Re: Certificate Error, posted by John Lemko on Tue Dec 8 21:57:37 2009
|
> > The certificate that is on there right now is the one that gets created when you install elogs. I have tried
> > creating one with a windows server 2008 box with the CA role installed. The certificate is created without issue
> > and I can install it on the server but when I try to restart the elog service it wont start until I put the
> > original server.crt and server.key file back into the ssl directory.
>
> How did you install the certificate? Maybe it ended up in the IIS directory and not in the elog directory?
That is a good point. I just installed the cert by double clicking on it. Then selecting either trusted root CA or
personal to install the certificate. Is there a different way to install the certificate for elog?
Thanks alot for your help. |
|
Re: Certificate Error, posted by John Lemko on Tue Dec 8 22:06:47 2009
|
> >
> > The certificate that is on there right now is the one that gets created when you install elogs. I have tried
> > creating one with a windows server 2008 box with the CA role installed. The certificate is created without issue
> > and I can install it on the server but when I try to restart the elog service it wont start until I put the
> > original server.crt and server.key file back into the ssl directory.
> >
>
> I don't know anything about Windows server CA, but eLog is very strict in the syntax of the CERTs.
> I had to learn it the hard way when installing a chain CERT.
>
> For server.crt and server.key it MUST NOT be a chain cert. Therefor you have to use chain.crt
>
> Are the generated CERTs ASCII (with only one -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- in
> server.crt
> and -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- in server.key)?
>
> So the eLog generated keys should look like..
>
> GS
Thanks for your reply. I appreciate it alot.
When I created my certificate it came out as a .cer [there was no .key file] and looking at the code that was posted
below it looks like unless there is a server.crt and server.key file in the ssl folder the program will exit: So I
guess I need to figure out how to generate a certificate that elog will understand using a .key file and a .crt file.
So I might have to research certificates more.
To be honest I'm not an expert on SSL. I just use following code inside ELOG to initialize the SSL connection:
SSL_CTX *init_ssl(void)
{
char str[256];
SSL_METHOD *meth;
SSL_CTX *ctx;
SSL_library_init();
SSL_load_error_strings();
meth = SSLv23_method();
ctx = SSL_CTX_new(meth);
strlcpy(str, resource_dir, sizeof(str));
strlcat(str, "ssl/server.crt", sizeof(str));
if (!file_exist(str)) {
eprintf("Cerificate file \"%s\" not found, aborting\n", str);
return NULL;
}
if (SSL_CTX_use_certificate_file(ctx, str, SSL_FILETYPE_PEM) < 0)
return NULL;
strlcpy(str, resource_dir, sizeof(str));
strlcat(str, "ssl/server.key", sizeof(str));
if (!file_exist(str)) {
eprintf("Key file \"%s\" not found, aborting\n", str);
return NULL;
}
if (SSL_CTX_use_PrivateKey_file(ctx, str, SSL_FILETYPE_PEM) < 0)
return NULL;
if (SSL_CTX_check_private_key(ctx) < 0)
return NULL;
strlcpy(str, resource_dir, sizeof(str));
strlcat(str, "ssl/chain.crt", sizeof(str));
if (file_exist(str))
SSL_CTX_use_certificate_chain_file(ctx, str);
return ctx;
} |
Password setup, posted by Jeff Kozloski on Mon Nov 19 20:05:46 2012
|
Looking at some of the questions here this seems too newbie to even ask.
I want to set up a log book for my mechanics. I want them to each have a password to log in and enter what they do each day.
When I try to set up a password file it takes all the info, then when I hit save it says "server has been reset" and it will not log in. I have to remove the password = and restart the server.
[global]
port = 8080
[TFB]
Password file = <tfbpass>
Theme = default
Comment = TFB ENGINEERING
Attributes = Mechanic, Type of entry, Status, Subject
Attributes = Author, Status
Options Status = Completed, Incomplete, Notification only
Cell Style Status Completed = background-color:green
Cell Style Status Incomplete = background-color:red
Cell Style Status Notification only = background-color:yellow
Options Mechanic= Jeff K, Arnaldo M, Bob L, Nathan P
Options Type of entry = Break Down, PM Repair, Building, FYI, Other
Options Status = Completed, Incomplete, Notification only, Other
Extendable Options = Category, Status,
Required Attributes = Mechanic, Type of entry, Category, Status,
Page Title = TFB Engineering - $subject
Reverse sort = 1
Quick filter = Date, Mechanic
|
|
Re: Password setup, posted by Jeff Kozloski on Mon Nov 19 20:18:28 2012
|
| Jeff Kozloski wrote: |
|
Looking at some of the questions here this seems too newbie to even ask.
I want to set up a log book for my mechanics. I want them to each have a password to log in and enter what they do each day.
When I try to set up a password file it takes all the info, then when I hit save it says "server has been reset" and it will not log in. I have to remove the password = and restart the server.
[global]
port = 8080
[TFB]
Password file = <tfbpass>
Theme = default
Comment = TFB ENGINEERING
Attributes = Mechanic, Type of entry, Status, Subject
Attributes = Author, Status
Options Status = Completed, Incomplete, Notification only
Cell Style Status Completed = background-color:green
Cell Style Status Incomplete = background-color:red
Cell Style Status Notification only = background-color:yellow
Options Mechanic= Jeff K, Arnaldo M, Bob L, Nathan P
Options Type of entry = Break Down, PM Repair, Building, FYI, Other
Options Status = Completed, Incomplete, Notification only, Other
Extendable Options = Category, Status,
Required Attributes = Mechanic, Type of entry, Category, Status,
Page Title = TFB Engineering - $subject
Reverse sort = 1
Quick filter = Date, Mechanic
|
never mind. I figured it out I left the < > in the password = line
Yes I do feel stupid. |
|
Need for email address in login?, posted by Jeff Kozloski on Mon Nov 19 20:28:11 2012
|
How can I skip the need for an email address when registering and logging in? Our IT dept will not give an email address to each guy I want on the log. |
|
Re: Need for email address in login?, posted by Jeff Kozloski on Tue Nov 20 19:31:06 2012
|
| Stefan Ritt wrote: |
|
| Jeff Kozloski wrote: |
|
How can I skip the need for an email address when registering and logging in? Our IT dept will not give an email address to each guy I want on the log.
|
I never thought that someone will not have an email address. One basic feature of ELOG is its automatic notification if there is a new entry, and that only works over email. It's like social networks, you cannot register for Facebook if you don't have an email address.
So if you absolutely want to omit this, just give a fake email address, like nobody@no.where. ELOG just checks if there is a "@" and a "." somewhere.
|
Our IT dept is very strict. I'll have to see if I can get email out to a web based email service like yahoo. But they will not give each of my mechanics an email account here.
Thanks
|
|
Re: Kerberos auth not available on 3.0 ?, posted by Jimmy Bria on Tue Feb 23 22:32:30 2016
|
Hi Stefan - Do you know is Kerberos is available (compiled) on the Windows installer?
-Jimmy
| Stefan Ritt wrote: |
|
Kerberos support is not compiled into the binary RPM. You have to comile from sources to get that. The reason is that there are different Kerberos libraries around, and different people need different ones.
/Stefan
|
|
Pre-populate filed based on selection, posted by Jimmy Bria on Mon Mar 14 16:00:02 2016 
|
Hi,
Is it possible to pre-populate a field based on the selection of another field. I like to have the Equipment Description field populated when the use makes a selection on the EQ# field.
Thank you,
Jimmy
|
|