Closed medoix closed 3 years ago
taoeffect
commented
9 years ago Interesting, could you give us more info about the system this is happening on?
That error message is broken though (it should give a better reason). Try running the command manually and paste the output:
openssl x509 -fingerprint -sha256 -text -noout -in /path/to/.dnschain/cert.pem
medoix
commented
9 years ago Ubuntu 14.04 LTS OpenSSL 1.0.1f 6 Jan 2014
SHA256 Fingerprint=EB:BC:EB:95:CF:93:48:E0:F1:32:D8:25:F9:CE:5C:BA:76:84:AE:59:69:26:18:C6:F7:54:80:E5:92:C7:76:FA
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15600626329977100027 (0xd8808efdcfe416fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=garage
Validity
Not Before: Apr 23 10:00:04 2015 GMT
Not After : Apr 22 10:00:04 2017 GMT
Subject: CN=garage
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:d6:b1:8c:fa:bd:4d:c1:aa:2d:63:dd:e2:00:1a:
ca:e0:f8:d7:b4:c1:0f:22:0a:33:c0:f7:84:71:d3:
73:9c:cf:07:2b:e8:4e:b9:3d:33:72:cc:7b:65:2c:
97:ed:91:50:a7:e3:40:73:22:4e:30:bf:50:ac:27:
bf:b5:63:6c:db:0b:be:3c:0a:7d:60:79:c4:c1:2c:
95:c2:d7:1d:f9:23:73:ed:ba:d2:1a:a5:bf:f4:37:
d8:8f:36:a7:af:24:d8:a7:c2:88:4a:ec:33:81:7e:
c9:43:1f:ea:5b:75:26:08:cd:26:b9:09:88:ae:14:
8f:54:1c:cb:25:ef:17:9e:14:44:91:50:ca:d7:e6:
f5:8e:58:af:ec:cb:58:39:b9:77:15:ec:af:22:42:
dd:4d:69:19:ab:85:61:50:87:b5:ce:38:7b:7c:a1:
e5:0d:cc:72:24:a5:62:09:99:28:4f:f5:a0:ba:e3:
a1:b4:2e:be:43:9b:65:1a:8b:9f:ff:8b:90:87:18:
a6:42:93:2c:88:e2:61:9f:35:ef:e8:5c:f5:ff:b8:
b3:f0:36:0a:0b:e1:dd:7b:ea:38:07:09:44:db:a3:
fa:99:c2:c4:a7:d6:9f:82:54:6f:86:c6:31:46:3a:
60:05:93:0e:e6:69:86:21:d5:9e:8f:c1:f7:9e:f2:
06:cc:fe:35:d2:4e:f3:00:1b:f8:1e:03:6c:d9:ed:
a5:69:f0:c4:22:49:3e:83:cc:53:55:8f:62:1a:b2:
91:44:5c:37:53:3b:a0:54:d3:36:00:95:1c:fc:8c:
ec:23:36:c7:b3:11:23:a7:c9:23:9e:9e:f9:93:17:
5f:35:ad:e1:ed:45:94:c2:e2:46:30:e9:c1:cc:76:
4c:39:1f:58:f6:64:86:1c:16:57:fb:cd:7b:af:09:
e3:62:c5:f0:96:76:ca:5b:30:91:e3:49:c1:6e:7d:
98:83:34:21:40:73:f0:ed:46:77:db:bf:6d:09:e1:
7c:b0:26:de:c1:0b:e8:d8:d5:33:91:97:c7:ca:87:
6a:2a:bd:83:3d:8a:8c:e8:9d:4b:ff:96:e2:0a:8c:
14:a5:38:4f:0c:99:2b:f2:5b:33:93:18:d0:97:b4:
32:c1:5d:be:9e:72:a5:eb:1f:bc:d8:62:c2:aa:fa:
a8:b1:8a:49:ac:09:6a:fd:12:11:98:5d:b4:e0:7e:
22:3e:61:b9:84:e6:af:5e:82:c4:24:46:7e:a1:18:
d0:42:03:b7:f1:97:fe:23:57:a3:81:c7:50:3b:88:
c0:88:1d:af:24:1c:c2:2e:82:15:6a:4b:f3:c9:df:
e9:53:c3:43:a6:2f:5a:bc:c1:b2:cc:69:15:8b:1f:
2a:9f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2E:3B:3A:72:B3:DB:39:A1:8B:CE:4E:6B:0A:2C:B1:43:F0:22:DE
X509v3 Authority Key Identifier:
keyid:D3:2E:3B:3A:72:B3:DB:39:A1:8B:CE:4E:6B:0A:2C:B1:43:F0:22:DE
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
77:11:b1:36:ea:34:6d:09:f3:78:3a:66:67:9b:92:f0:9d:18:
2e:c0:91:1b:e8:15:26:05:57:2a:e3:ea:fb:28:44:d5:90:ae:
f9:14:82:3d:58:7e:c6:86:41:b0:07:e6:c2:81:40:9b:ae:c7:
77:e9:df:b4:78:e5:08:0a:14:0e:2a:eb:0a:45:a3:02:0c:af:
0b:7b:36:a2:ae:90:84:79:5d:9a:7f:fd:9e:76:d0:fb:82:95:
56:0d:89:5b:aa:2e:8a:56:fd:3d:54:9d:74:78:ed:41:92:07:
c8:55:b0:2a:63:5c:1b:c9:08:e5:40:fb:d9:3e:37:7e:0b:59:
52:3c:97:80:bd:4e:2d:a1:a1:e4:df:d6:71:6b:ce:18:e2:9c:
5e:0f:12:f3:55:45:92:bd:97:3f:fb:e9:ed:e8:ac:b7:22:9c:
d8:c3:8a:3e:d3:cc:77:cf:cc:4f:83:8e:85:85:82:18:9f:67:
60:7b:cc:c5:28:fa:ac:f6:71:db:07:82:04:64:19:13:82:d2:
36:3f:89:de:de:be:be:8c:8c:47:a1:d6:ab:fb:7b:b2:a2:c1:
f0:9e:43:2a:56:21:8a:53:25:c2:60:9a:aa:89:d1:b0:8e:5d:
5c:59:a2:3d:48:d2:45:da:12:8d:3f:91:45:b7:4a:81:af:a7:
03:8e:9f:71:7d:46:f7:b5:56:bf:fc:13:8c:d9:cb:b7:85:e1:
92:8d:83:57:df:7b:46:b0:3b:5b:79:b4:45:c3:78:77:6d:81:
f3:74:79:31:9b:68:de:ba:5f:03:df:a7:56:d9:76:17:69:2f:
5f:21:90:9e:1f:f8:24:29:38:5c:29:99:5c:83:7f:0a:7b:56:
81:84:1e:18:06:a2:8f:92:de:e8:05:2e:97:cf:b1:4c:3c:ae:
f9:55:40:08:54:5c:3a:36:4c:93:74:89:70:9e:cb:f1:03:48:
82:7b:43:6d:24:2c:ee:76:52:4d:fb:0b:c6:d2:ec:f5:a2:76:
24:89:26:94:cf:bf:05:08:2a:f8:52:d5:97:4a:66:63:06:8a:
d8:e5:54:ce:3c:b2:a1:6b:cc:66:f0:ad:f1:d5:e1:68:71:e2:
01:84:13:cb:ab:83:1b:70:a9:a8:d7:57:75:ad:b8:59:4e:e5:
64:88:d3:e2:03:fd:23:fd:ce:fa:2b:1c:a9:23:a4:f0:82:ad:
9e:7f:b0:8b:7d:6c:e6:c8:3c:7d:79:a4:52:22:cd:f5:d6:1d:
8b:6f:fc:99:b9:25:cb:23:25:f4:2b:5e:f4:68:cc:02:c7:6c:
41:74:a6:f8:74:63:fc:f8:4f:c0:f0:e4:5e:14:24:6f:02:03:
ba:c0:c0:08:c5:f4:99:5cHowever you run DNSChain, re-run it with the log__level environment variable set to debug, and grep the output for running: openssl x509.
Example (if dnschain is in your $PATH):
[prompt]$ log__level=debug dnschain | grep "running: openssl x509"Then paste the output here.
medoix
commented
9 years ago $ log__level=debug dnschain | grep "running: openssl x509"
2015-04-24T11:27:09.925Z - debug: [ICANN] Loading resolver config
2015-04-24T11:27:09.970Z - debug: [KeyID] Loading keyid resolver
2015-04-24T11:27:10.043Z - debug: [NMC] Loading namecoin resolver
2015-04-24T11:27:10.226Z - debug: [NXT] Loading nxt resolver
2015-04-24T11:27:10.229Z - debug: [DNS] Loading DNSServer...
2015-04-24T11:27:10.232Z - debug: [HTTP] Loading HTTPServer...
2015-04-24T11:27:10.421Z - debug: [HTTPS] Loading HTTPS... (<EncryptedServer> https.coffee:90)
2015-04-24T11:27:10.424Z - debug: [DNSChain] Starting up...
2015-04-24T11:27:10.425Z - debug: [ICANN] Starting up...
2015-04-24T11:27:10.426Z - debug: [NMC] Starting up...
2015-04-24T11:27:10.428Z - debug: [Redis] Starting up...
2015-04-24T11:27:10.428Z - debug: [HTTP] Starting up...
2015-04-24T11:27:10.430Z - debug: [HTTPS] Starting up...
2015-04-24T11:27:10.431Z - debug: [DNS] Starting up...
2015-04-24T11:27:10.435Z - debug: [Global] running: openssl x509 -fingerprint -sha256 -text -noout -in "/data/coins/namecoin/.dnschain/cert.pem"
2015-04-24T11:27:10.497Z - error: [Global] Error: Failed to read public key fingerprint: Command failed:
at _.assign.gErr (/usr/lib/node_modules/dnschain/src/lib/globals.coffee:111:21)
at /usr/lib/node_modules/dnschain/src/lib/pem.coffee:29:17
at tryCatcher (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/util.js:24:31)
at Promise._settlePromiseFromHandler (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/promise.js:466:31)
at Promise._settlePromiseAt (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/promise.js:545:18)
at Promise._settlePromises (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/promise.js:661:14)
at Async._drainQueue (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/async.js:79:16)
at Async._drainQueues (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/async.js:89:10)
at Async.drainQueues (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/async.js:14:14)
at process._tickCallback (node.js:419:13)
Unhandled rejection Error: Failed to read public key fingerprint: Command failed:
at _.assign.gErr (/usr/lib/node_modules/dnschain/src/lib/globals.coffee:111:21)
at /usr/lib/node_modules/dnschain/src/lib/pem.coffee:29:17
at tryCatcher (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/util.js:24:31)
at Promise._settlePromiseFromHandler (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/promise.js:466:31)
at Promise._settlePromiseAt (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/promise.js:545:18)
at Promise._settlePromises (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/promise.js:661:14)
at Async._drainQueue (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/async.js:79:16)
at Async._drainQueues (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/async.js:89:10)
at Async.drainQueues (/usr/lib/node_modules/dnschain/node_modules/bluebird/js/main/async.js:14:14)
at process._tickCallback (node.js:419:13)@medoix Check to make sure that the user that DNSChain is running as has the ability to read this file: /data/coins/namecoin/.dnschain/cert.pem (all the correct permissions are set on it for user/group, etc.).
medoix
commented
9 years ago Yes the right user:group is the same user and i even set permission 777 on both cert.pem and key.pem with same results. It obviously has the permissions because on the first run it creates them and if i delete them and run it creates them again.
medoix
commented
9 years ago Maybe it is failing to create them properly, i deleted them and re-ran the deubg command and it just sits on this
$ log__level=debug dnschain | grep "running: openssl x509"
2015-04-24T23:16:31.881Z - debug: [Global] running: openssl req -new -newkey rsa:4096 -days 730 -nodes -sha256 -x509 -subj "/CN=garage" -keyout "/data/coins/namecoin/.dnschain/key.pem" -out "/data/coins/namecoin/.dnschain/cert.pem"
2015-04-24T23:16:32.229Z - debug: [ICANN] Loading resolver config
2015-04-24T23:16:32.272Z - debug: [KeyID] Loading keyid resolver
2015-04-24T23:16:32.346Z - debug: [NMC] Loading namecoin resolver
2015-04-24T23:16:32.572Z - debug: [NXT] Loading nxt resolver
2015-04-24T23:16:32.575Z - debug: [DNS] Loading DNSServer...
2015-04-24T23:16:32.578Z - debug: [HTTP] Loading HTTPServer...
2015-04-24T23:16:32.782Z - debug: [HTTPS] Loading HTTPS... (<EncryptedServer> https.coffee:90)
2015-04-24T23:16:32.784Z - debug: [DNSChain] Starting up...
2015-04-24T23:16:32.785Z - debug: [ICANN] Starting up...
2015-04-24T23:16:32.787Z - debug: [NMC] Starting up...
2015-04-24T23:16:32.789Z - debug: [Redis] Starting up...
2015-04-24T23:16:32.790Z - debug: [HTTP] Starting up...
2015-04-24T23:16:32.795Z - debug: [HTTPS] Starting up...
2015-04-24T23:16:32.796Z - debug: [DNS] Starting up...
2015-04-24T23:16:33.607Z - debug: [Global] running: openssl x509 -fingerprint -sha256 -text -noout -in "/data/coins/namecoin/.dnschain/cert.pem"Maybe it is failing to create them properly
Well, you can tell if that's true or not by viewing the files. Is it?
The path looks non-standard btw, did you customize where it saves those files? If so, try undoing the customization.
This is a very curious bug and seems quite isolated... you can try installing DNSChain on another system and see if you can reproduce it there too. If you can't, then try to figure out what the difference between the two systems is.
When i first run dnschain it loads fine and generates the cert.pem and key.pem in the .dnschain folder but when i quit and relaunch dnschain i get the following output (i have tried deleting and restarting and it works until i restart again).