I am using the second an third solution but the first one give me the same
error as previously.
Now there is an error in the /etc/webkldc/webkdc.conf :
[root@webkdc ~]# cat /etc/webkdc/webkdc.conf
#$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = '0';
$ENV{PERL_LWP_SSL_CA_FILE} = '/etc/pki/CA/certs/ca-cert-All.crt'
# The KEYRING_PATH should match what you put in your httpd config
$KEYRING_PATH = "/etc/httpd/conf/webkdc/keyring";
$URL = "https://webkdc.example.com/webkdc-service/";;
# You can make custom skins for the weblogin page. Change the path here
$TEMPLATE_PATH = "/usr/local/webkdc/share/weblogin/generic/templates/";
error.log :
Scalar found where operator expected at /etc/webkdc/webkdc.conf line 4,
near "$KEYRING_PATH"
(Missing semicolon on previous line?)
failed to parse /etc/webkdc/webkdc.conf: syntax error at
/etc/webkdc/webkdc.conf line 4, near "$KEYRING_PATH "
Compilation failed in require at /usr/local/lib64/perl5/WebKDC.pm line 35.
BEGIN failed--compilation aborted at /usr/local/lib64/perl5/WebKDC.pm line
35.
Compilation failed in require at /usr/local/lib64/perl5/WebLogin.pm line 48.
BEGIN failed--compilation aborted at /usr/local/lib64/perl5/WebLogin.pm
line 48.
Compilation failed in require at
/usr/local/webkdc/share/weblogin/login.fcgi line 30.
BEGIN failed--compilation aborted at
/usr/local/webkdc/share/weblogin/login.fcgi line 30.
[Thu Nov 08 06:57:40 2012] [warn] FastCGI: (dynamic) server
"/usr/local/webkdc/share/weblogin/login.fcgi" (pid 14000) terminated by
calling exit with status '255'
[Thu Nov 08 06:57:45 2012] [warn] FastCGI: (dynamic) server
"/usr/local/webkdc/share/weblogin/login.fcgi" (uid 0, gid 0) restarted (pid
14002)
2012/11/8 Russ Allbery <ea...@windlord.stanford.edu>
> James James <jre...@gmail.com> writes:
>
> > [root@webkdc ~]# env PERL_LWP_SSL_VERIFY_HOSTNAME=0 GET
> > https://localhost/webkdc-service/
> > <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> > <html><head>
> > <title>404 Not Found</title>
> > </head><body>
> > <h1>Not Found</h1>
> > <p>The requested URL /webkdc-service/ was not found on this server.</p>
> > <hr>
> > <address>Apache/2.2.15 (Scientific Linux) Server at localhost Port
> > 443</address>
> > </body></html>
>
> Aha! Okay, now we're getting somewhere.
>
> > I don't have multiple SSL vhost on this server. There is the <VirtualHost
> > _default_:443>
> > and <VirtualHost webkdc.example.com:443> ...
>
> That's two different SSL vhosts, though. :) I'm guessing that only the
> latter has the /webkdc-service/ definition, and the former doesn't?
>
> I think there are three possible fixes:
>
> 1. Combine the _default_ and webkdc.example.com virtual hosts into just a
> single _default_ virtual host (or, better, a *:443 virtual host).
>
> 2. Add:
>
> $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
>
> to /etc/webkdc/webkdc.conf and go back to using the webkdc.example.com
> URL.
>
> 3. Add:
>
> $ENV{PERL_LWP_SSL_CA_FILE} = '/path/to/ca/file';
>
> to /etc/webkdc/webkdc.conf where the path points to the CA that signed
> your webkdc.example.com SSL certificate.
>
> I'd recommend the first solution, since it simplifies your Apache
> configuration.
>
> --
> Russ Allbery <ea...@windlord.stanford.edu>
> Technical Lead, ITS Infrastructure Delivery Group, Stanford University
>
