Announcement

Collapse
No announcement yet.

Configuration error is preventing encryption

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • robinemcd
    replied
    WOW! That is it. I have been working between a live site and test site and the config on the live site is correct with

    openssl_crypto=/usr/lib64/libcrypto.so.10

    but the test site is:

    openssl_crypto=/usr/lib64/libcrypto.so

    I assumed that they would be exact, but they are not.

    Operator error. It is working now. Thank you so much for all of your help.

    Leave a comment:


  • dcarver
    replied
    You said your config is set to
    Code:
    openssl_crypto=/usr/lib64/libcrypto.so.10
    but that is not what diagtool is showing, it is showing a value of
    Code:
    /usr/lib64/libcrypto.so
    Are you modifying the correct conf file / does /usr/lib64/libcrypto.so exist?

    Leave a comment:


  • robinemcd
    replied
    I assume that these are the two files you are asking about and that this is the info you have asked for:

    [[email protected] /]# stat usr/lib64/libssl.so.10
    File: €˜usr/lib64/libssl.so.10€™ -> €˜libssl.so.1.0.2k€™
    Size: 16 Blocks: 0 IO Block: 4096 symbolic link
    Device: fd00h/64768d Inode: 1077486009 Links: 1
    Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
    Access: 2021-04-30 03:17:01.822758142 -0400
    Modify: 2021-01-12 02:16:17.847417511 -0500
    Change: 2021-01-12 02:16:17.847417511 -0500
    Birth: -

    [[email protected] /]# stat usr/lib64/libcrypto.so.10
    File: €˜usr/lib64/libcrypto.so.10€™ -> €˜libcrypto.so.1.0.2k€™
    Size: 19 Blocks: 0 IO Block: 4096 symbolic link
    Device: fd00h/64768d Inode: 1077485142 Links: 1
    Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
    Access: 2021-04-30 03:17:01.821758147 -0400
    Modify: 2021-01-12 02:16:17.822417611 -0500
    Change: 2021-01-12 02:16:17.828417587 -0500
    Birth: -

    Leave a comment:


  • dcarver
    replied
    Everything you have looks correct. The 1.0.2k libraries should load no problem. Can you stat both those files to ensure the filepaths and permissions are correct?

    Leave a comment:


  • robinemcd
    replied
    mivavm-v5.34 and Red Hat Enterprise Linux Server 7.9 / Open SSL openssl-libs-1.0.2k-21.el7_9.x86_64

    Leave a comment:


  • ILoveHostasaurus
    replied
    Which version of Empresa and what is the host OS / OpenSSL version?

    Leave a comment:


  • robinemcd
    started a topic Configuration error is preventing encryption

    Configuration error is preventing encryption

    Here is my code:

    Code:
    <MvASSIGN NAME="l.Encrypt_Key" VALUE="oT4abMN4OtYcb6Gr">
    <MvASSIGN NAME="l.Full_Name" VALUE="Robin McDermott">
    <MvASSIGN NAME="l.Encrypt_OK" VALUE ="{bf_encrypt( l.Encrypt_Key, l.Full_Name, l.Encrypt_Var )}">
    <MvASSIGN NAME="l.Encrypt_Err" VALUE="{crypto_last_error()}">
    <MvEVAL EXPRESSION = "{'Error: "' $ l.Encrypt_Err $ '" OK: "' $ l.Encrypt_OK $ '" Encrypt_Var: "' $ l.Encrypt_Var $ '"'}"> 
    Here's the output:
    Code:
    Error: "Unable to load SSL routine SSLeay / OpenSSL_version_num " OK: "0" Encrypt_Var: ""
    It seems like it is needing OpenSSL, which is installed on the server. So, I assume I have some kind of misconfiguration error.

    Here are the OpenSSL lines in the mivavm.conf:
    Code:
    openssl=/usr/lib64/libssl.so.10
    openssl_crypto=/usr/lib64/libcrypto.so.10
    From the diagnostic tool I get:
    Code:
    bufsz_call=8192
    bufsz_content=8192
    bufsz_import=8192
    bufsz_output=8192
    bufsz_output_flush=1048576
    bufsz_smtp=8192
    bufsz_template=8192
    cookies=0
    database_list[1]=MySQL
    database_list[2]=MivaSQL
    default_file=index.mvc
    delay_file=100
    dir_data=/var/www/vhosts/mysite.com/mivadata
    dir_miva=/var/www/vhosts/mysite.com/httpdocs
    dir_user=public_hts
    file_ca=/etc/pki/tls/certs/ca-bundle.crt
    flags_security=0
    [email protected]
    lock_expiration=90
    log_level=0
    max_async_tasks=0
    max_docache=0
    max_files=0
    max_post_vars=2000
    max_unknown_content_length=1048576
    slowrequest_syslog=-1
    socks_port=1080
    socks_version=4
    ssl_crypto=/usr/lib64/libcrypto.so
    ssl_openssl=/usr/lib64/libssl.so.10
    ssl_sni=-1
    systemlib_list[1]=GD
    timeout_async=3600
    timeout_async_sleep=86400
    timeout_call=30
    timeout_file=30
    timeout_global=360
    timeout_mail=30
    timeout_post=30
    I am not sure of what needs to be changed so that we can use the Miva encryption function. I am the host, so obviously, "talking to my host" isn't going to resolve this issue.

Working...
X