Results 1 to 5 of 5

Thread: Can't make an encryption key and server certificate by following the 12.3 reference guide

  1. #1

    Default Can't make an encryption key and server certificate by following the 12.3 reference guide

    Hello. I don't seem to have some software installed that the OpenSuse 12.3 reference page regarding the installation and configuration of Apache and PHP seems to assume that I do have. It says to install the software pattern for LAMP, but when I did it didn't install Apache , but did install most parts of PHP except for mod_PHP5. It's probably because I just casually followed the reference guide the first time I tried installing the software: only installing the things I knew I actually needed rather than just installing the entire pattern. So when the guide started talking about using Yast to configure Apache and configuring virtual hosts--two things that I have zero experience of doing--it wasn't long before I inevitably messed it all up and had to start again. I assume that the fact they weren't reinstalled as part of the pattern must have been something to do with my initial abortive attempt to just install only what I wanted.

    So anyway, I'm doing much better this time by doing what the guide says even when I'm thinking "but I'm not going to use that/don't want to do that", but I still can't get SSL working. I'm interested in making a self-signed X509 certificate so I start to follow the steps in section 20.6.1.2. It says.
    Quote Originally Posted by http://doc.opensuse.org/documentation/html/openSUSE/opensuse-reference/cha.apache2.html#sec.apache2.ssl
    Change into the directory /usr/share/doc/packages/apache2 and run the following command: ./mkcert.sh make --no-print-directory /usr/bin/openssl /usr/sbin/ custom.
    However , when I cd into the directory indicated and issue the command, my web host complains that it hasn't got a clue what mkcert is.
    Quote Originally Posted by My web host
    -bash: ./mkcert.sh: No such file or directory
    I tried searching for mkcert.sh with Yast but I didn't find anything. Can anyone help? I'm reluctant to just make a key and certificate and manually update the config files myself because everything seems less straight-forward than if I'd just compiled everything from source and made minor tweaks to the default config. I get the feeling I'll just break something again if I try to do things how I used to years ago. I had a bit of a try before giving up and just reinstalling last time. It just kept saying in the log file that the SSL session cache wasn't configured any time I tried to use https. Even though (as far as I could tell anyway) that it was.

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,395
    Blog Entries
    2

    Default Re: Can't make an encryption key and server certificate by following the 12.3 reference guide

    IMO the documentation is out of date.
    Guess what? - You can submit a bug at bugzilla.novell.com and get some credit for discovering this bug! Use the same login credentials you used to post to this Forum.

    Now, what you <should> do...

    To my eye, this Ubuntu guide looks good with some minor modifications
    https://www.digitalocean.com/communi...r-ubuntu-12-04

    Note that you need to install openssl, you can do this from a root console as follows
    Code:
    zypper in openssl
    - Install apache using the LAMP pattern. IMO it's likely apache was installed but you didn't know how to find it (eg is referenced with "apache2" not "apache")
    - You must manually start and enable the service after installation. You can do this going into YAST System Init Services in Advanced Mode or execute the following from a root console
    Code:
    systemctl enable apache2.service
    systemctl start apache2.service
    Since I'm only recommending the ubuntu guide by eye and not actually stepping through the steps in a real install, if you do find the guide useful with my recommendations, be sure to post back here whether you were successful or not.

    HTH,
    TSU
    -

  3. #3

    Default Re: Can't make an encryption key and server certificate by following the 12.3 reference guide

    It was installing the LAMP pattern that caused Apache2 and mod_php5 to not get installed. I always check that it's Apache 2 and PHP5 that I've chosen when installing individual packages, but for some reason Apache 2 and modphp5 didn't get installed when installing from the LAMP pattern. All of PHP5 that would expect to be installed from the pattern was installed except for the Apache module. I have no idea what I did do wrong, but I always deal with Apache 2.

    Thanks for the link to the Ubuntu guide, though. I'll go and have a peek at it now and see how it goes.

  4. #4

    Default Re: Can't make an encryption key and server certificate by following the 12.3 reference guide

    Well I looked at the article you linked to and it seemed to be giving instructions not too dissimilar from how I would do it years ago when I used to compile everything from source. So I decided to have another stab at a setting it up quite like how I used to and hope it worked. I'm glad to say that this time it worked. I just too lots of extra care this time and kept checking and rechecking that I'd done everything I needed to and hadn't made a mistake. I have very poor eyesight and memory so when I'm dealing with far more config files at once than I was used to even before my memory and vision became a problem, it's very easy for me to make a mistake and not notice it or forget that I need to change two files instead of one.

    Anyway, It's all sorted now ,but I couldn't report the error in the documentation as a bug. The bugzilla site says it needs an email address confirmation which I cannot give because, for some reason, when I try to update the email email address associated with my account here to one I actually have access to, the page with the form to update the address insists I'm getting my password wrong. So I gave up trying to update my email address in case I got locked out of my account for using the wrong password too many times.


    Thanks anyway!

  5. #5
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,395
    Blog Entries
    2

    Default Re: Can't make an encryption key and server certificate by following the 12.3 reference guide

    The mkcert.sh method was deprecated years ago so the documentation needs to be updated.

    As for your password change problem, sounds like a common issue for many authentication systems when trying to do too many things at once or not clearing your cookies after making changes to your account(this latter issue I've been meaning to issue a bug myself). Although I don't believe the Attachmate authentication and Web Apps(eg Forums and Bugzilla) store/read actual credentials are stored in the web browser cookies, the use and implementation of tokens in the cookies is very faulty in a number of scenarios. The workaround is that after you make changes to your account or change your network connection or have a bookmarks issue, use a different web browser for the next day or two.

    Anyway, glad to hear the Guide fixed your problem.

    TSU

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •