Like many educational institutions we get "educational certificates" that are chain certificates..

With apache the full certificate chain is working as expected..

For elog I copied the appropriate files to server.crt and server.key

Netscape 3 is happy with that setup, Internet Explorer and Opera are mentioning the open certificate chain.

When I tried to copy the file known as SSLCACertificateFile in Apache to chain.crt elogd does not longer work and 

openssl s_client -showcerts -connect <myserver>:<elogd_port>

only shows: 

CONNECTED(00000003)
25523:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562:

What do I do wrong?

Gerhard Schneider

> Like many educational institutions we get "educational certificates" that are chain certificates..
> 
> With apache the full certificate chain is working as expected..
> 
> For elog I copied the appropriate files to server.crt and server.key
> 
> Netscape 3 is happy with that setup, Internet Explorer and Opera are mentioning the open certificate chain.
> 
> When I tried to copy the file known as SSLCACertificateFile in Apache to chain.crt elogd does not longer work 
and 
> 
> openssl s_client -showcerts -connect <myserver>:<elogd_port>
> 
> only shows: 
> 
> CONNECTED(00000003)
> 25523:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562:

To be honest I'm not an expert on SSL. I just use following code inside ELOG to initialize the SSL connection:

SSL_CTX *init_ssl(void)
{
   char str[256];
   SSL_METHOD *meth;
   SSL_CTX *ctx;

   SSL_library_init();
   SSL_load_error_strings();

   meth = SSLv23_method();
   ctx = SSL_CTX_new(meth);

   strlcpy(str, resource_dir, sizeof(str));
   strlcat(str, "ssl/server.crt", sizeof(str));
   if (!file_exist(str)) {
      eprintf("Cerificate file \"%s\" not found, aborting\n", str);
      return NULL;
   }
   if (SSL_CTX_use_certificate_file(ctx, str, SSL_FILETYPE_PEM) < 0)
      return NULL;

   strlcpy(str, resource_dir, sizeof(str));
   strlcat(str, "ssl/server.key", sizeof(str));
   if (!file_exist(str)) {
      eprintf("Key file \"%s\" not found, aborting\n", str);
      return NULL;
   }
   if (SSL_CTX_use_PrivateKey_file(ctx, str, SSL_FILETYPE_PEM) < 0)
      return NULL;
   if (SSL_CTX_check_private_key(ctx) < 0)
      return NULL;

   strlcpy(str, resource_dir, sizeof(str));
   strlcat(str, "ssl/chain.crt", sizeof(str));
   if (file_exist(str))
      SSL_CTX_use_certificate_chain_file(ctx, str);

   return ctx;
}

Maybe I need something different for chain certificates, but I don't know. I just copied these calls from the 
example which comes with the libssl library which I'm using. Maybe somebody has an idea how this could be 
improved. Actually looking at the code I see that the 'chain.crt' file is used. If you send me your files 
privately I could try them and see if I get a specific error code from the SSL library.

> Like many educational institutions we get "educational certificates" that are chain certificates..
>  
> only shows: 
> 
> CONNECTED(00000003)
> 25523:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562:
> 
> What do I do wrong?
> 

After reading the OpenSSL Documentation:

The certificates must be in PEM format and must be sorted starting with the subject's certificate (actual client or
server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA.

The chain.crt has to be of the following format:

HOST CERTIFICATE
INTERMEDIATE CERTIFICATE
ROOT CERTIFICATE

Then it is working w/o problems

GS

When locks are enabled, users should see a pop-up window asking them to submit an entry if they edit an entry but then go away from that page or 
close the browser without submitting the changes.  However, it only appears as though this works when using the plain or ELCode editors.  When 
using the HTML editor, no such pop-up appears.

If possible, a fix for this would be greatly appreciated.

Many thanks,
Devin

> When locks are enabled, users should see a pop-up window asking them to submit an entry if they edit an entry but then go away from that page or 
> close the browser without submitting the changes.  However, it only appears as though this works when using the plain or ELCode editors.  When 
> using the HTML editor, no such pop-up appears.
> 
> If possible, a fix for this would be greatly appreciated.
> 
> Many thanks,
> Devin

Thanks for reporting this problem, I fixed it in SVN revision 2256.

We have been running elog for a couple of years now and this morning it stopped working.

We have tried to rstart it and it says successful start but still does not run, when doing a restart it says stop failed start success.

Does anyone have any ideas.

thanks

You shoudl start elogd interactively in a DOS box to see if there is any error. Maybe disk full or a network problem... 

 It is running on a linux box, we have started in it in a telnet session, and no errors appear, as I am new to e-log is there an error log anywhere.

 Have fixed this by removing the last added user from the Passwd file.

 Have fixed this by removing the last added user from the Passwd file.

The way I have ELOG configured it sends an email to supervisors based on which "Department " (attribute) was selected. Problem is that when the supervisor replies the department

is still selected and it sends a second email to the supervisor. Is there any way to supress the emails (automatically) on "Reply"?

No, but you can remove the "Department" with

Remove on reply = Department

this way the attribute vanishes, but that should be ok since you always have the link to the original entry which contains the department. 

Hello,

   Thank you for such a great piece of software!

   When displaying the entries in a log book with Summary view, ELCode is not processed in 'Text'. I know there
is an option called 'Allow HTML", but is there something similar for decoding ELCode in the Summary 'Text' field?

Thank you again,
   - Dan

> Hello,
> 
>    Thank you for such a great piece of software!
> 
>    When displaying the entries in a log book with Summary view, ELCode is not processed in 'Text'. I know 
there
> is an option called 'Allow HTML", but is there something similar for decoding ELCode in the Summary 'Text' 
field?
> 
> Thank you again,
>    - Dan

Decoding HTML (or ELCode which translates to HTML) in the summary field is difficult, since the text is 
truncated. 
Assume you have some code like

Text
<b>Text
  <i>Text
----- cut here
</i>
</b>

Sot he bold <b> and italics <i> tags are opened, but closed after the cutting line. In that case the whole page 
might render wrongly, because everything after the summary text will be displayed in bold and italics. To fix this I 
would have to scan the HTML code and close all open tags "by hand". But since there are very many possibilities, 
especially if one used multi-column tables, this is almost impossible without writing my own HTML parser which is 
beyond the scope of elog. So the only clean solution I have found so far is to strip off all HTML formatting and 
just showing plain text there.

That would be a lot of effort for very little gain. I appreciate your detailed response. 

Thank you,
   - Dan

> > Hello,
> > 
> >    Thank you for such a great piece of software!
> > 
> >    When displaying the entries in a log book with Summary view, ELCode is not processed in 'Text'. I know 
> there
> > is an option called 'Allow HTML", but is there something similar for decoding ELCode in the Summary 'Text' 
> field?
> > 
> > Thank you again,
> >    - Dan
> 
> Decoding HTML (or ELCode which translates to HTML) in the summary field is difficult, since the text is 
> truncated. 
> Assume you have some code like
> 
> Text
> <b>Text
>   <i>Text
> ----- cut here
> </i>
> </b>
> 
> Sot he bold <b> and italics <i> tags are opened, but closed after the cutting line. In that case the whole page 
> might render wrongly, because everything after the summary text will be displayed in bold and italics. To fix this I 
> would have to scan the HTML code and close all open tags "by hand". But since there are very many possibilities, 
> especially if one used multi-column tables, this is almost impossible without writing my own HTML parser which is 
> beyond the scope of elog. So the only clean solution I have found so far is to strip off all HTML formatting and 
> just showing plain text there.

Hi Stephan,

one of the eLOG users at our company, has problems using eLOG in combination with Google Chrome (version 2.0.172.43), log in gives no problem, when selecting the appropiate department, he get's the following error:

• Error Code: 502 Proxy Error. The ISA Server denied the specified Uniform Resource Locator (URL). (12202)
• IP Address: 130.78.137.1
• Date: 8-9-2009 07:13:55 [GMT]
• Server: NLISA1.top.local
• Source: proxy

This problem does not appear with other browsers like IE7/8 and Firefox.

Do you have any clue?

Tnx in advance.

kind regards, RJ Schrijvers.

When Chrome came out, I vaguely remember that there were some initial problems, but they have been fixed since about a year. But I see you are using a pretty old version of ELOG, so please consider upgrading. 

Hi Stefan,

one of the eLOG users at our company, has problems using eLOG in combination with Google Chrome (version 2.0.172.43), log in gives no problem, when selecting the appropiate department, he get's the following error:

• Error Code: 502 Proxy Error. The ISA Server denied the specified Uniform Resource Locator (URL). (12202)
• IP Address: 130.78.137.1
• Date: 8-9-2009 07:13:55 [GMT]
• Server: NLISA1.top.local
• Source: proxy

This problem does not appear with other browsers like IE7/8 and Firefox.

Do you have any clue?

Tnx in advance.

kind regards, RJ Schrijvers.

sorry for the inconviniance, we have a later version of eLOG.

Hi Stephan,

one of the eLOG users at our company, has problems using eLOG in combination with Google Chrome (version 2.0.172.43), log in gives no problem, when selecting the appropiate department, he get's the following error:

• Error Code: 502 Proxy Error. The ISA Server denied the specified Uniform Resource Locator (URL). (12202)
• IP Address: 130.78.137.1
• Date: 8-9-2009 07:13:55 [GMT]
• Server: NLISA1.top.local
• Source: proxy

This problem does not appear with other browsers like IE7/8 and Firefox.

Do you have any clue?

Tnx in advance.

kind regards, RJ Schrijvers.