That sounds good to me. On Fri, Sep 29, 2017 at 11:56 AM, Marcus Christie <[email protected]> wrote:
> Ok, we’ll probably have to debug this in person. I’ll be at the Science > Gateways course office hours today. > > On Sep 29, 2017, at 11:44 AM, Neeraj Lad <[email protected]> wrote: > > I do have the server certificate file path in my pga_config, Marcus. > > On Fri, Sep 29, 2017 at 9:18 AM, Christie, Marcus Aaron <[email protected]> > wrote: > >> Neeraj, >> >> Make sure in pga_config.php you have the following >> >> /** >> * Path to the server certificate file >> */ >> 'cafile-path' => app_path() . '/resources/security/incommon_ >> rsa_server_ca.pem', >> >> On Sep 28, 2017, at 3:34 PM, Neeraj Lad <[email protected]> wrote: >> >> Marcus, >> >> Thank you for the change. >> >> Now I can reach the CILogon page from localhost, but after selecting >> Indiana University as the Identity provider, I get this error: >> >> curl_exec() failed. Error: SSL certificate problem: Invalid certificate >> chain >> >> I tried to login in Incognito mode, but the error persists. >> >> >> >> On Thu, Sep 28, 2017 at 3:02 PM, Christie, Marcus Aaron <[email protected]> >> wrote: >> >>> Neeraj, >>> >>> Try again. This required a change in Keycloak to allow >>> http://localhost:8080 and http://localhost:8080/callback-url as >>> redirect URLs for the dev testdrive realm. >>> >>> On Sep 28, 2017, at 1:01 PM, Neeraj Lad <[email protected]> wrote: >>> >>> Marcus, >>> >>> Changing the oauth-callback-url gives me the Keycloak error 'Invalid >>> parameter: redirect_uri'. It tried using https, 127.0.0.1 but both did not >>> work. A Stack Overflow question mentions that Keycloak admin console needs >>> to be configured. Here is the question: >>> https://stackoverflow.com/questions/45352880/keycloak-invali >>> d-parameter-redirect-uri >>> >>> >>> There are three of files apart from pga_config which make use of the >>> variable oauth-callback-url. >>> >>> 1. /app/config/pga_config.php.template: This sets the url to ' >>> https://dev.seagrid.org/callback-url'. I guess this file is not >>> relevant here. >>> >>> 2. /app/libraries/Keycloak/KeycloakServiceProvider.php: This uses >>> Config::get('pga_config.wsis') to create a variable 'identityServerConfig' >>> which has the oauth-callback-url as a field. The file 'pga_config.wsis' is >>> not on the codebase. Config is related to Laravel. I am not sure how Config >>> returns back 'identityServerConfig'. Am I right in guessing that you are >>> extracting the pga_config.wsis from some server? >>> >>> 3. /app/libraries/Wsis/Wsis.php: This again makes use of >>> Config::get('pga_config.wsis') >>> >>> >>> Do you think there is a need to change some configuration on Keycloak. >>> If yes, how can I do it? >>> >>> >>> >>> >>> On Thu, Sep 28, 2017 at 9:15 AM, Christie, Marcus Aaron <[email protected] >>> > wrote: >>> >>>> >>>> On Sep 28, 2017, at 8:24 AM, Neeraj Lad <[email protected]> wrote: >>>> >>>> Hi all, >>>> >>>> I've followed the instructions to install all the dependencies for the >>>> PGA. Now I need to run it locally. >>>> >>>> I got the pga_config file from Eroma, but using it and logging in with >>>> CILogon takes me to the dev.testdrive.airavata.org, instead of the >>>> version at localhost:8080. How can I avoid this? >>>> >>>> >>>> Neeraj, >>>> >>>> change oauth-callback-url in pga_config.php to have the value ‘ >>>> http://localhost:8080/callback-url' >>>> >>>> >>>> As another option, I know there are instructions to set PGA on CentOS >>>> using Ansible. But are there any similar instructions for OS X? >>>> >>>> >>>> No. Closest thing would be to run VirtualBox on OS X and use Ansible to >>>> install PGA on the VirtualBox VM. Eric Coulter did a POC of this: >>>> https://github.com/ECoulter/airavata/tree/develop/dev- >>>> tools/ansible/inventories/local-vbox. >>>> >>>> >>> >>> >> >> > >
