Re: commend "ceph dashboard create-self-signed-cert " ERR

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



HI, John:

I check the selinux. it  disabled:

[root@localhost ~]# getenforce
Disabled


发自网易邮箱大师

On 07/3/2018 16:19John Spray<jspray@xxxxxxxxxx> wrote:
On Tue, Jul 3, 2018 at 9:18 AM John Spray <jspray@xxxxxxxxxx> wrote:

On Tue, Jul 3, 2018 at 6:25 AM jaywaychou <jaywaychou@xxxxxxxxx> wrote:


HI,Cephers:

I just use Mimic  Ceph  for Dashboard. I just do as http://docs.ceph.com/docs/mimic/mgr/dashboard/

When   install a self-signed certificate as build-in commend , it stuck ERR like as bellow:

[root@localhost ~]# ceph dashboard create-self-signed-cert
Error EINVAL: Traceback (most recent call last):
File "/usr/lib64/ceph/mgr/dashboard/module.py", line 319, in handle_command
self.create_self_signed_cert()
File "/usr/lib64/ceph/mgr/dashboard/module.py", line 328, in create_self_signed_cert
pkey.generate_key(crypto.TYPE_RSA, 2048)
Error: [('rsa routines', 'RSA_BUILTIN_KEYGEN', 'BN lib')]

What linux distro are you running?  This seems like it could be
something wrong with the openssl library on your system.

Sorry, I missed that you had verified that the library worked when
called separately.  So now I'm wondering if selinux is enabled on your
system, which might be somehow restricting what the ceph-mgr process
can do vs. what you can do at the console.

John

John

I check the  /usr/lib64/ceph/mgr/dashboard/module.py . And execute in local  env. it's  OK.

```
[root@localhost ~]# cat xx.py
from OpenSSL import crypto
from uuid import uuid4

def create_self_signed_cert():
# create a key pair
pkey = crypto.PKey()
pkey.generate_key(crypto.TYPE_RSA, 2048)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().O = "IT"
cert.get_subject().CN = "ceph-dashboard"
cert.set_serial_number(int(uuid4()))
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*365*24*60*60)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(pkey)
cert.sign(pkey, 'sha512')

cert = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
print cert

pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
print pkey

create_self_signed_cert()

[root@localhost ~]# python xx.py
-----BEGIN CERTIFICATE-----
MIICzzCCAbcCEDPwZUMnzU46kIAo0OdYes8wDQYJKoZIhvcNAQENBQAwJjELMAkG
A1UEChMCSVQxFzAVBgNVBAMTDmNlcGgtZGFzaGJvYXJkMB4XDTE4MDcwMzA1MTEx
OFoXDTI4MDYzMDA1MTExOFowJjELMAkGA1UEChMCSVQxFzAVBgNVBAMTDmNlcGgt
ZGFzaGJvYXJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRFebQbR
2CuIucrhEZLI3V9hV/Jf3ca2+Hl54q5jWwk1SP5iki88zDxYxSthByBm4B07RUc1
TMYnLCpoC4APN2wENsYcp/D6+VydBKigDeG8cGMHgrwuQGgHKU40rTXZ88SFbzqT
7gzeYe0kuXTCNNIPtsjFdbRo33Ra5eoTzEeEaWqz6BfUknufF0Lf4ibRPVMwdH3a
mrESBhc8EAxd3h8ZvulObat76S4oQlL/E28NYkooZMpszZKAg5vCz7WNPjOcLbu+
MQ0LrjLZoZi9039/UxJISVmOWTvylgWGZ8rN+KTPtA+yUMxtXhSCW5eNl3YmUJPY
ER4r10B+g46UyQIDAQABMA0GCSqGSIb3DQEBDQUAA4IBAQBL6ZYWw4VqW24p7zsU
gyIgTqX9yZTMb1Iavgyx8w7JtMrVbLSTM3zxu8LU4z4WlEtLiM/lYVWzDVlpVcfH
sChbS8LtbWELf71hnceBJl+UzaZOUQVdzzo7l5G6ULLo5QPC0NkqKjqd+vOpiIyE
j28XXIzwT9tRj1SCE/3ItzPVm7NpMVMpLavR2aH9sxOntUIp0leLVFXjy5gnEdfI
uhvjoXtnImeXLOUhdP3ihpyiWu1UshLH7H3wiXI9pPG4M38lQBgX4gaGiw46nH8u
B+DvyND2/uGWhtLveQ8yuckj6PaHGdMe1QTfBu4tm9Okb06Tgpk8wZlJ1UQi6lZg
GjmT
-----END CERTIFICATE-----

-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCZEV5tBtHYK4i5
yuERksjdX2FX8l/dxrb4eXnirmNbCTVI/mKSLzzMPFjFK2EHIGbgHTtFRzVMxics
KmgLgA83bAQ2xhyn8Pr5XJ0EqKAN4bxwYweCvC5AaAcpTjStNdnzxIVvOpPuDN5h
7SS5dMI00g+2yMV1tGjfdFrl6hPMR4RparPoF9SSe58XQt/iJtE9UzB0fdqasRIG
FzwQDF3eHxm+6U5tq3vpLihCUv8Tbw1iSihkymzNkoCDm8LPtY0+M5wtu74xDQuu
MtmhmL3Tf39TEkhJWY5ZO/KWBYZnys34pM+0D7JQzG1eFIJbl42XdiZQk9gRHivX
QH6DjpTJAgMBAAECggEAEoJ0LbD2bTKOfREYeFyMp6BiEBWCHDpsY82kvJGj+B07
8VC5sL2/l17wyR7+w7LaXd2LDkyXGGqZ0BBstn9M18HbHJiGXJSadM8LOcX+XM9g
TyLahKem3Cj4PLl1S0DI015/WDz4KIAr4CGiID8LQQHp3ouWvS4MxIC4gTb2H+yS
KUN6fkOM0KgdaSUSPpuh5FdsRHpbozux6G+77nOIm9InQTf9I0F+s9mf9tD74evR
+1UVDk8Ox4BZm5jTHy1cq0q881OhfZftlItRDAoekiV+0TV8od6CrLheDJYImZeQ
ufcBumr7YS3YkOI0+wCcldY7xrPzX4pWEcv7A21eAQKBgQDG/66WQzlQ8zHV0YPT
SH8PHnv+95FQJ/Y9rJHYe7K9/Du2/1vjJDLdz4cs9aFFFa0/GmD8D0sqh8VZIwvP
rUDKgfJF0Q4wAnuoisIYhoPU35jEMKzut98ww5t5Hln00XblTD7koe4+e8/VN4jl
Du976cKEW981poj2S2lCUcRUwQKBgQDE6aIm9J+eM2YlXAUJceT9Amdn46B2wbMS
fwEABCKcYdjzELi5xmXqY2vfmg+sQ/43GUNyc2fmrRHC8wqtZIg2QvHllzlmeXb1
OprbrfUSa8Zlo2dTUoPgmOueS1DS8q0eeQuTvhaKaA3idLF6TwceCTizVjyYOZ8C
cFl0OgwaCQKBgQCQ10bm3dUZA3nxbEbsAOdiRMjxopYk5oFHEJUzIY3O1IlOP/1M
jWtsoQF9iucv1oA73uJadHM8aIgOwgB1z1/KRdzmTixqa1RAL4bovPe1eG3D1r34
HuMXpjhCZwIIvHEyolVgqjAzUIDMa1h7iGxtH47SMeB8N1OXGPprKAKjwQKBgDqu
DP5i47Y3RvdXJsEbycuEDeCtusHpEz4tztR8ZvwHRKmakBH8h56Dpj/qH0WMtZMh
2jGfJpVdee+IkeP+E4FoDcIHgLmC9Oo7Xq6cdm3Y5DShr0brThV+PKjddOaIHwL3
u3V5rinsvEaB0+nI5ywSP21iA4ixkysc4+t46OZRAoGBAKnlID2KANL/JllCyLZF
LpnodKn0l7K40QWgbhfBxT/AqiRSR8rTIkTGP/Vkj0IwOBjp8zj/D5/6GjazbPXC
J3O45Fpu6ESkx/LUKBjncvyww7b9UNHY2tPQW1HliUexd7mufRGn0urFZjabPCuO
84KXuWTVsQjT0oChqsToh3Oy
-----END PRIVATE KEY-----
````

What can I do ? somebody give me  some suggestion .


发自网易邮箱大师

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux