Announcement

Collapse
No announcement yet.

Are the certs in 5.24 Linux x64 all empty?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Are the certs in 5.24 Linux x64 all empty?

    I'm manually updating my empresa on our self-hosted Miva site. In general the update went fine yesterday but there seems to be a problem with the certs in the gzip file I downloaded from Miva, every file in certs/openssl-1.0 is 51 bytes (empty). I uploaded the gzip to my server and extracted it there and the result was the same.

    I called Miva to verify but unfortunately I'm not eligible for phone support since I'm self-hosted, and the engineer assigned to my case won't be in for a couple of hours.

    Can anyone else verify? Maybe I'm doing something wrong, I'm not sure. I downloaded the Linux x64 tar.gz file from http://www.miva.com/support/downloads

    If I change my mivavm.conf file to point the cadir to the old (5.23) certs directory, the problem is obviously fixed, but I'd rather do it the right way and get the certs for 5.24 uploaded.
    Looking for work as of March 2024! I've been a web developer for going on 20 years, with most of that time spent on Miva sites.
    Tags: None
    #2
    That directory contains symbolic links using the appropriate names for openssl 1.x, pointing up one directory into the raw directory to the real files. It can only be properly extracted on a filesystem which supports symbolic links.
    David Hubbard
    CIO
    Miva
    [email protected]
    http://www.miva.com

    Comment

      #3
      I understand -- so can I just point my cadir to the raw directory instead?
      Looking for work as of March 2024! I've been a web developer for going on 20 years, with most of that time spent on Miva sites.

      Comment

        #4
        No, the files in the raw directory are the actual certificates, the symlinks in the openssl-0.9 and openssl-1.0 directories are named using the openssl x509 -subject_hash command and are specific to openssl version, so the filenames in the raw directory would not work for openssl to do lookups against. cadir needs to be pointed at a directory which contains certificates whose names match the subject_hash the respective version of openssl would have generated.

        If you don't want to point directly at the openssl-1.0 directory, you can, from within the openssl-1.0 directory, do a: cp * /path/to/cadir

        That will copy the raw files with the openssl-1.0 names into your desired cadir.
        David Hubbard
        CIO
        Miva
        [email protected]
        http://www.miva.com

        Comment

          #5
          Thanks, I got it working - I copied the certs/openssl-1.0/ folder from the holding spot I had extracted it to on the server, to the real spot in cgi-bin/mivavm-v5.24/certs (replacing the old folder). Since I had extracted this version on the server instead of on my windows machine, it seemed to solve the problem.

          I wasn't aware of the sym links before, and that they get screwed up when extracted on a windows machine. Next time around I'll just upload the tar.gz file to my server and extract it there. Normally I like to do things locally and use FTP but now I know that won't work in this case
          Looking for work as of March 2024! I've been a web developer for going on 20 years, with most of that time spent on Miva sites.

          Comment

          Previous template Next
          Working...
          X