[pubcookie-users] index.cgi 500 Internal Server Error
Michael Miller
mmiller at sungardcollegis.com
Wed Jun 1 12:32:28 PDT 2005
Correct you are! It was a SELinux issue. I am not sure why SELinux was
not writing the deny error message to the messages log.
Thanks again for the quick response.
Michael
-----Original Message-----
From: Jim Fox [mailto:fox at washington.edu]
Sent: Tuesday, May 31, 2005 12:27 PM
To: Michael Miller
Cc: pubcookie-users at u.washington.edu
Subject: Re: [pubcookie-users] index.cgi 500 Internal Server Error
You should check that the user and group used by the httpd
server can access the file. It looks like file or
directory permissions are preventing index.cgi from
getting to the key file.
Jim
On Tue, 31 May 2005, Michael Miller wrote:
> Date: Tue, 31 May 2005 11:06:39 -0400
> From: Michael Miller <mmiller at sungardcollegis.com>
> To: pubcookie-users at u.washington.edu
> Subject: [pubcookie-users] index.cgi 500 Internal Server Error
>
> I have looked through the archives and came across a previous posting
> regarding this issue on February 4, 2005 but did not see a resolution.
>
> I am receiving the same 500 Internal Server Error when attempting to
run
> index.cgi. I am using Pubgookie 3.2.1 beta 1, Ferdora Core 3, gcc
3.4.3,
> OpenSSL 0.9.7a. I have followed the install manual and received the
> expected results at each step.
>
> The keyserver appears to be having issues finding the server.key file
> pointed to in the ssl_key_file. I have verified that it is at that
> location and has the correct permissions.
>
> The following are the configuration and logs:
>
>
>
> Results of openssl rsa -check -noout -in
> /etc/httpd/conf/ssl.key/server.key
> RSA Key ok
>
>
>
> /var/log/secure
> May 31 10:25:37 loginsvr pubcookie login server[4313]:
> libpbc_pubcookie_init
> May 31 10:25:37 loginsvr pubcookie login server[4313]:
> libpbc_augment_rand_state: hello
> May 31 10:25:37 loginsvr pubcookie login server[4313]: Sufficient
> Randomness: nothing to do.
> May 31 10:25:37 loginsvr pubcookie login server[4313]: security_init:
> hello
> May 31 10:25:37 loginsvr pubcookie login server[4313]: security_init:
> couldn't find session keyfile (try setting ssl_key_file?)
> May 31 10:25:37 loginsvr pubcookie login server[4313]: security_init
> failed
>
>
>
> /var/log/httpd/loginsvr.collegis.com-error_log
> [Tue May 31 10:25:37 2005] [error] [client 172.16.5.63] Premature end
of
> script headers: index.cgi
>
>
>
> /usr/local/pubcookie/config
> # 1 is a good starting point
> logging_level: 5
>
> # the credential verifier used by the basic flavor
> basic_verifier: alwaystrue
>
> # SSL session keypair
> ssl_key_file: /etc/httpd/conf/ssl.key/server.key
> ssl_cert_file: /etc/httpd/conf/ssl.crt/server.crt
>
> # SSL Settings
> ssl_ca_file: /usr/share/ssl/misc/demoCA/cacert.crt
>
> # granting keypair
> granting_key_file: /usr/local/pubcookie/keys/pubcookie_granting.key
> granting_cert_file: /usr/local/pubcookie/keys/pubcookie_granting.cert
>
> # login server config
> login_uri: https://loginsvr.collegis.com/
> login_host: loginsvr.collegis.com
> enterprise_domain: .collegis.com
> logout_prog: /logout/index.cgi
>
> # keyserver config
> keymgt_uri: https://loginsvr.collegis.com:2222
> keyserver_client_list: loginsvr.collegis.com mmillerd6.collegis.com
>
> # site-specific policies
> default_l_expire: 8h
> form_expire_time: 120
>
> # custom logout msgs
> app_logout_string-appserver.example.edu-testapp: <font
size="+1">Testapp
> logout worked just fine.</font>
> app_logout_string-webmail.example.edu-webmail: <font size="+1">Webmail
> Logout Successful!</font>
>
> Thanks for the help ahead of time!
>
> Michael
> _______________________________________________
> pubcookie-users mailing list
> pubcookie-users at u.washington.edu
> http://mailman1.u.washington.edu/mailman/listinfo/pubcookie-users
>
More information about the pubcookie-users
mailing list