[pubcookie-users] index.cgi 500 Internal Server Error

Tue May 31 09:27:19 PDT 2005

You should check that the user and group used by the httpd
server can access the file.  It looks like file or
directory permissions are preventing index.cgi from
getting to the key file.

Jim

On Tue, 31 May 2005, Michael Miller wrote:

> Date: Tue, 31 May 2005 11:06:39 -0400
> From: Michael Miller <mmiller at sungardcollegis.com>
> To: pubcookie-users at u.washington.edu
> Subject: [pubcookie-users] index.cgi 500 Internal Server Error
> 
> I have looked through the archives and came across a previous posting
> regarding this issue on February 4, 2005 but did not see a resolution.
>
> I am receiving the same 500 Internal Server Error when attempting to run
> index.cgi. I am using Pubgookie 3.2.1 beta 1, Ferdora Core 3, gcc 3.4.3,
> OpenSSL 0.9.7a. I have followed the install manual and received the
> expected results at each step.
>
> The keyserver appears to be having issues finding the server.key file
> pointed to in the ssl_key_file. I have verified that it is at that
> location and has the correct permissions.
>
> The following are the configuration and logs:
>
>
>
> Results of openssl rsa -check -noout -in
> /etc/httpd/conf/ssl.key/server.key
> RSA Key ok
>
>
>
> /var/log/secure
> May 31 10:25:37 loginsvr pubcookie login server[4313]:
> libpbc_pubcookie_init
> May 31 10:25:37 loginsvr pubcookie login server[4313]:
> libpbc_augment_rand_state: hello
> May 31 10:25:37 loginsvr pubcookie login server[4313]: Sufficient
> Randomness: nothing to do.
> May 31 10:25:37 loginsvr pubcookie login server[4313]: security_init:
> hello
> May 31 10:25:37 loginsvr pubcookie login server[4313]: security_init:
> couldn't find session keyfile (try setting ssl_key_file?)
> May 31 10:25:37 loginsvr pubcookie login server[4313]: security_init
> failed
>
>
>
> /var/log/httpd/loginsvr.collegis.com-error_log
> [Tue May 31 10:25:37 2005] [error] [client 172.16.5.63] Premature end of
> script headers: index.cgi
>
>
>
> /usr/local/pubcookie/config
> # 1 is a good starting point
> logging_level: 5
>
> # the credential verifier used by the basic flavor
> basic_verifier: alwaystrue
>
> # SSL session keypair
> ssl_key_file: /etc/httpd/conf/ssl.key/server.key
> ssl_cert_file: /etc/httpd/conf/ssl.crt/server.crt
>
> # SSL Settings
> ssl_ca_file: /usr/share/ssl/misc/demoCA/cacert.crt
>
> # granting keypair
> granting_key_file: /usr/local/pubcookie/keys/pubcookie_granting.key
> granting_cert_file: /usr/local/pubcookie/keys/pubcookie_granting.cert
>
> # login server config
> login_uri: https://loginsvr.collegis.com/
> login_host: loginsvr.collegis.com
> enterprise_domain: .collegis.com
> logout_prog: /logout/index.cgi
>
> # keyserver config
> keymgt_uri: https://loginsvr.collegis.com:2222
> keyserver_client_list: loginsvr.collegis.com mmillerd6.collegis.com
>
> # site-specific policies
> default_l_expire: 8h
> form_expire_time: 120
>
> # custom logout msgs
> app_logout_string-appserver.example.edu-testapp: <font size="+1">Testapp
> logout worked just fine.</font>
> app_logout_string-webmail.example.edu-webmail: <font size="+1">Webmail
> Logout Successful!</font>
>
> Thanks for the help ahead of time!
>
> Michael
> _______________________________________________
> pubcookie-users mailing list
> pubcookie-users at u.washington.edu
> http://mailman1.u.washington.edu/mailman/listinfo/pubcookie-users
>