[AG-DEV] Cert issues on Fedora 12
Jason Bell
j.bell at cqu.edu.au
Thu Feb 25 05:49:25 CST 2010
G'day Chris and Tom
Thanks for the quick feedback...
Okay, I am not sure what I have done, but nothing seems to be working...
So, not knowing how to "add the new CA certs" as provided in https://lists.mcs.anl.gov/mailman/htdig/ag-tech/2010-January/021336.html, I thought I would try using the CertificateManager or CertificateRequestTool programs, but I get the following error messages when executing these programs from a Terminal:
[ace at linux Desktop]$ CertificateManager
/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/ClientProfile.py:22: DeprecationWarning: the md5 module is deprecated; use hashlib instead
import md5
/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/Security/ProxyGen.py:19: DeprecationWarning: The popen2 module is deprecated. Use the subprocess module.
import popen2
Traceback (most recent call last):
File "/usr/bin/CertificateManager", line 64, in <module>
main()
File "/usr/bin/CertificateManager", line 52, in main
certMgr = app.GetCertificateManager()
<SNIP>
File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/Security/CertificateRepository.py", line 1297, in GetMetadata
return self.cert.GetMetadata(k)
File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/Security/CertificateRepository.py", line 1590, in GetMetadata
hashkey = self._GetMetadataKey(key)
File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/Security/CertificateRepository.py", line 1579, in _GetMetadataKey
self.GetIssuerSerialHash(),
File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/Security/CertificateRepository.py", line 1504, in GetIssuerSerialHash
serial = struct.pack("l", self.cert.get_serial_number())
struct.error: long too large to convert to int
So I thought I would copy the files to /etc/AccessGrid3/Config/CAcertificates, but neither the VenueClient nor the about cert programs mentioned above works.
I even tried doing a yum remove AccessGrid and then a yum install AccessGrid.
Maybe I am doing something wrong, any advice would be appreciated.
Should I completely remove the /etc/AccessGrid3 directory and start again?
Thanks in advance,
Jason.
-----Original Message-----
From: Christoph Willing [mailto:c.willing at uq.edu.au]
Sent: Thursday, 25 February 2010 3:07 PM
To: Jason Bell
Cc: ag-dev
Subject: Re: [AG-DEV] Cert issues on Fedora 12
On 25/02/2010, at 2:48 PM, Jason Bell wrote:
> G'day All
>
> Just wondering if any has installed Fedora 12 and the Access Grid
> software recently.
>
> I have tried to install the AG software at home and got some error
> messages which appears to relate to the certificate.
>
> Just wondering if anyone has seen this.
>
> Thanks,
> Jason.
>
> PS, this is the error message I get:
>
[snip]
> Traceback (most recent call last):
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> VenueClientUI.py", line 533, in __SetMenubar
> mgr = app.GetCertificateManager()
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Toolkit.py", line 473, in GetCertificateManager
> self._certificateManager.InitEnvironment()
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateManager.py", line 564, in InitEnvironment
> self._InitializeCADir()
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateManager.py", line 645, in _InitializeCADir
> for c in self.GetCACerts():
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateManager.py", line 768, in GetCACerts
> caCerts = self.certRepo.FindCertificatesWithMetadata(mdkey, mdval)
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1201, in
> FindCertificatesWithMetadata
> return list(self.FindCertificates(lambda c: c.GetMetadata(mdkey)
> == mdvalue))
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1191, in FindCertificates
> if pred(cert):
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1201, in <lambda>
> return list(self.FindCertificates(lambda c: c.GetMetadata(mdkey)
> == mdvalue))
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1297, in GetMetadata
> return self.cert.GetMetadata(k)
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1590, in GetMetadata
> hashkey = self._GetMetadataKey(key)
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1579, in _GetMetadataKey
> self.GetIssuerSerialHash(),
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> Security/CertificateRepository.py", line 1504, in GetIssuerSerialHash
> serial = struct.pack("l", self.cert.get_serial_number())
> error: long too large to convert to int
Looks like a repeat of this one:
https://lists.mcs.anl.gov/mailman/htdig/ag-tech/2010-January/021336.html
You need to add the new CA certs attached there to /etc/AccessGrid3/
Config/CAcertificates/
chris
> Traceback (most recent call last):
> File "/usr/bin/VenueClient", line 173, in <module>
> main()
> File "/usr/bin/VenueClient", line 150, in main
> vcui = VenueClientUI(vc, vcc, app)
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> VenueClientUI.py", line 237, in __init__
> self.__BuildUI(app)
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> VenueClientUI.py", line 980, in __BuildUI
> self.__SetMenubar(app)
> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
> VenueClientUI.py", line 538, in __SetMenubar
> self.cmui = CertificateManagerWXGUI.CertificateManagerWXGUI(mgr)
> UnboundLocalError: local variable 'mgr' referenced before assignment
>
>
> --------------------------------------------
> Jason Bell, B.I.T. (Honours)
>
> Research Systems Support Officer
> Information Technology Division
> CQ University Australia
>
> Australian Research Collaboration Service
> http://www.arcs.org.au/
>
> E-mail : j.bell at cqu.edu.au
> jason.bell at arcs.org.au
> Work : +61 7 4930 9229
> Mobile : 0409 630897
> Postal : Building 19
> Central Queensland University
> Bruce Highway
> Rockhampton, Queensland, Australia, 4702
> --------------------------------------------
> Patience is a virtue.
>
> But if I wanted Patience,
> I would have become a Doctor.
> --------------------------------------------
>
Christoph Willing +61 7 3365 8316
QCIF Access Grid Manager
University of Queensland
More information about the ag-dev
mailing list