Hello Eugene,
Le 2018-01-09 à 03:01, E.P. a écrit :
>
> Couple of questions on PKI, Fabfice
>
>
>
> 1. How would I change the password for admin user in PKI. The
> “User Management” section gives me the option of editing the admin
> user but I can’t see the password change option
>
>
>
In configuration -> Users -> Edit admin -> Change User Password
>
> 2. I’m adding a server certificate after I created a server
> certificate profile by filling out necessary fields and linking it to
> the certificate profile. Clicking Submit and it shows in the list with
> an icon to sign it.
>
> Now I simply follow the guide on PKI which says the following:
>
> Since the server certificate is stored in the PKI database, you will
> have to sign and export it to the PacketFence server.
>
> On the PKI web interface, under Certificates click on the "sign" icon
> for the certificate for your RADIUS server. This will automatically
> sign the certificate with your CA. Use the /Send
> certificate/ or /Download certificate/ to export it. The certificate
> will be exported in p12 format which combines both the certificate and
> its key. The password to decrypt the file will be send by email.
>
> Ok, I click on the Sign icon for the newly created server certificate
> and it redirects me to the page where I can have an option of sending
> or downloading it. I select “Download certificate” and end up with an
> error:
>
>
>
>
> SMTPSenderRefused at /pki/cert/2/download/
>
> (550, '5.7.1 Sender unknown', u'[email protected]')
>
> *Request Method:***
>
>
>
> GET
>
> *Request URL:***
>
>
>
> https://172.16.0.222:9393/pki/cert/2/download/
>
> *Django Version:***
>
>
>
> 1.8.1
>
> *Exception Type:***
>
>
>
> SMTPSenderRefused
>
> *Exception Value:***
>
>
> (550, '5.7.1 Sender unknown', u'[email protected]')
>
> *Exception Location:***
>
>
>
> /usr/lib64/python2.7/smtplib.py in sendmail, line 735
>
> *Python Executable:***
>
>
>
> /usr/bin/python
>
> *Python Version:***
>
>
>
> 2.7.5
>
> *Python Path:***
>
>
> ['/usr/lib64/python27.zip',
> '/usr/lib64/python2.7',
> '/usr/lib64/python2.7/plat-linux2',
> '/usr/lib64/python2.7/lib-tk',
> '/usr/lib64/python2.7/lib-old',
> '/usr/lib64/python2.7/lib-dynload',
> '/usr/lib64/python2.7/site-packages',
> '/usr/lib/python2.7/site-packages',
> '/usr/local/packetfence-pki',
> '/usr/local/packetfence-pki/inverse']
>
> *Server time:***
>
>
>
> Tue, 9 Jan 2018 07:56:21 +0000
>
>
>
>
>
> If I select “Send certificate” I end up with the same error but a bit
> different title
>
>
>
>
> SMTPSenderRefused at /pki/cert/2/send/
>
> (550, '5.7.1 Sender unknown', u'[email protected]')
>
> *Request Method:*
>
>
>
> GET
>
> *Request URL:*
>
>
>
> https://172.16.0.222:9393/pki/cert/2/send/
>
>
>
> Where would I need to make a change to SMTP server.
>
> Needless to say that when I create a local user from PF GUI and select
> an option of sending an email to the address I specify the email gets
> delivered without any errors
>
In fact it looks that you smtp server refuse to accept the email (550,
'5.7.1 Sender unknown', u'[email protected]') so add it in your
smtp server and it should be ok.
Regards
Fabrice
>
>
> Eugene
>
>
>
> *From:*Fabrice Durand [mailto:[email protected]]
> *Sent:* Wednesday, January 03, 2018 12:26 PM
> *To:* E.P.
> *Cc:* [email protected]
> *Subject:* Re: [PacketFence-users] PKI installation
>
>
>
> Just for information, i uploaded a new version of the packetfence-pki
> for centos7 who fix all the install issues.
>
> Regards
>
> Fabrice
>
> Le 2017-12-12 à 23:58, E.P. a écrit :
>
> Well, I’m taking my hat off in front of you, no kidding and pun
> intended ;)
>
> Do you need traceback from the error page ?
>
>
>
> *From:*Durand fabrice [mailto:[email protected]]
> *Sent:* Tuesday, December 12, 2017 7:02 PM
> *To:* E.P.
> *Cc:* [email protected]
> <mailto:[email protected]>
> *Subject:* Re: [PacketFence-users] PKI installation
>
>
>
> ah ah don't worry , i like to have challenge like that to be able
> to fix the issue for better user experience.
>
> I coded the pki so i want to make it work.
>
>
>
> Le 2017-12-12 à 21:48, E.P. a écrit :
>
> Sure, take your time, Fabrice. I have a special knack of
> running into troubles in cases when others didn’t have any :)
>
>
> Eugene
>
> Sent from iPhone
>
>
> On Dec 12, 2017, at 18:18, Durand fabrice <[email protected]
> <mailto:[email protected]>> wrote:
>
> Ok let me try to install the pki on the zen and i will be
> back to you.
>
> i have installed the pki on 10 servers not a long time ago
> without any issue.
>
>
>
> Le 2017-12-12 à 20:52, E.P. a écrit :
>
> Yes, db.sqlite3 was owned by root
>
>
>
> [root@PacketFence-ZEN packetfence-pki]# ls -al
>
> total 56
>
> drwxr-xr-x 7 pf pf 128 Dec 12 08:49 .
>
> drwxr-xr-x. 15 root root 182 Dec 12 01:33 ..
>
> drwxrws--- 2 pf pf 6 Nov 15 14:20 ca
>
> drwxr-xr-x 2 pf pf 125 Dec 12 01:33 conf
>
> */-rw-r--r-- 1 root root 43008 Dec 12 08:44 db.sqlite3/*
>
> drwxr-xr-x 2 pf pf 204 Dec 12 02:49 inverse
>
> drwxrws--- 2 pf pf 90 Dec 12 01:35 logs
>
> -rwxr--r-- 1 pf pf 250 Nov 15 14:20 manage.py
>
> -rw-r--r-- 1 root root 6 Dec 12 08:49
> packetfence-pki.pid
>
> drwxr-xr-x 5 pf pf 4096 Dec 12 02:49 pki
>
>
>
> Changed the file ownership to pf:pf
>
>
>
> [root@PacketFence-ZEN packetfence-pki]# ls -al
>
> total 100
>
> drwxr-xr-x 7 pf pf 147 Dec 13 01:45 .
>
> drwxr-xr-x. 15 root root 182 Dec 12 01:33 ..
>
> drwxrws--- 2 pf pf 6 Nov 15 14:20 ca
>
> drwxr-xr-x 2 pf pf 125 Dec 12 01:33 conf
>
> */-rw-r--r-- 1 pf pf 43008 Dec 13 01:45 db.sqlite3/*
>
> /drwxr-xr-x 2 pf pf 204 Dec 12 02:49 inverse/
>
> /drwxrws--- 2 pf pf 90 Dec 12 01:35 logs/
>
> /-rwxr--r-- 1 pf pf 250 Nov 15 14:20 manage.py/
>
> /-rw-r--r-- 1 root root 5 Dec 13 01:43
> packetfence-pki.pid/
>
> /drwxr-xr-x 5 pf pf 4096 Dec 12 02:49 pki/
>
>
>
> But trying to login to the PKI webpage brings me back
> to the same original error “no such table: pki_ca”
> which I showed earlier. I tried to follow your
> previous advise about renaming the db.sqlite3 file and
> running migration but the behavior is consistent. Is
> it OK that the PKI process ID file is also owned by root ?
>
>
>
> *From:*Fabrice Durand [mailto:[email protected]]
> *Sent:* Tuesday, December 12, 2017 5:35 AM
> *To:* E.P.; [email protected]
> <mailto:[email protected]>
> *Subject:* Re: [PacketFence-users] PKI installation
>
>
>
> Just change the owner of the sqlite file to pf and it
> should be ok.
>
> Btw all these steps are made in the packaging, so it
> probably failled or never finish correctly.
>
> I will do a test on my side.
>
> Regards
>
> Fabrice
>
> ) and PacketFence (http://packetfence.org)
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
