Hi
I can´t get a public key for my Moodle network, the xlrpc is installed on CentOS5. Can anyone help? Thanks
You also need to install OpenSSL. Checkout http://docs.moodle.org search mnet.
Hi John
I think that it is also installed. In fact we had a key, but when we tried to renew (it was outdated) it dissapeared and we got the message you can see in the picture.
Thanks.
If it was working and now stopped, it is likely something has been removed.
A simple test from a shell prompt on the CentOS machine try a secure shell connection. "ssh [name or IP]. If you get a request to accept a key then you have OpenSSL is installed. If not the easiest way is to install the SSH server, it will pull OpenSSl in as a dependency.
The other reason that it may have failed is cURL is not installed or enabled in the php.ini
To check what you have and have not got as the Moodle Admin go to the Admin Panel >> Server >> Environment it will give you a complete list of what extensions are installed or missing.
From there we can proceed.
John
Hi John
We do not really manage the server, and just have a Plesk panel. The server is ours, we can ask for any change in the configuration, but we don't have a console (don't know how to use it ).
In the enviroment page it all seems to be OK. If you can tell us what to check, we will ask for it to our server's administrator... Thanks
Press the Delete button.
Hi Howard
Of course I have pressed the delete button... many times. As I told before, when we installed Moodle for the first time we got the key, the problem is that we can not renew it. This is happening in our 3 Moodle, installed in the same server (but different subdomains) (CentOS 5). It is just a curiosity, but we get exactly the same message when try to renew the key in a testing Moodle at Keytoschool.
Thanks.
Well... from bitter experience it's always worth asking.
OK... have you pressed the delete button with Debugging turned on??
I know it's a bit drastic, but deleting the entire contents (not the table itself) of mdl_mnet_host database table can sometimes clear things like this.
mysql> truncate mdl_mnet_host;
OK... have you pressed the delete button with Debugging turned on??
I know it's a bit drastic, but deleting the entire contents (not the table itself) of mdl_mnet_host database table can sometimes clear things like this.
mysql> truncate mdl_mnet_host;
Hi Howard
This is what we get with the debugging on:
Warning: openssl_pkey_new() [function.openssl-pkey-new]: private key length is too short; it needs to be at least 384 bits, not 0 in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 365
Warning: openssl_csr_new() [function.openssl-csr-new]: private key length is too short; it needs to be at least 384 bits, not 0 in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 366
Warning: openssl_csr_new() [function.openssl-csr-new]: Unable to generate a private key in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 366
Warning: openssl_csr_sign() [function.openssl-csr-sign]: cannot get CSR from parameter 1 in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 367
Warning: openssl_x509_export() [function.openssl-x509-export]: cannot get cert from parameter 1 in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 372
Warning: openssl_x509_free() expects parameter 1 to be resource, boolean given in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 373
Warning: openssl_pkey_export() [function.openssl-pkey-export]: cannot get key from parameter 1 in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 380
Warning: openssl_pkey_free() expects parameter 1 to be resource, boolean given in /var/www/vhosts/moodle.mysite.org/httpdocs/mnet/lib.php on line 382
The error messages are the same in our 3 Moodle sites. Any idea of the problem and how to fix it?
Thanks
Exactly what version/build of Moodle is this... and... do you happen to have set $CFG->opensslcnf to anything in your config.php file?
It is a 1.9.5+, but the message is exactly the same in the other two with 1.9.9+
The config.php is the default one, we don't have set anythig...
<?php /// Moodle Configuration File
unset($CFG);
$CFG->dbtype = 'mysql';
$CFG->dbhost = 'localhost';
$CFG->dbname = 'dname';
$CFG->dbuser = 'dbuser';
$CFG->dbpass = 'dbpass';
$CFG->dbpersist = false;
$CFG->prefix = 'mdl_';
$CFG->wwwroot = 'http://moodle.mysite.com:80';
$CFG->dirroot = '/var/www/vhosts/moodle.mysite.com/httpdocs';
$CFG->dataroot = '/var/www/vhosts/moodle.mysite.com/moodledata';
$CFG->admin = 'admin';
$CFG->directorypermissions = 00777; // try 02777 on a server in Safe Mode
$CFG->passwordsaltmain = 'salt_salt_salt';
require_once("$CFG->dirroot/lib/setup.php");
// MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES,
// RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE.
?>
Well, now I realize that we have set port 80 in the wwwroot... I've just checked the other two, and the config,php is similar, but without setting the port 80, so I think that is not the problem.
I wouldn't set port 80 - IIRC, this causes problems in some bits of Moodle and there's no benefit or need.
Are all these instances on the same host. I'm starting to think that a PHP issue is rather likely as opposed to something you have done or Moodle.
Who is the host?
Are all these instances on the same host. I'm starting to think that a PHP issue is rather likely as opposed to something you have done or Moodle.
Who is the host?
"Who is the host?" What do you mean? If you can suggest what to check, we'll discuss the host administrator to do so. Thanks Howard.
Hummm, this looks like the system openssl.cnf file has and incorrect value for the private key length (which is probably due to a missing openssl.cnf file).
I'm attaching a minimal openssl.cnf file to this post. Download it and put it in your ..../moodle/mnet directory, and then add the following line to your config.php file:
$CFG->opensslcnf = $CFG->dirroot . '/mnet/openssl.cnf';
If this works (and it does in my local test install) I'm going to make a patch for mnet/lib.php so it doesn't rely on system's openssl.cnf and use a minimal openssl.cnf file that is part of Moodle (so we don't even need $CFG->opensslcnf at all).
Saludos. Iñaki.
+1 for adding an internal Openssl.cnf - although it would be nice to wrap it around a check to see
1. if already set in CFG and to use that version (possibly also using a check to see if that file actually exists)
2. if theres some other nice check to see if there's a server copy that is available to openssl.
go Iñaki go!
Hi Dan,
I'm a bit confused with your proposal
The way I see it we add an internal openssl.cnf file not to depend on external instances of the file and external configurations.
This way we don't need people to be aware of differences between properly configured systems and those that aren't. What's more, they don't even need to know the right path to the file (which can vary substantially from site to site, even on Linux/Unix hosts).
And even as importantly, we can choose the most sensible parameters for our particular use, instead of relying on unknown external default settings. Want 4096 bits instead of 1024 for the private key? Go for it. Want SHA256 or even SHA512 for our digital signatures insted of SHA1? Go for it.
Why do you propose that we check those additional external files? (surely you have a good reason for it, I just don't get it)
Saludos.
Iñaki.
I'm a bit confused with your proposal
This way we don't need people to be aware of differences between properly configured systems and those that aren't. What's more, they don't even need to know the right path to the file (which can vary substantially from site to site, even on Linux/Unix hosts).
And even as importantly, we can choose the most sensible parameters for our particular use, instead of relying on unknown external default settings. Want 4096 bits instead of 1024 for the private key? Go for it. Want SHA256 or even SHA512 for our digital signatures insted of SHA1? Go for it.
Why do you propose that we check those additional external files? (surely you have a good reason for it, I just don't get it
Saludos.
Iñaki.
U r great Iñaki, it works fine. I´ve attached the openssl.cnf file because Iñaki forgot it, but uploaded it at the Spanish forum...
Thanks a lot, really... and also
go Iñaki, go!!!
Hi all,
Someone can help me, I´m using moodle 2.0 RC2 in a windows server 2008, with wamp, I have tried this steps but still not working.
This is my config.php
<?php // Moodle configuration file
unset($CFG);
global $CFG;
$CFG = new stdClass();
$CFG->dbtype = 'mysqli';
$CFG->dblibrary = 'native';
$CFG->dbhost = 'localhost';
$CFG->dbname = 'moodle';
$CFG->dbuser = 'root';
$CFG->dbpass = '';
$CFG->prefix = 'mdl_';
$CFG->dboptions = array (
'dbpersist' => 0,
);
$CFG->opensslcnf = '';$CFG->dirroot . '/mnet/openssl.cnf';
$CFG->wwwroot = 'http://192.168.10.39/moodle';
$CFG->dataroot = 'C:\\wamp\\moodledata';
$CFG->admin = 'admin';$CFG->directorypermissions = 0777;
$CFG->passwordsaltmain = '(xxxxxxxxxx';
require_once(dirname(__FILE__) . '/lib/setup.php');
// There is no php closing tag in this file,
// it is intentional because it prevents trailing whitespace problems!
I´m getting this error "Notice: Undefined property: stdClass::$dirroot in C:\wamp\www\moodle\config.php on line 17"
It looks like 2.0 produces a different config.php file than 1.9.x and below. Just use this other line in config.php:
$CFG->opensslcnf = dirname(__FILE__).'/mnet/openssl.cnf';
By the way, 2.0 final release is out already . Running a release candidate doesn't make much sense now
Saludos. Iñaki.
Thank you Iñaki, you´r great !
I´m only using the RC2 about 2 months to test, to production i´m gone install the latest version.
Once again thank you,
Cumprimentos de Portugal
hi INAKI,
i want the openssl.cnf file you have attached with the forum NO PUBLIC KEY.
THANKS IN ADVANCE.