Unable to add entries with command line elog.exe with SSL, posted by Antonio Bulgheroni on Fri Jun 28 17:00:10 2019
|
Dear all,
we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line.
elog.exe should be the answer and so I gave it a try.
I was trying the following command line:
elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry
Of course server-ip-address and username / password were proper fields.
When I was doing this from the server itself, I got the following message:
Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!
and then the entry was inserted, but when I was typing the same from any other PC I got the error message:
Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol
The entry is of course not added and also the server (that is running in very verbose mode) reported a
SSL_accept failed
How can I fix it?
Thanks for helping,
Antonio |
Re: Unable to add entries with command line elog.exe with SSL, posted by Antonio Bulgheroni on Mon Aug 12 13:11:54 2019
|
Any news for my problem?
Your help is very much appreaciated!
thanks :)
| Antonio Bulgheroni wrote: |
|
Dear all,
we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line.
elog.exe should be the answer and so I gave it a try.
I was trying the following command line:
elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry
Of course server-ip-address and username / password were proper fields.
When I was doing this from the server itself, I got the following message:
Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!
and then the entry was inserted, but when I was typing the same from any other PC I got the error message:
Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol
The entry is of course not added and also the server (that is running in very verbose mode) reported a
SSL_accept failed
How can I fix it?
Thanks for helping,
Antonio
|
|
|
Re: Unable to add entries with command line elog.exe with SSL, posted by Antonio Bulgheroni on Wed Aug 14 18:36:17 2019
|
Dear Andreas,
thanks for your message.
Here are the answers to your questions.
- Tomorrow I will try to restart the server on port 443, at least temporary, to see if it makes any difference
- We don't have a real certificate, but just the self-signed certificate that comes with the standard distribution of elog. Of course, I have to accept an exception when connecting from the browser. When I try to add an entry to via the command line from the server itself, I get the message Possibly invalid certificate, continue on your own risk! but it works.
- I hope so. This is the elog.exe that comes with the standard distribution, so I have to presume so. It is the same version that is installed on the server, where it works.
Thanks again and more tomorrow...
| Andreas Luedeke wrote: |
|
I am using SSL with ELOG and it works fine with the "elog" executable. I am no expert on SSL, but I can provide my two cent what you could try, maybe it helps:
- SSL desires to run on the port 443 - I have no idea if you can force it to run on an arbitrary port, it might be possible. But does it make sense?
- Certificates are checked against the provider of the certificate. I guess this works fine from your web browser? Or did you just add a security exception?
- Has the installed "elog.exe" been compiled with SSL support on?
| Antonio Bulgheroni wrote: |
|
Any news for my problem?
Your help is very much appreaciated!
thanks :)
| Antonio Bulgheroni wrote: |
|
Dear all,
we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line.
elog.exe should be the answer and so I gave it a try.
I was trying the following command line:
elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry
Of course server-ip-address and username / password were proper fields.
When I was doing this from the server itself, I got the following message:
Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!
and then the entry was inserted, but when I was typing the same from any other PC I got the error message:
Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol
The entry is of course not added and also the server (that is running in very verbose mode) reported a
SSL_accept failed
How can I fix it?
Thanks for helping,
Antonio
|
|
|
|
|
Re: Unable to add entries with command line elog.exe with SSL, posted by Antonio Bulgheroni on Thu Aug 15 09:45:37 2019
|
As promised, here is the results of the additional debugging.
Changing to port 443 doesn't help. I keep having exactly the same behaviour, it is to say:
- from the server itself I get
| Antonio Bulgheroni wrote: |
|
Dear Andreas,
thanks for your message.
Here are the answers to your questions.
- Tomorrow I will try to restart the server on port 443, at least temporary, to see if it makes any difference
- We don't have a real certificate, but just the self-signed certificate that comes with the standard distribution of elog. Of course, I have to accept an exception when connecting from the browser. When I try to add an entry to via the command line from the server itself, I get the message Possibly invalid certificate, continue on your own risk! but it works.
- I hope so. This is the elog.exe that comes with the standard distribution, so I have to presume so. It is the same version that is installed on the server, where it works.
Thanks again and more tomorrow...
| Andreas Luedeke wrote: |
|
I am using SSL with ELOG and it works fine with the "elog" executable. I am no expert on SSL, but I can provide my two cent what you could try, maybe it helps:
- SSL desires to run on the port 443 - I have no idea if you can force it to run on an arbitrary port, it might be possible. But does it make sense?
- Certificates are checked against the provider of the certificate. I guess this works fine from your web browser? Or did you just add a security exception?
- Has the installed "elog.exe" been compiled with SSL support on?
| Antonio Bulgheroni wrote: |
|
Any news for my problem?
Your help is very much appreaciated!
thanks :)
| Antonio Bulgheroni wrote: |
|
Dear all,
we have a running elog installation using SSL (with the self-signed certificate). Generally we use the web interface, but we have been asked if it was possible to automatically insert elog entries via command line.
elog.exe should be the answer and so I gave it a try.
I was trying the following command line:
elog.exe. -h server-ip-address -p 8080 -l demo -s -v -u username password -a "Mass=0" This is a test entry
Of course server-ip-address and username / password were proper fields.
When I was doing this from the server itself, I got the following message:
Successfully connected to host server-ip-address, port 8080
Possibly invalid certificate, continue on your own risk!
and then the entry was inserted, but when I was typing the same from any other PC I got the error message:
Successfully connected to host server-ip-address, port 8080
elogd server does not run SSL protocol
The entry is of course not added and also the server (that is running in very verbose mode) reported a
SSL_accept failed
How can I fix it?
Thanks for helping,
Antonio
|
|
|
|
|
|
Re: Unable to add entries with command line elog.exe with SSL, posted by Antonio Bulgheroni on Thu Aug 15 19:00:12 2019
|
So as promised, I add some more information.
Unfortunately changing the port where the server is listening did not make any change. The situation is still the same. If I try directly from the server, I get a warning about the fake certificate and if I do it from elsewhere, I get the error that the server is not running SSL.
I had a look at the source code of elog.c and found the point where the error is produced. in order to produce this message, the ssl_connect should be returning -1 and this is only possible in two cases:
if (SSL_connect(*ssl_con) <= 0)
return -1;
cert = SSL_get_peer_certificate(*ssl_con);
if (cert == NULL)
return -1;
So, in the first case, it means that the SSL connection failed completly. In the second case, the peer certificate is invalid.
Is it possible to discriminate between the two, for example changing the return value? Unfortunately I don't have a windows computer with development tools. So it would be great if you could prepare an executable for me with this small change.
Thanks in advance for your help,
cheers,
|
|
Dynamic substitution with date , posted by Antonio Bulgheroni on Wed Apr 20 14:19:08 2022
|
Dear all,
I would need your help with an incremental index with date information.
I want to have an incremental number made by the last two digits of the year, the two digits of the month and an incremental four digits number.
Subst Number = %y%m####
The problem is that I don't want to have the incremental number reset to zero every new month, but rather only once a year. Is it something like this possible?
Thanks for your help!
toto
|
|
elog root path, posted by Antonio Bulgheroni on Thu May 5 11:14:20 2022
|
Dear all,
I have a question for you. On my elog server I have plenty of images not included in any logbook entry, but that nevertheless I would the user to have access to that via the browser. In order words, I would like to have a link like this https://myelog/my_pics_folder/my_pic.png
I have realized that if I put my_pics_folder in the script folder, then it works as I wanted, but I strongly doubt this is the right position. If I put in the resources folder, it is not found and the elogd displays a message saying that my_pics_folder is not a valid logbook.
Do you have any suggestions for this problem?
Thanks in advance and enjoy your day!
toto |
|
Duplicating attachments when editing an entry via command line elog.exe, posted by Antonio Bulgheroni on Wed Oct 19 14:19:39 2022
|
Hi there!
I have noticed this effect when editing entries with the command line elog.exe.
Let's say I submit a new entry via the command line and I'm also submitting an attachment file. If I check the elog entry via the browser I see my entry there with its attachment as expected. The attachment is also present on the server in the logbook folder with the date and time stamp in front of the original name.
Now, let's say I would like to edit the same entry via the command line, if I don't pass the attachment, the edited entry won't show any attachment in the browser but on the server there is still the old attachment file available.
A similar situation is when I edit an entry and I want the edited entry to have the same attachment file of the original one. In that case, the entry on the browser will show the attachment, but on the server I have two copies of the attachment file with the two timestamps (original submission and edited submission). Moreover the first copy is unreachable from any client because not linked to any entry anymore.
In general I would not care much, but I have an application that is regularly updating entries and I will soon have the server hard disk full of useless copies of unlinked attachment.
I have seen that when deleting an entry, also all its attachments are removed. Would it be possible to have attachments removed when editing an entries?
Thanks for your help!
Cheers,
toto
|
|