> 1. To be able to use IE or Firefox, I had to setup a VNC session, use > vncviewer, then use "w3m http://localhost:631 " and select "Allow > remote administration" and "Allow printing from the internet".
Yes. SLES11 tightened up the security configurations for most network services. This is actually a good thing; CUPS finally ships in a reasonably secure configuration. You can enable it directly by editing /etc/cups/cupsd.conf and the comments will walk you through the process. Note that the WWW interface now OVERWRITES the contents of cupsd.conf and printers.conf instead of merging them, so if you do the customization by editing the files, the WWW interface will destroy it if you run it. Yes, I've submitted it as a bug to Apple. We'll see if they care. > 2. Then I use IE7 "http://linux11:631"; which brings me to the Welcome > page. > 3. After that, no matter what I select, I get : > 426 Upgrade Required > You must access this page using the URL > https://172.22.121.21:631/admin?OP=add printer > Followed by : > Error Code 502 Proxy Error.... > .... > ... > 4. So I turn proxy off. > 5. Now, it complains about the "website's security certificate" but I > ignore it and can continue on. I don't know what certificate it is > complaining about because I don't see any file in /etc/cups/certs like > SLES10. In fact there is no certs directory in SLES11. It sounds like your proxy is presenting a cert or somehow interfering with the session cookie, and CUPS has no way to verify it, so it's complaining. Cupsd.conf has a section on certificate verification; you can tell CUPS to totally ignore certs, which is what I do (all my hosts do Kerberos auth, so certs are an additional annoying PITA). When you turn the proxy off, the WWW server that drives CUPS is likely to be presenting a self-signed cert, which is the way that newer Apaches come out of the box, and that's what your browser is complaining about -- there's no way it can verify a self-signed cert without importing it into your key store on the workstation (a Bad Idea). Again, in principle a Good Thing, in practice, a giant PITA. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
