Hi there
>> this looks like your Datavault Token is (again) not operational.
Unfortunately, this time no, The error is clear in the SQL I included.
Incorrect realm. Last time wasn't the datavault itself either, it was lack of
an SQL schema entirely preventing the entry from being created. No table, no
insert. Problem between keyboard and monitor. my key is good, can get a valid
paired MD5 hash with cert and key, proving able to decrtypt and they pair up.
I'm using a static password of "foo123" to keep it simple while I troubleshoot.
also any reason why my version unmaking was missed over entirely?
> I have this working with 3.6.1, but the debian packages are masked in the
> repo. is there a way I can unmask that version as I've validated it. I'm
> doing a whole new validation that wasn't intended.
Why is it that, the vault gets inserted correctly. look at the realm, its the
one I defined, I do see the certificate being inserted into the table a few
queries ahead of this one.
> 70 Query INSERT INTO aliases (group_id, notafter, pki_realm, identifier,
> generation, alias, notbefore) VALUES ('vault', '1922315858', 'ITOps',
> 'VY9D0BFJ9gh2Zg5PHtEGIK4V6yM', '1', 'vault-1', '1606523858') ON DUPLICATE KEY
> UPDATE notbefore='1606523858', alias='vault-1',
> identifier='VY9D0BFJ9gh2Zg5PHtEGIK4V6yM', generation='1', pki_realm='ITOps',
> notafter='1922315858', group_id='vault'
but then after, there is an insert and select that fails that references the
DemoCA realm again. only I have no references to this realm at all in any of my
code (same code from my last attempt no changes). Of the 3 inserts in the
Transaction, 2 get rolled back. Why is DemoCA referenced at all?
All the output and the script defines the realm as "ITOps" unless I missed a
democa reference in a config yaml somewhere, why I also included a grep search
in my last mail of all "democa" references. just none of them were files I
edited my first time around.
WHERE ( ( aliases.alias = 'vault-1' AND aliases.pki_realm = 'democa' )
),\"pki_realm\":\"democa\",\"userinfo\"
MAIN_LOOP\",\"pki_realm\":\"democa\",\"userinfo\":{\"realname\":\"I18N_OPENXPKI_UI_USER_ANONYMOUS\"}}',
modified='1606596607', ip_address=NULL
This is the full transaction, 71 from mysql general log.
> 71 Connect [email protected] as anonymous on
> openxpki_itops
> 71 Query SET autocommit=0
> 71 Query SET SESSION TRANSACTION ISOLATION LEVEL READ COMMITTED
> 71 Query INSERT INTO backend_session (session_id, created,
> ip_address, data, modified) VALUES ('+J+9pX8lSoeb3eYHtvhRlg==', '1606596607',
> NULL, 'JSON:{\"status\":\"SESSION_ID_SENT\",\"is_valid\":0}', '1606596607')
> ON DUPLICATE KEY UPDATE modified='1606596607',
> data='JSON:{\"status\":\"SESSION_ID_SENT\",\"is_valid\":0}', ip_address=NULL
> 71 Query COMMIT
> 71 Query INSERT INTO backend_session (session_id, created,
> ip_address, data, modified) VALUES ('+J+9pX8lSoeb3eYHtvhRlg==', '1606596607',
> NULL,
> 'JSON:{\"is_valid\":0,\"pki_realm\":\"democa\",\"status\":\"WAITING_FOR_AUTHENTICATION_STACK\"}',
> '1606596607') ON DUPLICATE KEY UPDATE
> data='JSON:{\"is_valid\":0,\"pki_realm\":\"democa\",\"status\":\"WAITING_FOR_AUTHENTICATION_STACK\"}',
> modified='1606596607', ip_address=NULL
> 71 Query COMMIT
> 71 Query INSERT INTO backend_session (session_id, created,
> ip_address, data, modified) VALUES ('+J+9pX8lSoeb3eYHtvhRlg==', '1606596607',
> NULL,
> 'JSON:{\"authentication_stack\":\"_System\",\"role\":\"System\",\"user\":\"anonymous\",\"is_valid\":\"1\",\"status\":\"MAIN_LOOP\",\"pki_realm\":\"democa\",\"userinfo\":{\"realname\":\"I18N_OPENXPKI_UI_USER_ANONYMOUS\"}}',
> '1606596607') ON DUPLICATE KEY UPDATE
> data='JSON:{\"authentication_stack\":\"_System\",\"role\":\"System\",\"user\":\"anonymous\",\"is_valid\":\"1\",\"status\":\"MAIN_LOOP\",\"pki_realm\":\"democa\",\"userinfo\":{\"realname\":\"I18N_OPENXPKI_UI_USER_ANONYMOUS\"}}',
> modified='1606596607', ip_address=NULL
> 71 Query COMMIT
> 71 Query SELECT certificate.data, certificate.subject,
> certificate.identifier, certificate.notbefore, certificate.notafter,
> certificate.subject_key_identifier FROM certificate INNER JOIN aliases ON (
> certificate.identifier = aliases.identifier ) WHERE ( ( aliases.alias =
> 'vault-1' AND aliases.pki_realm = 'democa' ) )
> 71 Query ROLLBACK
> 69 Quit
> 70 Quit
> 71 Query ROLLBACK
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
