<DS FQDN>:9830/[8:0] send> Host: <DS FQDN>:9830

http://<DS FQDN>:9830/[8:0] send> Connection: Keep-Alive

http://<DS FQDN>:9830/[8:0] send> User-Agent: 389-Management-Console/1.1.5

http://<DS FQDN>:9830/[8:0] send> Accept-Language: en

http://<DS FQDN>:9830/[8:0] send> Authorization: Basic  \

http://<DS FQDN>:9830/[8:0] send> Y249RGlyZWN0b3J5IE1hbmFnZXI6NzFwd2RucmI= \

http://<DS FQDN>:9830/[8:0] send>

http://<DS FQDN>:9830/[8:0] send> Content-Length:43

http://<DS FQDN>:9830/[8:0] send> Content-Type: application/x-www-form-urlencoded

http://<DS FQDN>:9830/[8:0] send> Content-Transfer-Encoding: 7bit

http://<DS FQDN>:9830/[8:0] send>

http://<DS FQDN>:9830/[8:0] send> Writing 43 bytes...

http://<DS FQDN>:9830/[8:0] send> 43 bytes written

http://<DS FQDN>:9830/[8:0] recv> HTTP/1.1 200 OK

http://<DS FQDN>:9830/[8:0] recv> Date: Thu, 09 Feb 2012 16:31:20 GMT

http://<DS FQDN>:9830/[8:0] recv> Server: Apache/2.2

HttpChannel.invoke: admin version = 2.2

http://<DS FQDN>:9830/[8:0] recv> Admin-Server: 389-Administrator/1.1.25

HttpChannel.invoke: admin version = 1.1.25

http://<DS FQDN>:9830/[8:0] recv> Connection: close

http://<DS FQDN>:9830/[8:0] recv> Content-Type: text/html

http://<DS FQDN>:9830/[8:0] recv>

http://<DS FQDN>:9830/[8:0] recv> Reading unknown length bytes...

http://<DS FQDN>:9830/[8:0] recv> 314 bytes read

http://<DS FQDN>:9830/[8:0] close> Closed

<TOKENLIST>

      <SECURITY>domestic</SECURITY>

      <RSA_TOKEN>

            <internal (software)>

                  <CERT0><DS FQDN></CERT0>

            </internal (software)>

      </RSA_TOKEN>

</TOKENLIST>

Content-type: text/html

 

NMC_Status: 2

NMC_ErrType:

NMC_ErrInfo: NSS shutdown failed: error -8053:unknown

Content-type: text/html

 

NMC_Status: 0

 

 

Exception in thread "LongAction" java.lang.NoSuchMethodError: com.netscape.management.client.security.CipherPreferenceDialog.<init>(Ljava/awt/Frame;ZZZZZZ)V

      at com.netscape.management.admserv.panel.TurnOnSSL.setSecurityIsDomestic(Unknown Source)

      at com.netscape.management.client.security.EncryptionPanel.<init>(Unknown Source)

      at com.netscape.management.client.security.EncryptionPanel.<init>(Unknown Source)

      at com.netscape.management.admserv.panel.TurnOnSSL.getPanel(Unknown Source)

      at com.netscape.management.admserv.config.TabbedConfigPanel$CreateTabAction.run(Unknown Source)

      at com.netscape.management.admserv.config.BaseConfigPanel$4.run(Unknown Source)

ResourceSet: found in cache loader558648009:com.netscape.management.client.util.default

ResourceSet: found in cache loader558648009:com.netscape.management.client.util.default

ResourceSet: found in cache loader558648009:com.netscape.management.client.util.default 

Brett

-------------------------------------------------------------------

GreeNRB
NRB considers its environmental responsibility and goes for green IT.
May we ask you to consider yours before printing this e-mail?  

NRB, daring to commit
This e-mail and any attachments, which may contain information that is confidential and/or protected by intellectual property rights, are intended for the exclusive use of the above-mentioned addressee(s). Any use (including reproduction, disclosure and whole or partial distribution in any form whatsoever) of their content is prohibited without prior authorization of NRB. If you have received this message by error, please contact the sender promptly by resending this e-mail back to him (her), or by calling the above number. Thank you for subsequently deleting this e-mail and any files attached thereto.

 
 
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

 

-------------------------------------------------------------------

GreeNRB
NRB considers its environmental responsibility and goes for green IT.
May we ask you to consider yours before printing this e-mail?  

NRB, daring to commit
This e-mail and any attachments, which may contain information that is confidential and/or protected by intellectual property rights, are intended for the exclusive use of the above-mentioned addressee(s). Any use (including reproduction, disclosure and whole or partial distribution in any form whatsoever) of their content is prohibited without prior authorization of NRB. If you have received this message by error, please contact the sender promptly by resending this e-mail back to him (her), or by calling the above number. Thank you for subsequently deleting this e-mail and any files attached thereto.

 
 
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

 

-------------------------------------------------------------------

GreeNRB
NRB considers its environmental responsibility and goes for green IT.
May we ask you to consider yours before printing this e-mail?  

NRB, daring to commit
This e-mail and any attachments, which may contain information that is confidential and/or protected by intellectual property rights, are intended for the exclusive use of the above-mentioned addressee(s). Any use (including reproduction, disclosure and whole or partial distribution in any form whatsoever) of their content is prohibited without prior authorization of NRB. If you have received this message by error, please contact the sender promptly by resending this e-mail back to him (her), or by calling the above number. Thank you for subsequently deleting this e-mail and any files attached thereto.

 

-------------------------------------------------------------------

GreeNRB
NRB considers its environmental responsibility and goes for green IT.
May we ask you to consider yours before printing this e-mail?  

NRB, daring to commit
This e-mail and any attachments, which may contain information that is confidential and/or protected by intellectual property rights, are intended for the exclusive use of the above-mentioned addressee(s). Any use (including reproduction, disclosure and whole or partial distribution in any form whatsoever) of their content is prohibited without prior authorization of NRB. If you have received this message by error, please contact the sender promptly by resending this e-mail back to him (her), or by calling the above number. Thank you for subsequently deleting this e-mail and any files attached thereto.

 
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux