vitormattos
commented
2 years ago To help is necessary the entire response of request.
Closed Iwios closed 2 years ago
vitormattos
commented
2 years ago To help is necessary the entire response of request.
Iwios
commented
2 years ago Hi, this is a print screen from debug consol
Do you need something else?
Iwios
commented
2 years ago This is my ssh consol when I launch cfssl serve:
2021/11/16 11:49:14 [WARNING] couldn't initialize ocsp signer: open : no such file or directory 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/scan' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/gencrl' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/bundle' endpoint 2021/11/16 11:49:14 [INFO] bundler API ready 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/newkey' endpoint 2021/11/16 11:49:14 [INFO] setting up key / CSR generator 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/scaninfo' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/certinfo' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/revoke' endpoint 2021/11/16 11:49:14 [WARNING] endpoint '/api/v1/cfssl/revoke' is disabled: cert db not configured (missing -db-config) 2021/11/16 11:49:14 [INFO] Setting up '/' endpoint 2021/11/16 11:49:14 [WARNING] endpoint '/' is disabled: could not locate box "static" 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/sign' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/authsign' endpoint 2021/11/16 11:49:14 [WARNING] endpoint '/api/v1/cfssl/authsign' is disabled: {"code":5200,"message":"Invalid or unknown policy"} 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/info' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/newcert' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/init_ca' endpoint 2021/11/16 11:49:14 [INFO] Setting up '/api/v1/cfssl/ocspsign' endpoint 2021/11/16 11:49:14 [WARNING] endpoint '/api/v1/cfssl/ocspsign' is disabled: signer not initialized 2021/11/16 11:49:14 [INFO] Handler set up complete. 2021/11/16 11:49:14 [INFO] Now listening on 127.0.0.1:8888
vitormattos
commented
2 years ago What is the response?
vitormattos
commented
2 years ago This endpoint return a json on body of response with the error message.
Iwios
commented
2 years ago Hi, this is the response :+1:
"Error while writing CSR server file!"
vitormattos
commented
2 years ago The user of PHP don't have permission to write the configuration of CFSSL server on CFSSL directory defined on LibreSign configuration.
For example, if the user is www-data you can do a chown to change the owner of directory that you choose to save the CFSSL data. On documentation doing the setup with Docker, the suggested folder is /cfssl/
vitormattos
commented
2 years ago vitormattos
commented
2 years ago The $filename is a concatenation of the path that you put on form and the constant with the name of configuration file csr_server.json
Iwios
commented
2 years ago I have configur without docker.
I'm sure I have make a chown... By the way, after a chown I have another error :+1:
Client error: GET http://127.0.0.1:8888/api/v1/cfssl/health resulted in a 404 Not Found response:404 page not found
vitormattos
commented
2 years ago You don't started the CFSSL server or CFSSL server don't respond on this URL,
vitormattos
commented
2 years ago Duplicated, see and interact on #400
Hi ,
I have follow the instructions to install ans configure libresign. I have installed cfssl and when I clic on generate certificat file i have an error. If I Open the consol i Can see a 401 error unauthorized.
Can you help me to debug this problem?
Thanks a lot.