The issue is still present and now it's quite urgent to move this last service into the Swarm. Does anyone maybe have an idea what's wrong? To sum up: if there is a non-empty password file, the login page chokes in an infinite loop of redirects. I am using the same HAProxy load balancer configuration as for all the other services (running Apache, NGINX, GitLab, XWiki, etc.):

backend be_elog.km3net.de
    mode http

    option forwardfor except 127.0.0.1
    http-request add-header X-Forwarded-Proto https if { ssl_fc }

    server-template km3net-elog- 1 km3net-elog_elog:8080 check resolvers docker init-addr libc,none

We obtained a certificate from let's encrypt in order to replace the self signed certificate provided with elog. We copied the new certificates replacing the older server.crt

The problem is that when restarted elog raises an error related to the fact it is looking for server.crt and it doesn't find it anymore.

I searched in elog config file in order to find a way to indicate the new certificate but I didn't find how to manage this issue.

Any suggestion?

Hi Giuseppe,

The new certificate files should be copy under ssl folder (/usr/local/elog/ssl or /usr/share/elog/ssl by example, closed to templates and script directories) in place of the embedded (autosigned) certificate files enclosed with ELOG source.

It seems that there is no parameter to set a custom path.

SSL = <0 | 1>
Turn on Secure Socket Layer transport. If SSL is on, one can connect via https://... to the elogd daemon. If the URL = directive is used, make sure to use https://... instead of http://... there. The ELOG distribution contains a simple self-signed certificate in the ssl subdirectory. One can replace this certificate and key with a real ceritficate to avoid browser pop-up windows warning about the self-signed certificate. The default for this option is 0.

Hi Laurent,

thanks very much! Probably I've copied the certificate in the wrong directory. I'll try ASAP

Hi I'm here again,

According to my conf file I run elog under a specified user and group different from root. So I copied the .pem file I obtained from certbot in /etc/ssl as well as /urs/local/elog/ssl and ssl folder in the user directory (I will call it <user-dir>) but when I launch elog I receive the error that cannot initialize SSL because the old self signed certificate server.crt in <user-dir>/ssl is not found.

I wonder where in elog.cfg or elsewhere is written that <user-dir>/ssl/server.crt must be usedand how to fix it

Thanks

I do run elog under:

But that does not change the location of my certificates: they are in "/usr/local/elog/ssl".
My guess: you just copied the .pem file to the /ssl directory, but did not rename it to server.crt?
And of course you need to overwrite server.key as well.

Kind Regards
Andreas

Hi everybody,

I am trying to setup my personal ELog, defining attributes and stuff like that. I just tried to make some nested commands but I really could not achieve that. 

The idea is something like this:

Attributes = Author

Options Author = Tizio{1}, Caio{2}, Sempronio{3}

{1} Attributes = Author, Project

{1} Options Project = Proj1{a}, Proj2{b}, Proj3{c}

{a} Attributes = Author, Project, Year

{a} Options Year = 2017, 2019

Anyway, when I select Proj1 nothing really happens. So, is there any way to set up nested commands like in the reported example?

Many thanks in advance!

P.S. Is there any documentation in which are reported all the possible commands that can be used?   

Atrributes can only be defined once in a logbook.
But you can select which attributes are shown with the commands:

• Show Attributes = <list>
  Attributes present in this list are shown in the single entry page. Omitting attributes can make sense for attributes which are automatically derived from other attributes via the Change <attribute> command.
• Show Attributes Edit = <list>
  The same as Show Attributes, but for the entry form.

Those can be redifined in conditional attribute clauses.

(See https://elog.psi.ch/elog/config.html)