| *** crafty_ (4c4d9e85@gateway/web/freenode/ip.76.77.158.133) has joined #wikid | 00:18 | |
| crafty_ | i just downloaded wikid 3.0.9 on my blackberry. when i try to run it i get an error message that says "Uncaught exception: java.lang.error | 00:20 |
|---|---|---|
| crafty_ | Any suggestions? | 00:20 |
| *** crafty_ has quit (Ping timeout: 245 seconds) | 00:29 | |
| *** coolacid has quit (Quit: Leaving) | 02:58 | |
| nowen | morhing | 13:36 |
| nowen | or morning, maybe | 13:36 |
| nowen | ionepoch: why do you want to disable the redirect? | 13:37 |
| *** mlavengood (3faa0bfa@gateway/web/freenode/ip.63.170.11.250) has joined #wikid | 14:29 | |
| mlavengood | good morning | 14:29 |
| nowen | morning | 14:29 |
| mlavengood | quick question. I am getting ready to start testing and wondered if I can only use one NIC | 14:30 |
| mlavengood | The testing will all be internal to my network | 14:30 |
| nowen | yeah, that's no problem | 14:30 |
| nowen | just know that only tokens on your internal network will be able to talk to the server | 14:31 |
| mlavengood | great. Thank you for your help | 14:31 |
| nowen | you can also NAT the WiKID server to an external ip | 14:31 |
| nowen | but use the external IP as the domain identifier/12 digit code | 14:31 |
| mlavengood | ok. If I don't NAT at this time (change control/dmz) do I use the internal ip as the domain identifier? | 14:32 |
| nowen | yes | 14:32 |
| nowen | but you can't 'move' those users to a new external domain. | 14:33 |
| mlavengood | ok makes sense | 14:34 |
| mlavengood | since this will be test it should not be a problem | 14:34 |
| nowen | cool | 14:34 |
| mlavengood | the domain identifier is for the authentication source? | 14:34 |
| nowen | it is how the tokens find the WiKID server | 14:35 |
| mlavengood | so multiple client systems can use the same domain identifier? | 14:35 |
| nowen | yes, multiple tokens can be on the same domain. But, to be clear, the services you're protecting, vpn, etc, are Network clients. | 14:36 |
| mlavengood | got it | 14:36 |
| mlavengood | still working my way through the documentation. Thanks again | 14:36 |
| nowen | np | 14:36 |
| *** JC___ (408b4af1@gateway/web/freenode/ip.64.139.74.241) has joined #wikid | 15:43 | |
| nowen | welcome JC___ | 15:44 |
| JC___ | Hi! We are currently looking at upgrading our 2 Factor authentication system but we already have a bunch of c200 OTP OATH hardware tokens...if we go with Wikid, can we configure the service to use these tokens for authetication? | 15:44 |
| JC___ | We are already using these in other systems we authenticate with which won't be going away and we don't want to give our users a second method to remember to use as well | 15:45 |
| nowen | JC___: sorry, we don't support OATH. However, those tokens are a sunk cost. I'd be curious as to whether WiKID is cost-effective against an OATH server without tokens | 15:46 |
| *** JC___ has quit (Ping timeout: 245 seconds) | 15:50 | |
| *** mlavengood has quit (Ping timeout: 245 seconds) | 16:02 | |
| *** FlexyZ (5551950e@gateway/web/freenode/ip.85.81.149.14) has joined #wikid | 19:57 | |
| FlexyZ | hi | 20:07 |
| jY | hi | 20:08 |
| FlexyZ | I have some problems getting the community version running on ubuntu 11.10 - any one tried that or | 20:11 |
| nowen | what issues? | 20:12 |
| FlexyZ | I cant install the -- Install the Intermediate CA -- | 20:12 |
| FlexyZ | I verified the bounty stuff and looks good (I think) | 20:13 |
| nowen | ahh | 20:13 |
| FlexyZ | java.security.cert.CertificateException: java.lang.IllegalArgumentException: Bad sequence size: 7 at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source) java.security.cert.CertificateException: java.lang.IllegalArgumentException: Bad sequence size: 7 at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source) | 20:13 |
| nowen | when does this occur? you have the server back from us? | 20:14 |
| FlexyZ | not sure what u mean | 20:14 |
| nowen | when you first enter in the fqdn etc, you are creating a signing request. you enter that into the pop and you get a cert back from us | 20:15 |
| FlexyZ | yes that works | 20:16 |
| nowen | and then you install the cert | 20:16 |
| FlexyZ | yes then it fails - just a blank screen and the exception | 20:16 |
| nowen | what fqdn did you use? | 20:19 |
| FlexyZ | just the machine name hapcorewikid | 20:20 |
| nowen | I don't see a cert for that name | 20:20 |
| FlexyZ | this is when I create the CA right? | 20:21 |
| nowen | yeah, is that the host name of the server? | 20:22 |
| FlexyZ | yes should be | 20:23 |
| FlexyZ | let me try agani | 20:23 |
| nowen | yeah, try again | 20:23 |
| FlexyZ | done | 20:25 |
| nowen | ok, so, did you get the pop-up window? | 20:25 |
| FlexyZ | Keys and CSR successfully generated! | 20:26 |
| FlexyZ | and the begin certificate signing request | 20:26 |
| nowen | take the cert signing request and enter it into https://www.wikidsystems.com/wikid/newcertreq.jsp | 20:27 |
| nowen | what you have generated is the CSR, not the cert | 20:28 |
| FlexyZ | thx - what went wrong? - no popup or | 20:28 |
| nowen | do you see the link to that site above the CSR box? | 20:29 |
| nowen | ahh - there it is | 20:29 |
| nowen | did you get the cert back in the same window? | 20:29 |
| FlexyZ | yes | 20:30 |
| nowen | cool | 20:30 |
| FlexyZ | can I use the iphone token on the community edition or is that only for Ent | 20:46 |
| nowen | smart phone tokens and radius are only Enterprise. | 20:46 |
| FlexyZ | alright | 20:47 |
| *** FlexyZ has quit (Ping timeout: 245 seconds) | 21:02 | |
| *** nowen has parted #wikid (None) | 21:32 | |
| *** nowen (~nowen@adsl-74-176-212-133.asm.bellsouth.net) has joined #wikid | 22:21 | |
| *** nick_atx (~npapoyan@69.56.37.254) has joined #wikid | 22:42 | |
| *** nick_atx has parted #wikid (None) | 22:43 | |
| *** nowen has quit (Quit: Leaving.) | 23:46 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!