Announcement

Collapse
No announcement yet.

Configuration error is preventing encryption

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Configuration error is preventing encryption

    Here is my code:

    Code:
    <MvASSIGN NAME="l.Encrypt_Key" VALUE="oT4abMN4OtYcb6Gr">
    <MvASSIGN NAME="l.Full_Name" VALUE="Robin McDermott">
    <MvASSIGN NAME="l.Encrypt_OK" VALUE ="{bf_encrypt( l.Encrypt_Key, l.Full_Name, l.Encrypt_Var )}">
    <MvASSIGN NAME="l.Encrypt_Err" VALUE="{crypto_last_error()}">
    <MvEVAL EXPRESSION = "{'Error: "' $ l.Encrypt_Err $ '" OK: "' $ l.Encrypt_OK $ '" Encrypt_Var: "' $ l.Encrypt_Var $ '"'}"> 
    Here's the output:
    Code:
    Error: "Unable to load SSL routine SSLeay / OpenSSL_version_num " OK: "0" Encrypt_Var: ""
    It seems like it is needing OpenSSL, which is installed on the server. So, I assume I have some kind of misconfiguration error.

    Here are the OpenSSL lines in the mivavm.conf:
    Code:
    openssl=/usr/lib64/libssl.so.10
    openssl_crypto=/usr/lib64/libcrypto.so.10
    From the diagnostic tool I get:
    Code:
    bufsz_call=8192
    bufsz_content=8192
    bufsz_import=8192
    bufsz_output=8192
    bufsz_output_flush=1048576
    bufsz_smtp=8192
    bufsz_template=8192
    cookies=0
    database_list[1]=MySQL
    database_list[2]=MivaSQL
    default_file=index.mvc
    delay_file=100
    dir_data=/var/www/vhosts/mysite.com/mivadata
    dir_miva=/var/www/vhosts/mysite.com/httpdocs
    dir_user=public_hts
    file_ca=/etc/pki/tls/certs/ca-bundle.crt
    flags_security=0
    info_serveradmin=webmaster@localhost
    lock_expiration=90
    log_level=0
    max_async_tasks=0
    max_docache=0
    max_files=0
    max_post_vars=2000
    max_unknown_content_length=1048576
    slowrequest_syslog=-1
    socks_port=1080
    socks_version=4
    ssl_crypto=/usr/lib64/libcrypto.so
    ssl_openssl=/usr/lib64/libssl.so.10
    ssl_sni=-1
    systemlib_list[1]=GD
    timeout_async=3600
    timeout_async_sleep=86400
    timeout_call=30
    timeout_file=30
    timeout_global=360
    timeout_mail=30
    timeout_post=30
    I am not sure of what needs to be changed so that we can use the Miva encryption function. I am the host, so obviously, "talking to my host" isn't going to resolve this issue.

    ---------------------------------
    Robin McDermott, CQE
    Director of Training
    QualityTrainingPortal.com

    #2
    Which version of Empresa and what is the host OS / OpenSSL version?
    David Hubbard
    CIO
    Miva
    [email protected]
    http://www.miva.com

    Comment


      #3
      mivavm-v5.34 and Red Hat Enterprise Linux Server 7.9 / Open SSL openssl-libs-1.0.2k-21.el7_9.x86_64
      ---------------------------------
      Robin McDermott, CQE
      Director of Training
      QualityTrainingPortal.com

      Comment


        #4
        Everything you have looks correct. The 1.0.2k libraries should load no problem. Can you stat both those files to ensure the filepaths and permissions are correct?
        David Carver
        Miva, Inc. | Software Developer

        Comment


          #5
          I assume that these are the two files you are asking about and that this is the info you have asked for:

          [root@web1 /]# stat usr/lib64/libssl.so.10
          File: ‘usr/lib64/libssl.so.10’ -> ‘libssl.so.1.0.2k’
          Size: 16 Blocks: 0 IO Block: 4096 symbolic link
          Device: fd00h/64768d Inode: 1077486009 Links: 1
          Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
          Access: 2021-04-30 03:17:01.822758142 -0400
          Modify: 2021-01-12 02:16:17.847417511 -0500
          Change: 2021-01-12 02:16:17.847417511 -0500
          Birth: -

          [root@web1 /]# stat usr/lib64/libcrypto.so.10
          File: ‘usr/lib64/libcrypto.so.10’ -> ‘libcrypto.so.1.0.2k’
          Size: 19 Blocks: 0 IO Block: 4096 symbolic link
          Device: fd00h/64768d Inode: 1077485142 Links: 1
          Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
          Access: 2021-04-30 03:17:01.821758147 -0400
          Modify: 2021-01-12 02:16:17.822417611 -0500
          Change: 2021-01-12 02:16:17.828417587 -0500
          Birth: -

          ---------------------------------
          Robin McDermott, CQE
          Director of Training
          QualityTrainingPortal.com

          Comment


            #6
            You said your config is set to
            Code:
            openssl_crypto=/usr/lib64/libcrypto.so.10
            but that is not what diagtool is showing, it is showing a value of
            Code:
            /usr/lib64/libcrypto.so
            Are you modifying the correct conf file / does /usr/lib64/libcrypto.so exist?
            David Carver
            Miva, Inc. | Software Developer

            Comment


              #7
              WOW! That is it. I have been working between a live site and test site and the config on the live site is correct with

              openssl_crypto=/usr/lib64/libcrypto.so.10

              but the test site is:

              openssl_crypto=/usr/lib64/libcrypto.so

              I assumed that they would be exact, but they are not.

              Operator error. It is working now. Thank you so much for all of your help.
              ---------------------------------
              Robin McDermott, CQE
              Director of Training
              QualityTrainingPortal.com

              Comment

              Working...
              X