Tim Sellar wrote:
>
> OK. First you need to get the SSL authentication working on homer and this
> can be best verified by logging into homer and trying to do a 'vsdadm
> vs_details homer.office.fubra' at the command prompt. You do not need to
> execute vsboot on homer as it is not intended to host virtual servers. If
> your vs_details command does not work you need to 'tail var/log/messages' to
> see if there is any information. Anything cryptic and strange about files
> not being found is probably an SSL error that a file was not located. You
> need the following files in place on homer.office.fubra:
> /usr/local/etc/vsd/ca/cacert.pem, /usr/local/etc/vsd/crl.pem,
> /usr/local/etc/vsd/certs/homer.office.fubra.crt and
> /usr/local/etc/vsd/certs/homer.office.fubra.key (possibly even
> /usr/local/etc/vsd/certs/cacert.pem)
>
> These files should come from the machine you have established as your VSD CA
> server. I know the directory structure is a bit strange, the problem is
> fixed in the latest sources (where all locations are dictated by
> openssl.cnf) but I suspect you are using 1.4.8 so it will be expecting the
> locations I describe above.
>
> If your vs_details command is still not working you are going to need some
> more information so add the '-p local6 -l 4' switch to the svsd entry in
> inetd.conf, send a SIGHUP, and define local6 in syslog.conf, ie
> '*.info;mail.none;news.none;authpriv.none;local6.*
> /var/log/messages' and again SIGHUP. This should give you some syslog
> information on the certficates being used in authentication. If there is
> still nothing pointing you in the right direction (pass on any errors which
> you cannot fathom) build libvsd and vsd with debug (add -DDEBUG to the
> CFLAGS in the respective Makefile's and rebuild).
>
> Also, I am sure you are aware of the complications which can ensue if your
> hostname does not correspond to the true FQDN of your machine - so check the
> output of the hostname command on homer and consult the mailing list
> archives for Damions's explanations of what is going on...
>
> Actually, rereading your post it sounds like the problem is more basic -
> check your /etc/services and /etc/inetd.conf and try to get something
> listening on port 1726... bear in mind that a reboot seldom does any harm...
>
> Tim
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Kennish
> > Sent: 18 June 2001 10:59
> > To: [EMAIL PROTECTED]
> > Subject: mod_BIND
> >
> >
> > Dear all,
> >
> > We are attempting the following...
> >
> > We have a host called homer.office.fubra who is already a functioning
> > DNS. I want to install FreeVSD on this but not to create VSs on it; I
> > want to allow chiefwigham.office.fubra (who is host to our test VSs) to
> > talk to homer and ask it to add entries to its resource records so that
> > I can add an entry to my script to allow resolution of new VS domain
> > names to their IPs.
> >
> > But I'm having problems. I've set up freeVSD on homer (openSSL ver.
> > from source.) I've created certs for it and copied with .crt and .key
> > files to chiefwigham. After running vsd-install and checking
> > inetd.conf, I run vsboot --start. It says...
> >
> > start all VSes: stage [1]
> > start all VSes: stage [2]
> >
> > But netstat -nat doesn't show it listening on port 1726 (secure freeVSD
> > port). And trying to run a vsdadm bind_addvs on chiefwigham gives a
> > "connection refused" message.
> >
> > Any ideas anyone? Thanks in advance,
> >
> > --
> > Ben Kennish
> >
> > e: [EMAIL PROTECTED]
> > w: www.fubra.com
Cheers Tim,
Just had a 2 day holiday so sorry for not responding sooner. I don't
know what I did wrong last time but coming back after a 2 day refresh
seems to have "refreshed" some brain cells! ;-)
"vsdadm vs_details homer.office.fubra" is now working correctly ... not
sure what I did wrong on Monday but all seems OK now .... I shall be
working on implementing mod_bind further this afternoon,
Thanks,
--
Ben
------------------------ The freeVSD Support List -------------------------
Join: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
Remove: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
Archives: http://freevsd.org/support/mail-archives/freevsd-support
---------------------------------------------------------------------------
