[AG-TECH] 회신: 회신: Problems of VenueManagement
Sangil Choi
sichoi at netmedia.gist.ac.kr
Fri Aug 6 02:16:00 CDT 2010
Thanks for your response.
I followed your solution but that doesn't solve this problem. The 'Venue Client' couldn't connect to the 'Venue Server'.
I had downloaded your '45cc9e80.0' file and loaded in the 'CertificateManager'. In 'Trusted CA Certificates' tab in my certificate, 'Access Grid Developers CA' and others shows same as you.
However, it doesn`t solve previous problem and the same error log was shown.
I know that your version of OS was Fedora 11 and it is different about my version(Fedora 12).
Fedora 12 has some trouble to run this system?
I would appreciate your help with this.
Regards,
Sangil Choi
________________________________________
보낸 사람: Christoph Willing [c.willing at uq.edu.au]
보낸 날짜: 2010년 8월 6일 금요일 오전 10:28
받는 사람: Thomas Uram
참조: Sangil Choi; ag-tech at mcs.anl.gov
제목: Re: [AG-TECH] 회신: Problems of VenueManagement
Further to Tom's suggestion about checking the CA certificate, I have
just tested 3 different Linux systems: Ubuntu Lucid, Slackware 13.1
and Fedora 11.
1. All showed exactly the same symptoms (inability to connect with
VenueManagement) and log outputs.
2. All were "missing" the AG-Dev CA certificate
(where "missing" may just mean out of date and so not showing up in
the certificate manager)
The cure for all three systems was to find and put in place the
correct (up to date) CA certificate. The correct CA certificate is
available at:
https://svn.ci.uchicago.edu/svn/accessgrid/trunk/packaging/config/CAcertificates/45cc9e80.0
Download it and copy it into /etc/AccessGrid3/Config/CAcertificates/,
replacing the existing file of the same name. There is also a
45cc9e80.signing_policy file at the same place - you can download it
too but I think its the same as the already installed one.
Now load the newly downloaded CA certificate using:
1. CertificateManager3.py (plain CertificateManager on some
systems) "Trusted CA Certificates" tab
or 2. certmgr3.py (or certmgr_agtk) command line tool in its "ca" mode
Once loaded, check its validity ("View Certificate" button for gui
tool, "show" command for command line tool). The correct one has
Subject and Issuer "CN=Access Grid Developers CA" and "Not valid after
01/28/20"
If the correct CA is loaded _and_ you have a current service
certificate, then the VenueServer will run and the VenueManagement
tool will connect to it correctly. The three systems mentioned above,
previously broken, are all now working as expected after the procedure
outlined above.
chris
On 06/08/2010, at 4:05 AM, Thomas Uram wrote:
> From the log I can see that you are using a VenueServer service
> certificate, which is good.
>
> Based on the 'unknown ca' error message, I wonder about the validity
> of the CA certificate. Could you enter certificate management and
> check the validity of the AG-Dev CA certificate?
>
> Tom
>
> On Aug 3, 2010, at 9:27 AM, Sangil Choi wrote:
>
>> I checked URL of my server (Server : https://210.125.84.210:8000/VenueServer)
>> but there is no changes in result. I think the cause seems to be
>> elsewhere.
>>
>>
>>
>> In addition, I used 'https://210.125.84.210:8000/Venues' and the
>> result is consistent.
>>
>>
>>
>> Thanks for your help.
>>
>>
>>
>> Regards,
>>
>> Sangil Choi.
>>
>> ________________________________________
>> 보낸 사람: Christoph Willing [c.willing at uq.edu.au]
>> 보낸 날짜: 2010년 8월 3일 화요일 오후 9:59
>> 받는 사람: Sangil Choi
>> 제목: Re: [AG-TECH] Problems of VenueManagement
>>
>> Sangil,
>>
>> Sometimes there is confusion about the name which the VenueServer is
>> running. Look in the server log file (~/.ACcessGrid/Logs/
>> VenueServer.log) for the line containing:
>> ....... Venue.py:344 DEBUG ------------ STARTING VENUE
>>
>> Then the next line will contain the name of that the server is
>> running
>> as. It will be something like:
>> ....... Venue.py:383 INFO Venue URI https://a.b.c.d:8000/Venues/0a0101ce20dd1d9654fb10b37feec5410c
>>
>> Use that name (https://a.b.c.d:8000/Venues) when connecting with the
>> VenueManager
>>
>>
>> If you can't find the correct lines in the log file, restart the
>> VenueServer so they will be generated again.
>>
>>
>> chris
>>
>>
>> On 03/08/2010, at 8:10 PM, Sangil Choi wrote:
>>
>>> Hi, everyone.
>>>
>>> I've problem about VenueManagement Tool.
>>>
>>> I install 'AGTk3.2 beta 1' on Fedora Core 12 and send certificate
>>> request message to agdev-ca at mcs.anl.gov<mailto:agdev-
>>> ca at mcs.anl.gov>.
>>> After I got a replied message, I install that certificate and check
>>> the '/usr/bin/certmgr_agtk' to make sure of its installation. In
>>> addition, VenueServer works well.
>>>
>>> I found some problem when I use VenueManagement Tool to create new
>>> venues in our venue server.
>>>
>>> I make an entry of “Venue Server Address” as follow:
>>>
>>> https://localhost:8000/VenueServer
>>> https://NFRI-AG-Server.nm.gist.ac.kr:8000/VenueServer - It is DNS of
>>> server machine
>>> https://NFRI-AG-Server.gist.ac.kr:8000/VenueServer - It is the name
>>> that uses in certificate request message.
>>>
>>> After I clinks go button, below message is shown.
>>>
>>> =========================================================
>>> You were unable to connect to the venue server at: https://localhost:8000/VenueServer
>>> =========================================================
>>>
>>> In command window that execute VenueServer prints error message like
>>> this.
>>>
>>> =========================================================
>>> Traceback (nost recent call last):
>>> File "/usr/lib/python2.6/site-packages/M2Crypto/SSL/SSLServer.py",
>>> line 32, in handle_request
>>> request, client_address = self.get_request()
>>> File "/usr/lib/python2.6/SocketServer.py", line 444, in get_request
>>> return self.socket.accept()
>>> File "/usr/lib/python2.6/site-packages/AccessGrid3/hosting/ZSI/
>>> ServiceContainer.py", line 156, in M2CrytoConnectionAccept
>>> ret = ssl.accept_ssl()
>>> File "/usr/lib/python2.6/site-packages/M2Crypto/SSL/Connection.py",
>>> line 152, in accept_ssl
>>> return m2.ssl_accept(self.ssl, self._timeout)
>>> SSLError : tlsv1 alert unknown ca
>>> =========================================================
>>>
>>> Last, the following message was printed in VenueManagement.log file.
>>>
>>> =========================================================
>>> 08/03/2010 04:36:50 PM -1216825664 Platform Config.py:897 INFO
>>> gnome directory /home/ag/.gnome/application-info or /home/ag/.gnome/
>>> mime-info not found, not registering file type .agpkg3 with gnome
>>> 08/03/2010 04:36:50 PM -1216825664 Platform Config.py:897 INFO
>>> gnome directory /home/ag/.gnome/application-info or /home/ag/.gnome/
>>> mime-info not found, not registering file type .vv3d with gnome
>>> 08/03/2010 04:36:50 PM -1216825664 VenueClient Preferences.py:
>>> 206 DEBUG Preferences.LoadPreferences: open file
>>> 08/03/2010 04:36:50 PM -1216825664 Toolkit Toolkit.py:166 INFO
>>> Logfile Name: VenueManagement.log
>>> 08/03/2010 04:36:50 PM -1216825664 CertificateManager
>>> CertificateManager.py:212 DEBUG Opened repository /home/
>>> ag/.AccessGrid3/Config/certRepo
>>> 08/03/2010 04:36:50 PM -1216825664 Toolkit Toolkit.py:472 INFO
>>> Initialized certificate manager.
>>> 08/03/2010 04:36:50 PM -1216825664 CertificateManager
>>> CertificateManager.py:575 DEBUG Configuring standard environment
>>> 08/03/2010 04:36:50 PM -1216825664 CertificateManager
>>> CertificateManager.py:625 DEBUG Using default identity /O=Access
>>> Grid/OU=agdev-ca.mcs.anl.gov/CN=VenueServer/NFRI-AG-
>>> Server.gist.ac.kr
>>> 08/03/2010 04:36:52 PM -1216825664 VenueManagement
>>> VenueManagement:422 DEBUG VenueManagementClient.ConnectToServer:
>>> Connect to server https://localhost:8000/VenueServer
>>> 08/03/2010 04:36:52 PM -1216825664 VenueManagement
>>> VenueManagement:430 DEBUG VenueManagementClient.ConnectToServer:
>>> Connect to server
>>> 08/03/2010 04:36:52 PM -1216825664 Toolkit Toolkit.py:262 INFO
>>> Using unencrypted certificate: /home/ag/.AccessGrid3/Config/
>>> certRepo/
>>> certificates/174973e21fb8d6e777cf0199e079762b/
>>> c922e6eac654d6475a33f6e48af375e7/cert.pem /home/ag/.AccessGrid3/
>>> Config/certRepo/privatekeys/fb186c081f585da9ba71017c637bd452.pem
>>> 08/03/2010 04:36:52 PM -1216825664 VenueManagement
>>> VenueManagement:435 DEBUG VenueManagementClient.ConnectToServer: Get
>>> venues from server
>>> 08/03/2010 04:36:52 PM -1216825664 VenueManagement
>>> VenueManagement:521 ERROR VenueManagementClient.ConnectToServer: Can
>>> not connect.:
>>> Traceback (most recent call last):
>>> File "/usr/bin/VenueManagement", line 438, in ConnectToServer
>>> vl = self.server.GetVenues()
>>> File "/usr/lib/python2.6/site-packages/AccessGrid3/AccessGrid/
>>> interfaces/VenueServer_client.py", line 168, in GetVenues
>>> self.binding.Send(None, None, request,
>>> soapaction="urn:#GetVenues", **kw)
>>> File "/usr/lib/python2.6/site-packages/ZSI/client.py", line 266, in
>>> Send
>>> self.h.connect()
>>> File "/usr/lib/python2.6/site-packages/M2Crypto/httpslib.py", line
>>> 50, in connect
>>> self.sock.connect((self.host, self.port))
>>> File "/usr/lib/python2.6/site-packages/M2Crypto/SSL/Connection.py",
>>> line 177, in connect
>>> self.socket.connect(addr)
>>> File "<string>", line 1, in connect
>>> error: [Errno 111] Connection refused
>>> =========================================================
>>>
>>> What should I do to solve this problem?
>>>
>>> Regard,
>>> Sangil Choi
>>
>> Christoph Willing +61 7 3365 8316
>> QCIF Access Grid Manager
>> University of Queensland
>
Christoph Willing +61 7 3365 8316
QCIF Access Grid Manager
University of Queensland
More information about the ag-tech
mailing list