Elog does not work after installing MS12-006/MS12-012 on Win 7, posted by Allen on Wed Jan 11 22:19:49 2012
|
After patching a windows 7 computer with MS12-006, can no longer connect to elog, get page cannot be displayed
See
http://support.microsoft.com/kb/2643584 |
Re: Elog does not work after installing MS12-006/MS12-012 on Win 7, posted by Allen on Thu Jan 12 19:34:28 2012
|
A little more information here
We are running elog on an Ubuntu server
Elog was working fine, then, on a windows 7 machine, MS12-006 was installed, rebooted, and could no longer connect to the elog web page.
Discovered that in Internet Explorer 8, by unchecking the use TLS 1.0 in options advanced tab, and making sure that SSL 3.0, TLS 1.1, TLS 1.2 were checked, that the page once again worked. I'm guessing the elog does not support SSL 3.0, otherwise, I assume I would have to uncheck that as well. Things do appear to still work on XP, thus far, only Windows 7 appears to break. While we have a work around, ideally we would like to see a bug fix so that (for legacy reasons), elog will still work with TLS 1.0 on Windows 7.
|
|
Re: Elog does not work after installing MS12-006/MS12-012 on Win 7, posted by Allen on Thu Jan 12 19:37:52 2012
|
| Allen wrote: |
|
A little more information here
We are running elog on an Ubuntu server
Elog was working fine, then, on a windows 7 machine, MS12-006 was installed, rebooted, and could no longer connect to the elog web page.
Discovered that in Internet Explorer 8, by unchecking the use TLS 1.0 in options advanced tab, and making sure that SSL 3.0, TLS 1.1, TLS 1.2 were checked, that the page once again worked. I'm guessing the elog does not support SSL 3.0, otherwise, I assume I would have to uncheck that as well. Things do appear to still work on XP, thus far, only Windows 7 appears to break. While we have a work around, ideally we would like to see a bug fix so that (for legacy reasons), elog will still work with TLS 1.0 on Windows 7.
|
Also, strangely, I am able to use the elog forum page https://midas.psi.ch/elogs/Forum while TLS 1.0 is checked. I notice the version number is 2.9.0-2425, while we are using 2.9.0-2396, so wondering if this is fixed in this newer version. |
|
Re: Elog does not work after installing MS12-006/MS12-012 on Win 7, posted by Stefan Ritt on Fri Jan 13 14:33:04 2012
|
| Allen wrote: |
|
| Allen wrote: |
|
A little more information here
We are running elog on an Ubuntu server
Elog was working fine, then, on a windows 7 machine, MS12-006 was installed, rebooted, and could no longer connect to the elog web page.
Discovered that in Internet Explorer 8, by unchecking the use TLS 1.0 in options advanced tab, and making sure that SSL 3.0, TLS 1.1, TLS 1.2 were checked, that the page once again worked. I'm guessing the elog does not support SSL 3.0, otherwise, I assume I would have to uncheck that as well. Things do appear to still work on XP, thus far, only Windows 7 appears to break. While we have a work around, ideally we would like to see a bug fix so that (for legacy reasons), elog will still work with TLS 1.0 on Windows 7.
|
Also, strangely, I am able to use the elog forum page https://midas.psi.ch/elogs/Forum while TLS 1.0 is checked. I notice the version number is 2.9.0-2425, while we are using 2.9.0-2396, so wondering if this is fixed in this newer version.
|
The forum does not use TLS, but has Apache in front of it which works as a proxy. So TLS is actually handled by Apache, which might have a newer implementation of TLS. The ELOG version number certainly does not make a difference, I did not touch the SSL functionality in a while. But when you compile ELOG on your Ubunto server, you can maybe play with different versions of OpenSSL and see if that changes anything?
- Stefan |
Problems with Autorization, posted by Michael Dannmeyer on Wed Jun 27 10:42:20 2012
|
Hello,
we used Admin and write passwords. Now this is no longer supported in ELOG 2.9.0 and I tried to change to File or Kerberos Autentication. But nothing worked. I tried the following lines in elog.cfg
[Serverlogbuch]
Authentication = File
Password file = C:\Program Files\ELOG\logbooks\Serverlogbuch\pwd.txt
Self Authentication = 1
So the self Autentication site opens and I can put in all informations. But if I click on save he tries to save the information in the password file and after a time he stops and Internet Explorer says that the page cannot be reached.
The file is not saved. If I remove the 3 lines the logbook opens without any problems.
I tried also kerberos but it didn't work. But there I think some entries in the krb5.ini are wrong.
Would you please help solving the File password problem?
Best Regards
Michael
|
|
Re: Problems with Autorization, posted by Andreas Luedeke on Wed Jul 4 14:04:10 2012
|
| Michael Dannmeyer wrote: |
|
Hello,
we used Admin and write passwords. Now this is no longer supported in ELOG 2.9.0 and I tried to change to File or Kerberos Autentication. But nothing worked. I tried the following lines in elog.cfg
[Serverlogbuch]
Authentication = File
Password file = C:\Program Files\ELOG\logbooks\Serverlogbuch\pwd.txt
Self Authentication = 1
So the self Autentication site opens and I can put in all informations. But if I click on save he tries to save the information in the password file and after a time he stops and Internet Explorer says that the page cannot be reached.
The file is not saved. If I remove the 3 lines the logbook opens without any problems.
I tried also kerberos but it didn't work. But there I think some entries in the krb5.ini are wrong.
Would you please help solving the File password problem?
[...] |
Just two hints:
- The file mentioned as "Password file" should be writeable for the "elogd" process. It is needed for both, Kerberos and File authentication. Better not specify the full path, it should assume the file in the logbook directory.
- The command "Self Authentication = 1" does not exist. Maybe you mean "Self register = 1"?
|
|
Re: Problems with Autorization, posted by Michael Dannmeyer on Thu Jul 5 11:18:40 2012
|
| Andreas Luedeke wrote: |
|
| Michael Dannmeyer wrote: |
|
Hello,
we used Admin and write passwords. Now this is no longer supported in ELOG 2.9.0 and I tried to change to File or Kerberos Autentication. But nothing worked. I tried the following lines in elog.cfg
[Serverlogbuch]
Authentication = File
Password file = C:\Program Files\ELOG\logbooks\Serverlogbuch\pwd.txt
Self Authentication = 1
So the self Autentication site opens and I can put in all informations. But if I click on save he tries to save the information in the password file and after a time he stops and Internet Explorer says that the page cannot be reached.
The file is not saved. If I remove the 3 lines the logbook opens without any problems.
I tried also kerberos but it didn't work. But there I think some entries in the krb5.ini are wrong.
Would you please help solving the File password problem?
[...] |
Just two hints:
- The file mentioned as "Password file" should be writeable for the "elogd" process. It is needed for both, Kerberos and File authentication. Better not specify the full path, it should assume the file in the logbook directory.
- The command "Self Authentication = 1" does not exist. Maybe you mean "Self register = 1"?
|
Thank you for the answer, but it didn't solve the problem.
- I used Self Register instead of Self Authentication. I deleted the complete path and only used the Filename.
-
The Account which is used to start the Elogd process is local system. System has full right at the logbook directory
Should I use an Admin Account for the elogd process? The error message is always the same (page not reachable) The File is also not created in the logbook dir.
|
|
Re: Problems with Autorization, posted by Stefan Ritt on Fri Jul 13 09:03:02 2012
|
| Michael Dannmeyer wrote: |
|
| Andreas Luedeke wrote: |
|
| Michael Dannmeyer wrote: |
|
Hello,
we used Admin and write passwords. Now this is no longer supported in ELOG 2.9.0 and I tried to change to File or Kerberos Autentication. But nothing worked. I tried the following lines in elog.cfg
[Serverlogbuch]
Authentication = File
Password file = C:\Program Files\ELOG\logbooks\Serverlogbuch\pwd.txt
Self Authentication = 1
So the self Autentication site opens and I can put in all informations. But if I click on save he tries to save the information in the password file and after a time he stops and Internet Explorer says that the page cannot be reached.
The file is not saved. If I remove the 3 lines the logbook opens without any problems.
I tried also kerberos but it didn't work. But there I think some entries in the krb5.ini are wrong.
Would you please help solving the File password problem?
[...] |
Just two hints:
- The file mentioned as "Password file" should be writeable for the "elogd" process. It is needed for both, Kerberos and File authentication. Better not specify the full path, it should assume the file in the logbook directory.
- The command "Self Authentication = 1" does not exist. Maybe you mean "Self register = 1"?
|
Thank you for the answer, but it didn't solve the problem.
- I used Self Register instead of Self Authentication. I deleted the complete path and only used the Filename.
-
The Account which is used to start the Elogd process is local system. System has full right at the logbook directory
Should I use an Admin Account for the elogd process? The error message is always the same (page not reachable) The File is also not created in the logbook dir.
|
I once had problems with the local system account, so I used my own account to start the service and that worked. For trial, you can also start the elogd.exe program manually (not as a service) in a DOS box and see if it can create the password file. |
|