Epoptes fails after update....certificate issue
Hi!
I ran some updates today to my Edubuntu server (had everything working fine)....now it's broken :-(
I was unable to see any of the clients unless they were logged in....so I figured something was amiss in the chroot....so I ran epoptes-client -c....and it failed. I tried uninstalling and reinstalling epoptes-
epoptes-client -c
4147701960:
epoptes-client ERROR: Failed to fetch certificate from localhost:789
I ran a set of commands you pointed out to someone else in launchpad....see below. I'm open to any help you can give...it was working beautifully...I had wake-on-lan...and everything working.
root@edubuntu-
cat: /proc/sys/
root@edubuntu-
Resolving 'localhost'...
Connecting to '127.0.0.1:789'...
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_EXPORT_
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [57 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking for SSL 3.0 support... no
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_AES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking whether %COMPAT is required... yes
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_EXPORT_
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [64 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking for TLS 1.0 support... no
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking for TLS 1.1 support... no
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking fallback from TLS 1.1 to... failed
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking for TLS 1.2 support... no
|<2>| ASSERT: gnutls_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_EXPORT_
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [64 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_
Checking whether we need to disable TLS 1.0... yes
Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1
Thanks!
David Trask
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Epoptes Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask David Trask for more information if necessary.