[389-users] Admin Server - Encryption Tab
Rich Megginson
rmeggins at redhat.com
Thu Feb 9 16:23:16 UTC 2012
On 02/09/2012 09:12 AM, MATON Brett wrote:
>
> *From:*Rich Megginson [mailto:rmeggins at redhat.com]
> *Sent:* 09 February 2012 16:51
> *To:* General discussion list for the 389 Directory server project.
> *Cc:* MATON Brett
> *Subject:* Re: [389-users] Admin Server - Encryption Tab
>
> On 02/09/2012 08:45 AM, MATON Brett wrote:
>
> Platform RHEL6.2 x86_64 (EPEL repository enabled)
>
> $ rpm -qa | grep 389
>
> 389-admin-console-doc-1.1.8-1.el6.noarch
>
> 389-ds-base-libs-1.2.9.14-1.el6_2.2.x86_64
>
> 389-admin-console-1.1.8-1.el6.noarch
>
> 389-adminutil-1.1.14-2.el6.x86_64
>
> 389-ds-console-1.2.6-1.el6.noarch
>
> 389-ds-1.2.2-1.el6.noarch
>
> 389-ds-base-1.2.9.14-1.el6_2.2.x86_64
>
> 389-ds-console-doc-1.2.6-1.el6.noarch
>
> 389-console-1.1.7-1.el6.noarch
>
> 389-admin-1.1.25-1.el6.x86_64
>
> gpg-pubkey-b3892132-4c63febc
>
> 389-dsgw-1.1.7-2.el6.x86_64
>
> I can only access the Encryption Tab of 389 Admin Server from the
> local host.
>
> When I try to access it from a remote desktop, it hangs for want of a
> better description at "Loading" the progress bar in the bottom right
> corner fills up and then starts over.
>
> Nothing to note in the logs other than:
>
> Blah admserv_host_ip_check: ap_get_remote_host could not resolve blah
>
> Which is another thread...
>
> This happens whether I'm using LDAPS to plain vanilla LDAP.
>
> Any thoughts ?
>
> you do seem to have the magic bug finger . . .
>
> try 389-console -D 9 -f console.log
> to see if there is anything interesting in the console.log
>
hmm - try
rm -rf ~/.389-console
to clear out the jar file cache
then run the console again
>
>
> ( Exception in thread "LongAction" java.lang.NoSuchMethodError: /
> about half way down)
>
> ClassLoader: :loadClass():name:java.lang.StringBuffer
>
> security=off
>
> familyList=RSA
>
> RSA-activated=on
>
> RSA-token=internal (software)
>
> RSA-cert=<DS FQDN>
>
> familyList=NULL
>
> ssl2-activated=on
>
> ssl2=-des,-rc2export,-rc4export,-desede3,-rc4,-rc2
>
> ssl3-activated=on
>
> ssl3=+rsa_rc2_40_md5,+rsa_rc4_128_md5,+rsa_3des_sha,+rsa_rc4_40_md5,-rsa_null_sha,+fips_des_sha,+fips_3des_sha,+rsa_des_sha,-rsa_null_md5,+rsa_aes_128_sha,+rsa_aes_256_sha,+rsa_des_56_sha,+rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha,+rsa_des_56_sha,+rsa_rc4_56_sha
>
> clientauth=off
>
> Framework.setCursor(): Discarding change of cursor
>
> TurnOnSSL:getPanel()
>
> ResourceSet: NOT found in cache
> loader398582579:com.netscape.management.client.security.securityResource
>
> CommManager> New CommRecord (http://<DS
> FQDN>:9830/admin-serv/tasks/configuration/SecurityOp)
>
> http://<DS FQDN>:9830/[5:0] open> Ready
>
> http://<DS FQDN>:9830/[5:0] accept> http://<DS
> FQDN>:9830/admin-serv/tasks/configuration/SecurityOp
>
> http://<DS FQDN>:9830/[5:0] send> POST \
>
> http://<DS FQDN>:9830/[5:0] send>
> /admin-serv/tasks/configuration/SecurityOp \
>
> http://<DS FQDN>:9830/[5:0] send> HTTP/1.0
>
> http://<DS FQDN>:9830/[5:0] send> Host: <DS FQDN>:9830
>
> http://<DS FQDN>:9830/[5:0] send> Connection: Keep-Alive
>
> http://<DS FQDN>:9830/[5:0] send> User-Agent: 389-Management-Console/1.1.5
>
> http://<DS FQDN>:9830/[5:0] send> Accept-Language: en
>
> http://<DS FQDN>:9830/[5:0] send> Authorization: Basic \
>
> http://<DS FQDN>:9830/[5:0] send>
> Y249RGlyZWN0b3J5IE1hbmFnZXI6NzFwd2RucmI= \
>
> http://<DS FQDN>:9830/[5:0] send>
>
> http://<DS FQDN>:9830/[5:0] send> Content-Length:43
>
> http://<DS FQDN>:9830/[5:0] send> Content-Type:
> application/x-www-form-urlencoded
>
> http://<DS FQDN>:9830/[5:0] send> Content-Transfer-Encoding: 7bit
>
> http://<DS FQDN>:9830/[5:0] send>
>
> http://<DS FQDN>:9830/[5:0] send> Writing 43 bytes...
>
> http://<DS FQDN>:9830/[5:0] send> 43 bytes written
>
> http://<DS FQDN>:9830/[5:0] recv> HTTP/1.1 200 OK
>
> http://<DS FQDN>:9830/[5:0] recv> Date: Thu, 09 Feb 2012 16:01:48 GMT
>
> http://<DS FQDN>:9830/[5:0] recv> Server: Apache/2.2
>
> HttpChannel.invoke: admin version = 2.2
>
> http://<DS FQDN>:9830/[5:0] recv> Admin-Server: 389-Administrator/1.1.25
>
> HttpChannel.invoke: admin version = 1.1.25
>
> http://<DS FQDN>:9830/[5:0] recv> Connection: close
>
> http://<DS FQDN>:9830/[5:0] recv> Content-Type: text/html
>
> http://<DS FQDN>:9830/[5:0] recv>
>
> http://<DS FQDN>:9830/[5:0] recv> Reading unknown length bytes...
>
> http://<DS FQDN>:9830/[5:0] recv> 314 bytes read
>
> http://<DS FQDN>:9830/[5:0] close> Closed
>
> <TOKENLIST>
>
> <SECURITY>domestic</SECURITY>
>
> <RSA_TOKEN>
>
> <internal (software)>
>
> <CERT0><DS FQDN></CERT0>
>
> </internal (software)>
>
> </RSA_TOKEN>
>
> </TOKENLIST>
>
> Content-type: text/html
>
> NMC_Status: 2
>
> NMC_ErrType:
>
> NMC_ErrInfo: NSS shutdown failed: error -8053:unknown
>
> Content-type: text/html
>
> NMC_Status: 0
>
> Exception in thread "LongAction" java.lang.NoSuchMethodError:
> com.netscape.management.client.security.CipherPreferenceDialog.<init>(Ljava/awt/Frame;ZZZZZZ)V
>
> at
> com.netscape.management.admserv.panel.TurnOnSSL.setSecurityIsDomestic(Unknown
> Source)
>
> at
> com.netscape.management.client.security.EncryptionPanel.<init>(Unknown
> Source)
>
> at
> com.netscape.management.client.security.EncryptionPanel.<init>(Unknown
> Source)
>
> at
> com.netscape.management.admserv.panel.TurnOnSSL.getPanel(Unknown Source)
>
> at
> com.netscape.management.admserv.config.TabbedConfigPanel$CreateTabAction.run(Unknown
> Source)
>
> at
> com.netscape.management.admserv.config.BaseConfigPanel$4.run(Unknown
> Source)
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> CommManager> New CommRecord (http://<DS
> FQDN>:9830/admin-serv/tasks/operation/StatusPing)
>
> http://<DS FQDN>:9830/[6:0] open> Ready
>
> http://<DS FQDN>:9830/[6:0] accept> http://<DS
> FQDN>:9830/admin-serv/tasks/operation/StatusPing
>
> http://<DS FQDN>:9830/[6:0] send> GET \
>
> http://<DS FQDN>:9830/[6:0] send> /admin-serv/tasks/operation/StatusPing \
>
> http://<DS FQDN>:9830/[6:0] send> HTTP/1.0
>
> http://<DS FQDN>:9830/[6:0] send> Host: <DS FQDN>:9830
>
> http://<DS FQDN>:9830/[6:0] send> Connection: Keep-Alive
>
> http://<DS FQDN>:9830/[6:0] send> User-Agent: 389-Management-Console/1.1.5
>
> http://<DS FQDN>:9830/[6:0] send> Accept-Language: en
>
> http://<DS FQDN>:9830/[6:0] send> Authorization: Basic \
>
> http://<DS FQDN>:9830/[6:0] send>
> Y249RGlyZWN0b3J5IE1hbmFnZXI6NzFwd2RucmI= \
>
> http://<DS FQDN>:9830/[6:0] send>
>
> http://<DS FQDN>:9830/[6:0] send>
>
> http://<DS FQDN>:9830/[6:0] recv> HTTP/1.1 200 OK
>
> http://<DS FQDN>:9830/[6:0] recv> Date: Thu, 09 Feb 2012 16:01:53 GMT
>
> http://<DS FQDN>:9830/[6:0] recv> Server: Apache/2.2
>
> HttpChannel.invoke: admin version = 2.2
>
> http://<DS FQDN>:9830/[6:0] recv> Admin-Server: 389-Administrator/1.1.25
>
> HttpChannel.invoke: admin version = 1.1.25
>
> http://<DS FQDN>:9830/[6:0] recv> Connection: close
>
> http://<DS FQDN>:9830/[6:0] recv> Content-Type: text/html
>
> http://<DS FQDN>:9830/[6:0] recv>
>
> http://<DS FQDN>:9830/[6:0] recv> Reading unknown length bytes...
>
> http://<DS FQDN>:9830/[6:0] recv> 19 bytes read
>
> AbstractServerObject.StatusThread: Check Status CGI = 1 exe time: 0.036
>
> AbstractServerObject.StatusThread: change listener count=1
>
> http://<DS FQDN>:9830/[6:0] close> Closed
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> AbstractServerObject.StatusThread: waiting for change listeners to
> register
>
> Brett
>
> -------------------------------------------------------------------
>
> *GreeNRB**
> */NRB considers its environmental responsibility and goes for green IT./
> /May we ask you to consider yours before printing this e-mail? /**
>
> *NRB, daring to commit
> */This e-mail and any attachments, which may contain information that
> is confidential and/or protected by intellectual property rights, are
> intended for the exclusive use of the above-mentioned addressee(s).
> Any use (including reproduction, disclosure and whole or partial
> distribution in any form whatsoever) of their content is prohibited
> without prior authorization of NRB. If you have received this message
> by error, please contact the sender promptly by resending this e-mail
> back to him (her), or by calling the above number. Thank you for
> subsequently deleting this e-mail and any files attached thereto./
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org <mailto:389-users at lists.fedoraproject.org>
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
> -------------------------------------------------------------------
>
> *GreeNRB
> */NRB considers its environmental responsibility and goes for green IT./
> /May we ask you to consider yours before printing this e-mail? /**
>
> *NRB, daring to commit
> */This e-mail and any attachments, which may contain information that
> is confidential and/or protected by intellectual property rights, are
> intended for the exclusive use of the above-mentioned addressee(s).
> Any use (including reproduction, disclosure and whole or partial
> distribution in any form whatsoever) of their content is prohibited
> without prior authorization of NRB. If you have received this message
> by error, please contact the sender promptly by resending this e-mail
> back to him (her), or by calling the above number. Thank you for
> subsequently deleting this e-mail and any files attached thereto./
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120209/adb678b6/attachment.html>
More information about the 389-users
mailing list