fred-users Březen 2010

fred-users@lists.nic.cz

8 participants
4 discussions

Problems when loging in to eppd from fred-client

by Ernesto Pin

Hi, I've been trying to connect to fred-server from fred-client for a long time, but I'couldn not do so. I think that is all about certificates, because this procedures are not deeply explained in documentations. I would be very pleased if someone can tell me where to find the correct procedures. The procedure I followed to get certificates and keys, is this one: 1. download CA.pl 2. run ./CA.pl -new ca 3. copy generated demoCA/cacert.pem to /usr/share/fred-mod-eppd/ssl/ 4. run ./CA.pl -newreq 5. run CA.pl -sign 6. move generated newcert.pem and newkey.pem to /usr/share/fred-mod-eppd/ssl/ and remove newreq.pem in CA.pl's directory 7. run again CA.pl -newreq 8. run again CA.pl -sign 9. move generated cert and key to /usr/share/fred-mod-eppd/ssl/ After that, I get client and mod-eppd configured to point these files, and run the following script to insert registrars into database: *#!/bin/bash MD5=$(openssl x509 -in /usr/local/share/fred-client/ssl/newcert.pem -fingerprint -noout -md5) HANDLE=$1 PASSWORD=$2 NAME=$3 psql -U fred fred << _EOF_ INSERT INTO registrar (handle,name) VALUES ('${HANDLE}','${NAME}'); INSERT INTO registraracl (registrarid,cert,password) VALUES (currval('registrar_id_seq'),'${MD5}','${PASSWORD}'); _EOF_ * When starting apache, got this error.log: FRED:/home/fred# more /var/log/apache2/error.log * [Wed Jan 27 17:44:07 2010] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31) [Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version 2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30) [Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not set, using default. [Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10) [Wed Jan 27 17:44:07 2010] [notice] mod_python: Creating 8 session mutexes based on 6 max processes and 25 max threads. [Wed Jan 27 17:44:07 2010] [notice] mod_python: using mutex_directory /tmp [Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31) [Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version 2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30) [Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not set, using default. [Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10) [Wed Jan 27 17:44:07 2010] [notice] Apache/2.2.9 (Debian) mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g configured -- resuming normal operations* Following this, configured fred-client to use the two inserted registrars to login. When running fred-client, input passphrase used to generate client's cert, and getting this output: *FRED:/home/fred# fred-client Unsupported language code: 'es' in os.environ.LANG. Available codes are: cs, en. Set default to: 'en'. Enter PEM pass phrase: FredClient 2.2.0 Type "help", "license" or "credits" for more information. Using configuration from /usr/local/etc/fred/fred-client.conf Connecting to localhost, port 700 ... ERROR: Login failed. *Log information in fred-eppd log:* FRED:/home/fred# more /var/log/fred/fred-eppd.log [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Client connected [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call (epp-cmd hello) [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call ok [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request received (length 700 bytes) [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request content: <?xml version="1.0" encoding="utf-8" standalone="no"?> <epp xmlns="urn:ietf:param s:xml:ns:epp-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"><command><login><clID >REG-EPIN</clID><pw>passwd</pw><options><version>1.0</version><lang>en</lang></options><svcs><objURI> http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>ht tp://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI> http://www.nic.cz/xml/epp/domain-1.4</objURI><objURI> http://www.nic.cz/xml/epp/keyset-1.3</objURI><svcExten sion><extURI>http://www.nic.cz/xml/epp/enumval-1.2 </extURI></svcExtension></svcs></login><clTRID>ncai001#10-01-27at17:58:09</clTRID></command></epp> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Fingerprint is: 07:A4:01:3E:56:77:C3:50:4B:84:0D:A8:E5:21:C7:2B [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call (epp-cmd login) [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call ok [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] after corba call command saved login id is 0, login id is 0 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] (epp-cmd 2) response code 2501: sleeping for 0 ms [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Response content: <?xml version="1.0" encoding="UTF-8"?> <epp xmlns="urn:ietf:params:xml:ns:epp-1. 0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd"><response><result code="2501"><msg>A uthentication error; server closing connection</msg></result><trID><clTRID>ncai001#10-01-27at17:58:09</clTRID><svTRID>ccReg-0000000019</svTRID></trID></respo nse></epp> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Session ended* Thanks in advance -- Ernesto Pin

14 let, 6 měsíců

Credit Information

by Georg Kahest

Hello! The EPP 'credit_info' command returns credit information. Does this give current credit balance for current use ? How can i credit one user/registrar manualy not from bank, is there command for that or i can do it directly from db at first glance i didnot notice field what would offer that kind of functionality in db. Georg

14 let, 9 měsíců

fred irc

by Georg Kahest

Hello list! I was wondering is there any IRC channel where people using FRED come together ? Georg

14 let, 9 měsíců

min allowed period

by Petur Kirke

i have now changed ex_period_min in table zone to 1, and then i tried to renew one domain only 1 month, which is what i want to do:REG-FO@localhost> renew_domain uttu.fo 2011-03-10 (1 m)Do you really want to send this command to the server? (y/N): yERROR: Parameter value policy errorReason: period is not aligned with allowed step.Is it not possible in Fred to renew only 1 month ? Can anyone help ?regardsPeter -----------------------------------------------------------------------------------------------------------In table 'zone' are columns ex_period_max and ex_period_min. But I'm not sure about granularity. Maybe ex_period_min is also granularity. Dont know. v. Petur Kirke wrote: > REG-FO at localhost> renew_domain hus.fo 2009-12-04 (6 m) > Do you really want to send this command to the server? (y/N): y > ERROR: Parameter value policy error > Reason: period is not aligned with allowed step. > > Is it possible to allow this ? and how ?

14 let, 9 měsíců

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

fred-users Březen 2010