The admin user is different between PacketFence and the PKI.
When i said "In configuration -> Users -> Edit admin -> Change User
Password" in was in the pki admin interface.
Fabrice
Le 2018-01-09 à 13:47, E.P. a écrit :
Sorry for being a pain in the lower part of the back, Fabrice ;)
I thought that the admin user in PF is different from PKI.
At least I know that I did change the password for admin in PF as you
described and this is how I login to the main GUI.
But I can’t login as admin with the same password to PKI.
Eugene
*From:*Fabrice Durand [mailto:[email protected]]
*Sent:* Tuesday, January 09, 2018 5:54 AM
*To:* E.P.
*Cc:* [email protected]
*Subject:* Re: [PacketFence-users] PKI installation
Hello Eugene,
Le 2018-01-09 à 03:01, E.P. a écrit :
Couple of questions on PKI, Fabfice
1.How would I change the password for admin user in PKI. The “User
Management” section gives me the option of editing the admin user
but I can’t see the password change option
In configuration -> Users -> Edit admin -> Change User Password
2.I’m adding a server certificate after I created a server certificate
profile by filling out necessary fields and linking it to the
certificate profile. Clicking Submit and it shows in the list with an
icon to sign it.
Now I simply follow the guide on PKI which says the following:
Since the server certificate is stored in the PKI database, you will
have to sign and export it to the PacketFence server.
On the PKI web interface, under Certificates click on the "sign" icon
for the certificate for your RADIUS server. This will automatically
sign the certificate with your CA. Use the /Send certificate/ or
/Download certificate/ to export it. The certificate will be exported
in p12 format which combines both the certificate and its key. The
password to decrypt the file will be send by email.
Ok, I click on the Sign icon for the newly created server certificate
and it redirects me to the page where I can have an option of sending
or downloading it. I select “Download certificate” and end up with an
error:
SMTPSenderRefused at /pki/cert/2/download/
(550, '5.7.1 Sender unknown', u'[email protected]
<mailto:[email protected]>')
*Request Method:*
GET
*Request URL:*
https://172.16.0.222:9393/pki/cert/2/download/
*Django Version:*
1.8.1
*Exception Type:*
SMTPSenderRefused
*Exception Value:*
(550, '5.7.1 Sender unknown', u'[email protected]
<mailto:[email protected]>')
*Exception Location:*
/usr/lib64/python2.7/smtplib.py in sendmail, line 735
*Python Executable:*
/usr/bin/python
*Python Version:*
2.7.5
*Python Path:*
['/usr/lib64/python27.zip',
'/usr/lib64/python2.7',
'/usr/lib64/python2.7/plat-linux2',
'/usr/lib64/python2.7/lib-tk',
'/usr/lib64/python2.7/lib-old',
'/usr/lib64/python2.7/lib-dynload',
'/usr/lib64/python2.7/site-packages',
'/usr/lib/python2.7/site-packages',
'/usr/local/packetfence-pki',
'/usr/local/packetfence-pki/inverse']
*Server time:*
Tue, 9 Jan 2018 07:56:21 +0000
If I select “Send certificate” I end up with the same error but a bit
different title
SMTPSenderRefused at /pki/cert/2/send/
(550, '5.7.1 Sender unknown', u'[email protected]
<mailto:[email protected]>')
*Request Method:*
GET
*Request URL:*
https://172.16.0.222:9393/pki/cert/2/send/
Where would I need to make a change to SMTP server.
Needless to say that when I create a local user from PF GUI and select
an option of sending an email to the address I specify the email gets
delivered without any errors
In fact it looks that you smtp server refuse to accept the email (550,
'5.7.1 Sender unknown', u'[email protected]
<mailto:[email protected]>') so add it in your smtp server and
it should be ok.
Regards
Fabrice
Eugene
*From:*Fabrice Durand [mailto:[email protected]]
*Sent:* Wednesday, January 03, 2018 12:26 PM
*To:* E.P.
*Cc:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [PacketFence-users] PKI installation
Just for information, i uploaded a new version of the packetfence-pki
for centos7 who fix all the install issues.
Regards
Fabrice
Le 2017-12-12 à 23:58, E.P. a écrit :
Well, I’m taking my hat off in front of you, no kidding and pun
intended ;)
Do you need traceback from the error page ?
*From:*Durand fabrice [mailto:[email protected]]
*Sent:* Tuesday, December 12, 2017 7:02 PM
*To:* E.P.
*Cc:* [email protected]
<mailto:[email protected]>
*Subject:* Re: [PacketFence-users] PKI installation
ah ah don't worry , i like to have challenge like that to be able
to fix the issue for better user experience.
I coded the pki so i want to make it work.
Le 2017-12-12 à 21:48, E.P. a écrit :
Sure, take your time, Fabrice. I have a special knack of
running into troubles in cases when others didn’t have any :)
Eugene
Sent from iPhone
On Dec 12, 2017, at 18:18, Durand fabrice <[email protected]
<mailto:[email protected]>> wrote:
Ok let me try to install the pki on the zen and i will be
back to you.
i have installed the pki on 10 servers not a long time ago
without any issue.
Le 2017-12-12 à 20:52, E.P. a écrit :
Yes, db.sqlite3 was owned by root
[root@PacketFence-ZEN packetfence-pki]# ls -al
total 56
drwxr-xr-x 7 pf pf 128 Dec 12 08:49 .
drwxr-xr-x. 15 root root 182 Dec 12 01:33 ..
drwxrws--- 2 pf pf 6 Nov 15 14:20 ca
drwxr-xr-x 2 pf pf 125 Dec 12 01:33 conf
*/-rw-r--r-- 1 root root 43008 Dec 12 08:44 db.sqlite3/*
drwxr-xr-x 2 pf pf 204 Dec 12 02:49 inverse
drwxrws--- 2 pf pf 90 Dec 12 01:35 logs
-rwxr--r-- 1 pf pf 250 Nov 15 14:20 manage.py
-rw-r--r-- 1 root root 6 Dec 12 08:49
packetfence-pki.pid
drwxr-xr-x 5 pf pf 4096 Dec 12 02:49 pki
Changed the file ownership to pf:pf
[root@PacketFence-ZEN packetfence-pki]# ls -al
total 100
drwxr-xr-x 7 pf pf 147 Dec 13 01:45 .
drwxr-xr-x. 15 root root 182 Dec 12 01:33 ..
drwxrws--- 2 pf pf 6 Nov 15 14:20 ca
drwxr-xr-x 2 pf pf 125 Dec 12 01:33 conf
*/-rw-r--r-- 1 pf pf 43008 Dec 13 01:45 db.sqlite3/*
/drwxr-xr-x 2 pf pf 204 Dec 12 02:49 inverse/
/drwxrws--- 2 pf pf 90 Dec 12 01:35 logs/
/-rwxr--r-- 1 pf pf 250 Nov 15 14:20 manage.py/
/-rw-r--r-- 1 root root 5 Dec 13 01:43
packetfence-pki.pid/
/drwxr-xr-x 5 pf pf 4096 Dec 12 02:49 pki/
But trying to login to the PKI webpage brings me back
to the same original error “no such table: pki_ca”
which I showed earlier. I tried to follow your
previous advise about renaming the db.sqlite3 file and
running migration but the behavior is consistent. Is
it OK that the PKI process ID file is also owned by root ?
*From:*Fabrice Durand [mailto:[email protected]]
*Sent:* Tuesday, December 12, 2017 5:35 AM
*To:* E.P.; [email protected]
<mailto:[email protected]>
*Subject:* Re: [PacketFence-users] PKI installation
Just change the owner of the sqlite file to pf and it
should be ok.
Btw all these steps are made in the packaging, so it
probably failled or never finish correctly.
I will do a test on my side.
Regards
Fabrice
) and PacketFence (http://packetfence.org)
--
Fabrice Durand
[email protected] <mailto:[email protected]> :: +1.514.447.4918 (x135)
::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
