Re: commend "ceph dashboard create-self-signed-cert " ERR

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jul 3, 2018 at 9:18 AM John Spray <jspray@xxxxxxxxxx> wrote:
>
> On Tue, Jul 3, 2018 at 6:25 AM jaywaychou <jaywaychou@xxxxxxxxx> wrote:
> >
> >
> > HI,Cephers:
> >
> >     I just use Mimic  Ceph  for Dashboard. I just do as http://docs.ceph.com/docs/mimic/mgr/dashboard/
> >
> > When   install a self-signed certificate as build-in commend , it stuck ERR like as bellow:
> >
> > [root@localhost ~]# ceph dashboard create-self-signed-cert
> > Error EINVAL: Traceback (most recent call last):
> >   File "/usr/lib64/ceph/mgr/dashboard/module.py", line 319, in handle_command
> >     self.create_self_signed_cert()
> >   File "/usr/lib64/ceph/mgr/dashboard/module.py", line 328, in create_self_signed_cert
> >     pkey.generate_key(crypto.TYPE_RSA, 2048)
> > Error: [('rsa routines', 'RSA_BUILTIN_KEYGEN', 'BN lib')]
>
> What linux distro are you running?  This seems like it could be
> something wrong with the openssl library on your system.

Sorry, I missed that you had verified that the library worked when
called separately.  So now I'm wondering if selinux is enabled on your
system, which might be somehow restricting what the ceph-mgr process
can do vs. what you can do at the console.

John

> John
>
> > I check the  /usr/lib64/ceph/mgr/dashboard/module.py . And execute in local  env. it's  OK.
> >
> > ```
> > [root@localhost ~]# cat xx.py
> > from OpenSSL import crypto
> > from uuid import uuid4
> >
> > def create_self_signed_cert():
> >     # create a key pair
> >     pkey = crypto.PKey()
> >     pkey.generate_key(crypto.TYPE_RSA, 2048)
> >     # create a self-signed cert
> >     cert = crypto.X509()
> >     cert.get_subject().O = "IT"
> >     cert.get_subject().CN = "ceph-dashboard"
> >     cert.set_serial_number(int(uuid4()))
> >     cert.gmtime_adj_notBefore(0)
> >     cert.gmtime_adj_notAfter(10*365*24*60*60)
> >     cert.set_issuer(cert.get_subject())
> >     cert.set_pubkey(pkey)
> >     cert.sign(pkey, 'sha512')
> >
> >     cert = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
> >     print cert
> >
> >     pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
> >     print pkey
> >
> > create_self_signed_cert()
> >
> > [root@localhost ~]# python xx.py
> > -----BEGIN CERTIFICATE-----
> > MIICzzCCAbcCEDPwZUMnzU46kIAo0OdYes8wDQYJKoZIhvcNAQENBQAwJjELMAkG
> > A1UEChMCSVQxFzAVBgNVBAMTDmNlcGgtZGFzaGJvYXJkMB4XDTE4MDcwMzA1MTEx
> > OFoXDTI4MDYzMDA1MTExOFowJjELMAkGA1UEChMCSVQxFzAVBgNVBAMTDmNlcGgt
> > ZGFzaGJvYXJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRFebQbR
> > 2CuIucrhEZLI3V9hV/Jf3ca2+Hl54q5jWwk1SP5iki88zDxYxSthByBm4B07RUc1
> > TMYnLCpoC4APN2wENsYcp/D6+VydBKigDeG8cGMHgrwuQGgHKU40rTXZ88SFbzqT
> > 7gzeYe0kuXTCNNIPtsjFdbRo33Ra5eoTzEeEaWqz6BfUknufF0Lf4ibRPVMwdH3a
> > mrESBhc8EAxd3h8ZvulObat76S4oQlL/E28NYkooZMpszZKAg5vCz7WNPjOcLbu+
> > MQ0LrjLZoZi9039/UxJISVmOWTvylgWGZ8rN+KTPtA+yUMxtXhSCW5eNl3YmUJPY
> > ER4r10B+g46UyQIDAQABMA0GCSqGSIb3DQEBDQUAA4IBAQBL6ZYWw4VqW24p7zsU
> > gyIgTqX9yZTMb1Iavgyx8w7JtMrVbLSTM3zxu8LU4z4WlEtLiM/lYVWzDVlpVcfH
> > sChbS8LtbWELf71hnceBJl+UzaZOUQVdzzo7l5G6ULLo5QPC0NkqKjqd+vOpiIyE
> > j28XXIzwT9tRj1SCE/3ItzPVm7NpMVMpLavR2aH9sxOntUIp0leLVFXjy5gnEdfI
> > uhvjoXtnImeXLOUhdP3ihpyiWu1UshLH7H3wiXI9pPG4M38lQBgX4gaGiw46nH8u
> > B+DvyND2/uGWhtLveQ8yuckj6PaHGdMe1QTfBu4tm9Okb06Tgpk8wZlJ1UQi6lZg
> > GjmT
> > -----END CERTIFICATE-----
> >
> > -----BEGIN PRIVATE KEY-----
> > MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCZEV5tBtHYK4i5
> > yuERksjdX2FX8l/dxrb4eXnirmNbCTVI/mKSLzzMPFjFK2EHIGbgHTtFRzVMxics
> > KmgLgA83bAQ2xhyn8Pr5XJ0EqKAN4bxwYweCvC5AaAcpTjStNdnzxIVvOpPuDN5h
> > 7SS5dMI00g+2yMV1tGjfdFrl6hPMR4RparPoF9SSe58XQt/iJtE9UzB0fdqasRIG
> > FzwQDF3eHxm+6U5tq3vpLihCUv8Tbw1iSihkymzNkoCDm8LPtY0+M5wtu74xDQuu
> > MtmhmL3Tf39TEkhJWY5ZO/KWBYZnys34pM+0D7JQzG1eFIJbl42XdiZQk9gRHivX
> > QH6DjpTJAgMBAAECggEAEoJ0LbD2bTKOfREYeFyMp6BiEBWCHDpsY82kvJGj+B07
> > 8VC5sL2/l17wyR7+w7LaXd2LDkyXGGqZ0BBstn9M18HbHJiGXJSadM8LOcX+XM9g
> > TyLahKem3Cj4PLl1S0DI015/WDz4KIAr4CGiID8LQQHp3ouWvS4MxIC4gTb2H+yS
> > KUN6fkOM0KgdaSUSPpuh5FdsRHpbozux6G+77nOIm9InQTf9I0F+s9mf9tD74evR
> > +1UVDk8Ox4BZm5jTHy1cq0q881OhfZftlItRDAoekiV+0TV8od6CrLheDJYImZeQ
> > ufcBumr7YS3YkOI0+wCcldY7xrPzX4pWEcv7A21eAQKBgQDG/66WQzlQ8zHV0YPT
> > SH8PHnv+95FQJ/Y9rJHYe7K9/Du2/1vjJDLdz4cs9aFFFa0/GmD8D0sqh8VZIwvP
> > rUDKgfJF0Q4wAnuoisIYhoPU35jEMKzut98ww5t5Hln00XblTD7koe4+e8/VN4jl
> > Du976cKEW981poj2S2lCUcRUwQKBgQDE6aIm9J+eM2YlXAUJceT9Amdn46B2wbMS
> > fwEABCKcYdjzELi5xmXqY2vfmg+sQ/43GUNyc2fmrRHC8wqtZIg2QvHllzlmeXb1
> > OprbrfUSa8Zlo2dTUoPgmOueS1DS8q0eeQuTvhaKaA3idLF6TwceCTizVjyYOZ8C
> > cFl0OgwaCQKBgQCQ10bm3dUZA3nxbEbsAOdiRMjxopYk5oFHEJUzIY3O1IlOP/1M
> > jWtsoQF9iucv1oA73uJadHM8aIgOwgB1z1/KRdzmTixqa1RAL4bovPe1eG3D1r34
> > HuMXpjhCZwIIvHEyolVgqjAzUIDMa1h7iGxtH47SMeB8N1OXGPprKAKjwQKBgDqu
> > DP5i47Y3RvdXJsEbycuEDeCtusHpEz4tztR8ZvwHRKmakBH8h56Dpj/qH0WMtZMh
> > 2jGfJpVdee+IkeP+E4FoDcIHgLmC9Oo7Xq6cdm3Y5DShr0brThV+PKjddOaIHwL3
> > u3V5rinsvEaB0+nI5ywSP21iA4ixkysc4+t46OZRAoGBAKnlID2KANL/JllCyLZF
> > LpnodKn0l7K40QWgbhfBxT/AqiRSR8rTIkTGP/Vkj0IwOBjp8zj/D5/6GjazbPXC
> > J3O45Fpu6ESkx/LUKBjncvyww7b9UNHY2tPQW1HliUexd7mufRGn0urFZjabPCuO
> > 84KXuWTVsQjT0oChqsToh3Oy
> > -----END PRIVATE KEY-----
> > ````
> >
> > What can I do ? somebody give me  some suggestion .
> >
> >
> > 发自网易邮箱大师
> >
> > _______________________________________________
> > ceph-users mailing list
> > ceph-users@xxxxxxxxxxxxxx
> > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com




[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux