Monday, 2014-04-14

« Sunday, 2014-04-13 Index Tuesday, 2014-04-15 »
*** Rudy6 (~Rudy6@213.132.115.194) has joined #wikid10:54
*** Rudy6 has quit (Remote host closed the connection)13:10
*** Rudy6 (~Rudy6@213.132.115.194) has joined #wikid13:11
*** nowen (~nowen@99-174-92-191.lightspeed.tukrga.sbcglobal.net) has joined #wikid13:34
*** TylerCash (~TylerCash@142.177.239.187) has joined #wikid13:40
TylerCashHello, I am having an issue utilizing the example.jsp page. I have tried everything reagrding the forums and I am now trying here.13:42
nowensorry for the issue13:42
nowenare you getting the wClient not connecting issue13:42
TylerCashYes indeed I am.13:43
nowenAnd what version of WiKID is this?13:43
TylerCashwikid-server-enterprise-3.5.0-b1472Would you like to see the adjusted code I have adjusted the following code (Where XXXXXXXX) is either our servercode or passphrase.13:43
TylerCashCorrection: wikid-server-enterprise-3.5.0-b147213:44
nowendid you create an intermediate CA and localhost cert?13:44
TylerCashI did. When I run the following:13:44
TylerCashkeytool -list -v -keystore /opt/WiKID/private/intCAKeys.p12 -storetype pkcs12 -storepass XXXXXX13:44
TylerCashkeytool -list -v -keystore /opt/WiKID/private/localhost.p12 -storetype pkcs12 -storepass XXXXXX13:44
TylerCashThey come back OK13:44
nowenand you restarted wikid after editing the jsp?13:45
TylerCashCorrect.13:45
TylerCashThe only thing I noticed is.13:45
TylerCashI have an ! in the middle of one of the passphrases.13:45
TylerCashWhen I run: keytool -list -v -keystore /opt/WiKID/private/localhost.p12 -storetype pkcs12 -storepass XXXX!XXXX it fails.13:46
TylerCashI have to use keytool -list -v -keystore /opt/WiKID/private/localhost.p12 -storetype pkcs12 -storepass 'XXXX!XXXX'13:46
nowenyeah13:46
TylerCashDo I also need to reflect that in the jsp?13:46
nowenthat's should be fine.  the jsp has it in quotes, right?13:46
TylerCashCorrect, here is the code:13:46
TylerCash<%13:47
TylerCash    String defaultservercode = "XXXXXXXXXXXX";13:47
TylerCash    String status = "";13:47
TylerCash    String chall;13:47
TylerCash    wClient wc;13:47
TylerCash    if (session.getServletContext().getAttribute("wClient") == null) {13:47
TylerCash        wc = new wClient("127.0.0.1", 8388, Config.getValue("BASEPATH")+"private/localhost.p12", "XXXXXXXXXXX", Config.getValue("BASEPATH")+"private/CACertStore", "changeit" ) ;13:47
TylerCash        session.getServletContext().setAttribute("wClient", wc);13:47
TylerCash    } else {13:47
TylerCash        wc = (wClient) session.getServletContext().getAttribute("wClient");13:47
TylerCash    }13:47
TylerCash    if (wc.isConnected()) {13:47
TylerCash%>13:47
TylerCashI have restarted WiKID a after every change. The wAuth Configuration states that it is running.13:48
nowenanything in the WiKIDAdmin logs?13:48
TylerCashYes indeed.13:49
TylerCash2014-04-14 10:09:05.644ERRORcom.wikidsystems.client.wClientERROR: java.net.SocketException: Broken pipe13:49
TylerCash2014-04-14 10:09:05.636ERRORcom.wikidsystems.server.wAuthCouldn't validate the client certificate. Verify the validity and dates of the client cert.13:49
nowenis the date correct on your box?13:49
TylerCashYes.13:49
TylerCash[root@XXXXXXX WiKIDAdmin]# date13:49
TylerCashMon Apr 14 10:49:32 ADT 201413:49
nowendoes the date on the error match your restart?13:50
TylerCashThat is the proper date/time where the box resides.13:50
nowenhmm13:50
TylerCashHmmmm.13:50
nowenwhat version of java?13:50
TylerCashOk, let me verify that for you.13:50
TylerCash WiKIDAdmin]# java -version13:51
TylerCashjava version "1.6.0_22"13:51
TylerCashOpenJDK Runtime Environment (IcedTea6 1.10.10) (rhel-1.28.1.10.10.el5_8-i386)13:51
TylerCashOpenJDK Server VM (build 20.0-b11, mixed mode)13:51
TylerCashI am performing the restart now.13:52
TylerCashYes indeed those same errors show up after wikidctl restart is performed.13:54
TylerCash2014-04-14 10:53:27.580ERRORcom.wikidsystems.client.wClientERROR: java.net.SocketException: Broken pipe13:54
TylerCash2014-04-14 10:53:27.572ERRORcom.wikidsystems.server.wAuthCouldn't validate the client certificate. Verify the validity and dates of the client cert.13:54
TylerCashwith the appropriate date/time stamp.13:54
nowenok - stop the server13:56
TylerCashOk done.13:57
nowenrun 'rm -Rf /opt/WiKID/tomcat/work'13:57
nowenand start the server again13:57
TylerCashOk, command run and started the server.13:59
TylerCashIt is still showing those errors in the logs.14:00
TylerCash2014-04-14 10:58:52.760ERRORcom.wikidsystems.client.wClientERROR: java.net.SocketException: Broken pipe14:00
TylerCash2014-04-14 10:58:52.741ERRORcom.wikidsystems.server.wAuthCouldn't validate the client certificate. Verify the validity and dates of the client cert.14:00
nowenhmm, try ctrl-shift-r to reload the page14:00
TylerCashOk performed that and it still shows errors in the log. Nothing new though.14:01
TylerCashOk, I refreshed the example.jsp page, then checked the logs and the same errors are appearing.14:02
nowenis it possible there's an extra line in your wc = new wClient line?14:03
TylerCashEntirely possible. I had it working in a previous version, then the upgrade overwrote the file. I modified the values and get the error. Where can I find the source of the original example.jsp file?14:05
*** Rudy6 has quit (Remote host closed the connection)14:06
nowenI can give you a link to the latest rpm and you can update.  If you use -force it should overwrite the file.  does that work?14:06
TylerCashYes that works. Thank You.14:06
nowenhttp://wikidsystems-dl.com/wikid-server-enterprise-3.5.0.b1545-1.noarch.rpm14:06
nowenbrb - got to get some coffee14:07
TylerCashThank you very much. I will compare the files etc and go from there.14:07
TylerCashOk, I upgraded the server to wikid-server-enterprise-3.5.0-b1545, changed the defaultservercode and passphrase within example.jsp, performed wikidctl restart and I still get the following errors:14:37
TylerCashexample.jsp: The wClient connection to the server was NOT successfully established14:37
nowenhuh14:37
TylerCashUpon Reboot: 2014-04-14 11:34:57.169ERRORcom.wikidsystems.client.wClientERROR: java.net.SocketException: Broken pipe14:37
TylerCash2014-04-14 11:34:57.158ERRORcom.wikidsystems.server.wAuthCouldn't validate the client certificate. Verify the validity and dates of the client cert.14:37
TylerCashUpon refreshing the example.jsp page: 2014-04-14 11:35:13.037ERRORcom.wikidsystems.client.wClientERROR: java.net.SocketException: Broken pipe14:38
TylerCash2014-04-14 11:35:13.027ERRORcom.wikidsystems.server.wAuthCouldn't validate the client certificate. Verify the validity and dates of the client cert.14:38
nowenso odd.  It is working for me, same java, with a  ! in the passphrase14:41
TylerCashFigures...14:42
nowendid you update java from 6 to 7 at some point?14:42
nowenlet's create new certs - intCA and localhost and try again14:43
TylerCashNo. The history of this server is: download vm, install it, upgrade WiKID via RPM on 11-24-2013 and 04-14-2014.14:43
nowenhhmm14:45
nowenwill you run: keytool -printcert -v -file WiKIDCA.cer14:45
TylerCashprivate]# keytool -printcert -v -file WiKIDCA.cer14:46
TylerCash-bash: keytool -printcert: command not found14:46
nowenhuh - didn't it work before?14:46
TylerCashwow.14:47
TylerCashyes it did.14:47
TylerCashnow it is not found?14:47
TylerCashThis worked.14:47
TylerCash private]# keytool -list -v -keystore /opt/WiKID/private/intCAKeys.p12 -storetype pkcs12 -storepass Pzvu8m4@4bonnet5!14:47
TylerCashKeystore type: PKCS1214:47
TylerCashKeystore provider: BC14:47
TylerCashYour keystore contains 1 entry14:47
TylerCashAlias name:14:47
TylerCashCreation date: Apr 14, 201414:47
TylerCashEntry type: PrivateKeyEntry14:47
TylerCashCertificate chain length: 114:47
TylerCashCertificate[1]:14:47
TylerCashETC ETC14:47
TylerCashOk I ran it and it worked.14:50
nowenjust want to make sure it's not expired14:50
TylerCashDo you want me to paste it in here or were you looking for something?14:50
TylerCashValid from: Wed Apr 17 08:43:38 ADT 2013 until: Mon Apr 17 08:43:38 ADT 202314:50
nowenthe expiration date should be 202314:50
nowenok14:50
nowenI have no idea what's going on14:50
nowenI assume that SE linux is permissive14:51
TylerCashTonight after hours I am going to revert to the 11-24-2013 snapshot and see what happens.14:52
nowenis this running in production?14:52
TylerCashYes.14:52
nowenso, it was working before, then you upgraded, and now it's not?14:52
TylerCashIt was working before upgrade on 11-24-2013.14:53
nowenwhat's the expiration date on your localhost cert?14:53
TylerCashOne second14:53
TylerCashBingo you found it.14:53
TylerCashValid from: Thu Feb 14 18:57:08 AST 2013 until: Fri Feb 14 18:57:08 AST 201414:54
nowenlol14:54
TylerCashI could swear I checked that14:54
nowenok - all you have to do is create a new localhost cert14:54
TylerCashIs there a URL for step by step on that?14:54
nowenhttp://www.wikidsystems.com/support/wikid-support-center/manual/how-to-install-the-wikid-strong-authentication-server/how-to-install-the-wikid-strong-authentication-server-enterprise-edition-page-214:55
nowensearch for14:55
nowenStep 4: Generate a Localhost Certificate14:55
TylerCashThank you.14:55
TylerCashYou rock. Thanks again.14:55
nowenbut it's pretty basic - click Configuration/Create localhost cert14:55
nowenthen restart14:55
TylerCashIt works. Thanks again.14:59
nowennice!14:59
*** coolacid has quit (Remote host closed the connection)18:32
*** coolacid (~CoolAcid@unaffiliated/coolacid) has joined #wikid18:45
*** TylerCash has quit ()21:20
*** nowen has quit (Quit: Leaving.)22:41
« Sunday, 2014-04-13 Index Tuesday, 2014-04-15 »

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!