On Thu, 2006-11-02 at 09:31 -0700, Richard Megginson wrote: Dan Deighton wrote:
> On Thu, 2006-11-02 at 08:09 -0700, Richard Megginson wrote: > Dan Deighton wrote: >> With FDS 1.0.2, I had setup a Secure Connection under the >> Configuration DS in the Admin Console. Everything was going fine >> until I updated to 1.0.3. After that, the Directory Server would >> start, but the Admin Server would not. >> >> I thought it may have been a problem with the upgrade, so I did a >> fresh install of FDS 1.0.3. As soon as I enabled a Secure Connection >> for the Configuration DS. The problem was back. > Can you post the error log from your admin server? admin-serv/logs/error > If that doesn't have much information in it, try doing start-admin -e > debug
Thanks. The last line of error output is odd: > Please enter password for "internal" token: Are you using a pin file for the admin server ssl password? No
If not, did
you type in the password on the command line?
Yes, I typed in the password. This password was created when I first managed the certificate for the Admin Server. I am prompted for this password as soon as SSL is enabled for the Admin Server. This works fine if the configuration DS is not using SSL. As soon as a secure connection is used for the Configuration DS it fails.
>> >> I had no problem setting up encryption for the Admin Server and the >> User DS. It only happens with the Configuration DS. >> >> Has anyone else seen this problem? Am I missing something obvious >> that changed with 1.0.3? >> >> Any help would be appreciated. >> >> Thanks >> >> ------------------------------------------------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users@xxxxxxxxxx >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > Without debug: > -------------- > > admin-serv/logs/error: > --- > [Thu Nov 02 10:27:11 2006] [warn] NSSProtocols not set; using: SSLv3 > and TLSv1 > [Thu Nov 02 10:27:12 2006] [crit] mod_admserv_post_config(): unable to > build user/group LDAP server info: unable to set User/Group baseDN > Configuration Failed > --- > > -------------- > > > > With debug: > -------------- > > admin-serv/logs/error > --- > > [Thu Nov 02 10:31:34 2006] [info] done Init: Initializing NSS library > [Thu Nov 02 10:31:34 2006] [warn] NSSProtocols not set; using: SSLv3 > and TLSv1 > [Thu Nov 02 10:31:35 2006] [debug] mod_admserv.c(760): sslinit: > mod_nss has been started and initialized > [Thu Nov 02 10:31:35 2006] [crit] mod_admserv_post_config(): unable to > build user/group LDAP server info: unable to set User/Group baseDN > Configuration Failed > > --- > > STDOUT: > --- > ./start-admin -e debug > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > access_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > auth_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > log_config_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > env_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > mime_magic_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > expires_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > deflate_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > headers_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > unique_id_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > setenvif_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > mime_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > vhost_alias_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > negotiation_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > dir_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > actions_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > alias_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > rewrite_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > disk_cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > file_cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > mem_cache_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > cgi_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > restartd_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > nss_module > [Thu Nov 02 10:31:29 2006] [debug] mod_so.c(247): loaded module > admserv_module > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2382): [22117] > create_server_config [0x9f09370] for (null) > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f09380] for (null) > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2431): [22117] Set > [0x9f09370] [ADMCacheLifeTime] to 600 > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2449): [22117] Set > [0x9f09370] [ADMServerVersionString] to Fedora-Administrator/1.0.3 > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f38f88] for /opt/fedora-ds/clients/dsgw/bin/ > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f3a2b0] for /*/[tT]asks/[Oo]peration/* > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f38878] for /*/[tT]asks/[Cc]onfiguration/* > [Thu Nov 02 10:31:29 2006] [debug] mod_admserv.c(2370): [22117] > create_config [0x9f3b8e0] for > /*/[tT]asks/[Oo]peration/(?i:stop|start|restart|startconfigds|create)$ > Please enter password for "internal" token: > > --- > > -------------- > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-directory-users -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
