HI, John:
I check the selinux. it disabled:
[root@localhost ~]# getenforce
Disabled
发自网易邮箱大师
On 07/3/2018 16:19,John Spray<jspray@xxxxxxxxxx> wrote:
On Tue, Jul 3, 2018 at 9:18 AM John Spray <jspray@xxxxxxxxxx> wrote:
On Tue, Jul 3, 2018 at 6:25 AM jaywaychou <jaywaychou@xxxxxxxxx> wrote:
HI,Cephers:
I just use Mimic Ceph for Dashboard. I just do as http://docs.ceph.com/docs/mimic/mgr/dashboard/
When install a self-signed certificate as build-in commend , it stuck ERR like as bellow:
[root@localhost ~]# ceph dashboard create-self-signed-cert
Error EINVAL: Traceback (most recent call last):
File "/usr/lib64/ceph/mgr/dashboard/module.py", line 319, in handle_command
self.create_self_signed_cert()
File "/usr/lib64/ceph/mgr/dashboard/module.py", line 328, in create_self_signed_cert
pkey.generate_key(crypto.TYPE_RSA, 2048)
Error: [('rsa routines', 'RSA_BUILTIN_KEYGEN', 'BN lib')]
What linux distro are you running? This seems like it could be
something wrong with the openssl library on your system.
Sorry, I missed that you had verified that the library worked when
called separately. So now I'm wondering if selinux is enabled on your
system, which might be somehow restricting what the ceph-mgr process
can do vs. what you can do at the console.
John
John
I check the /usr/lib64/ceph/mgr/dashboard/module.py . And execute in local env. it's OK.
```
[root@localhost ~]# cat xx.py
from OpenSSL import crypto
from uuid import uuid4
def create_self_signed_cert():
# create a key pair
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().O = "IT"
cert.get_subject().CN = "ceph-dashboard"
cert.set_serial_number(int(uuid4()))
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(pkey)
cert.sign(pkey, 'sha512')
cert = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
print cert
pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
print pkey
create_self_signed_cert()
[root@localhost ~]# python xx.py
-----BEGIN CERTIFICATE-----
MIICzzCCAbcCEDPwZUMnzU46kIAo0OdYes8wDQYJKoZIhvcNAQENBQAwJjELMAkG
A1UEChMCSVQxFzAVBgNVBAMTDmNlcGgtZGFzaGJvYXJkMB4XDTE4MDcwMzA1MTEx
OFoXDTI4MDYzMDA1MTExOFowJjELMAkGA1UEChMCSVQxFzAVBgNVBAMTDmNlcGgt
ZGFzaGJvYXJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRFebQbR
2CuIucrhEZLI3V9hV/Jf3ca2+Hl54q5jWwk1SP5iki88zDxYxSthByBm4B07RUc1
TMYnLCpoC4APN2wENsYcp/D6+VydBKigDeG8cGMHgrwuQGgHKU40rTXZ88SFbzqT
7gzeYe0kuXTCNNIPtsjFdbRo33Ra5eoTzEeEaWqz6BfUknufF0Lf4ibRPVMwdH3a
mrESBhc8EAxd3h8ZvulObat76S4oQlL/E28NYkooZMpszZKAg5vCz7WNPjOcLbu+
MQ0LrjLZoZi9039/UxJISVmOWTvylgWGZ8rN+KTPtA+yUMxtXhSCW5eNl3YmUJPY
ER4r10B+g46UyQIDAQABMA0GCSqGSIb3DQEBDQUAA4IBAQBL6ZYWw4VqW24p7zsU
gyIgTqX9yZTMb1Iavgyx8w7JtMrVbLSTM3zxu8LU4z4WlEtLiM/lYVWzDVlpVcfH
sChbS8LtbWELf71hnceBJl+UzaZOUQVdzzo7l5G6ULLo5QPC0NkqKjqd+vOpiIyE
j28XXIzwT9tRj1SCE/3ItzPVm7NpMVMpLavR2aH9sxOntUIp0leLVFXjy5gnEdfI
uhvjoXtnImeXLOUhdP3ihpyiWu1UshLH7H3wiXI9pPG4M38lQBgX4gaGiw46nH8u
B+DvyND2/uGWhtLveQ8yuckj6PaHGdMe1QTfBu4tm9Okb06Tgpk8wZlJ1UQi6lZg
GjmT
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCZEV5tBtHYK4i5
yuERksjdX2FX8l/dxrb4eXnirmNbCTVI/mKSLzzMPFjFK2EHIGbgHTtFRzVMxics
KmgLgA83bAQ2xhyn8Pr5XJ0EqKAN4bxwYweCvC5AaAcpTjStNdnzxIVvOpPuDN5h
7SS5dMI00g+2yMV1tGjfdFrl6hPMR4RparPoF9SSe58XQt/iJtE9UzB0fdqasRIG
FzwQDF3eHxm+6U5tq3vpLihCUv8Tbw1iSihkymzNkoCDm8LPtY0+M5wtu74xDQuu
MtmhmL3Tf39TEkhJWY5ZO/KWBYZnys34pM+0D7JQzG1eFIJbl42XdiZQk9gRHivX
QH6DjpTJAgMBAAECggEAEoJ0LbD2bTKOfREYeFyMp6BiEBWCHDpsY82kvJGj+B07
8VC5sL2/l17wyR7+w7LaXd2LDkyXGGqZ0BBstn9M18HbHJiGXJSadM8LOcX+XM9g
TyLahKem3Cj4PLl1S0DI015/WDz4KIAr4CGiID8LQQHp3ouWvS4MxIC4gTb2H+yS
KUN6fkOM0KgdaSUSPpuh5FdsRHpbozux6G+77nOIm9InQTf9I0F+s9mf9tD74evR
+1UVDk8Ox4BZm5jTHy1cq0q881OhfZftlItRDAoekiV+0TV8od6CrLheDJYImZeQ
ufcBumr7YS3YkOI0+wCcldY7xrPzX4pWEcv7A21eAQKBgQDG/66WQzlQ8zHV0YPT
SH8PHnv+95FQJ/Y9rJHYe7K9/Du2/1vjJDLdz4cs9aFFFa0/GmD8D0sqh8VZIwvP
rUDKgfJF0Q4wAnuoisIYhoPU35jEMKzut98ww5t5Hln00XblTD7koe4+e8/VN4jl
Du976cKEW981poj2S2lCUcRUwQKBgQDE6aIm9J+eM2YlXAUJceT9Amdn46B2wbMS
fwEABCKcYdjzELi5xmXqY2vfmg+sQ/43GUNyc2fmrRHC8wqtZIg2QvHllzlmeXb1
OprbrfUSa8Zlo2dTUoPgmOueS1DS8q0eeQuTvhaKaA3idLF6TwceCTizVjyYOZ8C
cFl0OgwaCQKBgQCQ10bm3dUZA3nxbEbsAOdiRMjxopYk5oFHEJUzIY3O1IlOP/1M
jWtsoQF9iucv1oA73uJadHM8aIgOwgB1z1/KRdzmTixqa1RAL4bovPe1eG3D1r34
HuMXpjhCZwIIvHEyolVgqjAzUIDMa1h7iGxtH47SMeB8N1OXGPprKAKjwQKBgDqu
DP5i47Y3RvdXJsEbycuEDeCtusHpEz4tztR8ZvwHRKmakBH8h56Dpj/qH0WMtZMh
2jGfJpVdee+IkeP+E4FoDcIHgLmC9Oo7Xq6cdm3Y5DShr0brThV+PKjddOaIHwL3
u3V5rinsvEaB0+nI5ywSP21iA4ixkysc4+t46OZRAoGBAKnlID2KANL/JllCyLZF
LpnodKn0l7K40QWgbhfBxT/AqiRSR8rTIkTGP/Vkj0IwOBjp8zj/D5/6GjazbPXC
J3O45Fpu6ESkx/LUKBjncvyww7b9UNHY2tPQW1HliUexd7mufRGn0urFZjabPCuO
84KXuWTVsQjT0oChqsToh3Oy
-----END PRIVATE KEY-----
````
What can I do ? somebody give me some suggestion .
发自网易邮箱大师
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com