Hi All,

Perhaps a trivial question but some issues have arisen accessing my long-running elog with SSL enabled.  I suspect firewalls and browser updates are involved and I do not have the time or experience to diagnose and debug such a potential black-hole of difficulties.  Instead I am looking for a quick fix, and the first step - switching off sll - seems to work.  Now I would like to use redirect so that the elog is running under apache, however this is where I have stumbled; I have passwords so the plan is to eventually secure using apache.  Apache works fine and is running pages on ports 80 and 443, although I seem unable to redirect the elog (port 8080).  Following the instructions on the administrators guide I get:

Forbidden

You don't have permission to access /elog/ on this server.

The page is found at least so my redirect is doing something, and I suspect the solution is trivial, though I'm not too sure where to start.

-------------------

Also, what is  the best practice for updating one's elog version.  I originally installed using a tarball.

Christian Herzog wrote:

Andreas Luedeke wrote: Christian Herzog wrote: Christian Herzog wrote: Andreas Luedeke wrote: Christian Herzog wrote: Andreas Luedeke wrote: Christian Herzog wrote: Andreas Luedeke wrote: Christian Herzog wrote: Andreas Luedeke wrote: Christian Herzog wrote: [...] we're evaluating elog right now at the Physics Department of ETH Zurich and I'm trying to come up with a good config. One of the first steps of course was to enable SSL/https. With http, all tested browsers work fine, but with https at least Google Chrome 16 and IE 9 do not get past the "unknown certificate" warning and I see "TCP connection broken" errors in the log file. Firefox however works fine. Same behavior on Linux, Mac and Windows (given the browser in question is available). elog server is running on Lucid.[... Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Detect language Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish ⇄ Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish Detect language » English    [...] The proper way out of this is to buy a certificate from a certification authority. Or to switch off https. (See https://midas.psi.ch/elog/config.html#global SSL option) we know about certificates, thank you  The point is that it stops AFTER the point at which I tell the browser to accept the self-signed certificates. I now even got a CACert and the problem remains: FF works, Chrome and IE don't: https://phd-bkp-gw2.ethz.ch:8080/admin/ log says: TCP connection broken [...] Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Detect language Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish ⇄ Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish Detect language » English   Sorry that I was mis-interpreting your question Unfortunately I don't know what's wrong with your set-up. I can confirm that I cannot access your logbook with "konquerer", but can access it with "firefox". The "konquerer" (on Scientific Linux 5.7) just gets timed out. But I can access other SSL/https ELOGs with the konquerer. The problem only occurs with your logbook! Therefore I would think it is a particular problem of your installation. I have three ideas how to isolate the problem: first, I would try to change to the standard port 443. Just in case it is related to some firewall, etc. problem. second, I would try another operating system than Ubuntu Lucid. It should work of course with Ubuntu, but if it still doesn't work with the other operating system then many things are already ruled out. third, I would try to set-up an apache webserver in front of ELOG. We have it here just for safety reasons. ELOG runs then on some special port and apache connects to it with a reverse proxy. The latter is a little bit of work (about a day) if you never set-up apache before. Therefore I would try the other two, first. Good luck! thanks for the fast resonse. 1) port 433 done. No change 2) compiled elog 2.9.0 on Squeeze and only reused the config file. No change: https://daduke.org:8443/ 3) we can do that (and we will) no problem, but I'd like to get it working w/o apache nonetheless speaking of reverse proxy: we'd like to hook elog to our LDAP server. As there's no LDAP binding built in, is there any way to use apache LDAP auth and then bind to that one?[...] Okay, I did run out of ideas. I've never tested Chrome, but IE 8 and konquerer works fine here with SSL for our logbooks, but not for your logbook. [...]   Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Detect language Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish ⇄ Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish Detect language » English   [...] And just for the record: I have to conclude a clean install of elog 2.9.0 SSL does not work for half of the browsers out there on Debian Squeeze or Ubuntu Lucid right now. You might want to look into that. thanks, -Christian   Excuse me, but I beg to differ. I'm running ELOG V2.9.0-2425 on my production server, therefore I thought that you're maybe right that the latest SVN snapshot has a problem. I've downloaded it just now from SVN (it is V2.9.0- 2427), compiled it on SL 5.7, installed it and I can easily access it with IE8, Safari, konquerer and firefox.   Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Detect language Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish ⇄ Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish Detect language » English    well maybe SL 5.7 is the explanation - it's old as the hills. Maybe newer versions of libssl or whatever make a difference? I might also try on a recent Fedora, let's see..    update: clean install on F16, plain vanilla, same problem: TCP connection broken See https://midas.psi.ch/elogs/Forum/67184 to fix that problem. It is likely not a problem of ELOG, but of your firewall settings.   Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Detect language Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish ⇄ Afrikaans Albanian Arabic Armenian Azerbaijani Basque Belarusian Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician Georgian German Greek Haitian Creole Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Korean Latin Latvian Lithuanian Macedonian Malay Maltese Norwegian Persian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swahili Swedish Thai Turkish Ukrainian Urdu Vietnamese Welsh Yiddish Detect language » English   see #67184, I'm pretty positive it isn't. -Christian

 Hi,

I have the same problem. with SSL = 1 in elog.cfg I am not able to connect using firefox 10 or chrome. However, using Internet explorer 6.0 it works fine.

Everything it has been checked in a local machine with windows 7 with and without firewall. 

Use port 443, works fine with all browser.

Thank you so much!

Diego

 I loathe the idea of 'bumping' up one's own posting, but here I go...

Has anyone seen this issue, or have any solution? We've got people who register 8 or more times, since they see the "Error" message with each registration.

On our system, elog sends email to all people associated with an entry. Often, people will respond via email, not through elog. I'm in the process of setting up a handler for the inbound email. However, I'd like to have the outbound mail from eLog include a 'footer' to each message the details where to go to respond.

For example, the footer might read:

To respond to this message, please click the following link:
<http://www.example.com/elog/General/6153>

Any suggestions for how to implement that?
 

 Still struggling with this issue, if anyone has managed to solve it let me know.   I've done the obvious and checked ownership/ permissions of the elog folders and they are exactly the same as etc/var/www, which is working in apache.

Hi.

I'd like to use elog as a tool ta keep my notes, links, passwords... It's installed on my personal computer at home (Debian Squeeze), behind a Ip-Cop firewall, so I guess it won't be accessible from anywhere outside. But I'd like to protect the log with a password anyway. BTW, I had some hard time figuring out how to configure the different files for french (there was a problem with UTF8 mixing up with Latin1... I recoded the language file to UTF8 to solve it).

I followed the procedure described here, but I have a problem with second stage :

• I set Password file = elog.pwd in the elog.conf file (it's not elog.cfg on Debian...)
• I restart the daemon
• I try to login to http://localhost:8080/, and receive the message : "error opening the file elog.pwd"

I get this message even after :

1. adding my user account to the elog group
2. launching Epiphany as root

So I guess I have to create (how ???) the file elog.pwd, which, if I understand correctly, can be empty at the start... But where do I save it ?

Thank you for any help, and sorry if I'm a little confused. I had hard time figuring out where to find everything.

\bye

In the summary view, it seems that the text is truncated at the first "<" character. See https://lblogbook.cern.ch/Shift/48812 for a simple entry, then use the 'list' command to see that only a very small part is displayed.

That's a feature

In the summary view, I cannot use any HTML code, since it will screw up the table layout. Therefore elog searches for any "<" and ">" pairs and removes the text in between. In principle one could do a better job, but I do not want to write a complete HTML interpreter just for that purpose.