Moodle 2 - Missing Public Key

Moodle 2 - Missing Public Key

by Fred Weiss -
Number of replies: 14

Using Windows 2008 R2, IIS 7.5, SQL 2008 and can get no public key to generate.  This happens on two servers with same configuration.

I have a windows 2003, IIS 6.0 SQL 2005 server with publick key working.

On the Moodle 2 servers where it is not working I have;

added the q:\php directory to the path

set an system enviromental variable OPENSSL_CONF q:\php\extras\openssl\openssl.cnf

added the line $CFG->opensslcnf = 'Q:\php\extras\openssl\openssl.cnf'; to config.php

CURL is enabled, XLMRPC is enabled, OPENSSL is enabled in php.ini

I tried deleting mnet_localhost_id but this actually prevented the administrator from logging in.  I tried changing the value of mnet_localhost_id this had no effect.

I have debugging turned on but no errors are generated.

Below is what the screen looks like.  Any ideas would be appreciated.

Public Key Screenshot

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by Christoph Ackermann -

I currently have the same problem, with a pretty much equal setup.

Some additional infos:
-I also have mahara on the same system using the same PHP. And mahara is able to generat a key. So the OpenSSL extension of PHP is ok.
-yesterday I updated from moodle 2.0.1 to 2.0.3+ I had the mahoodle integration running before. So maybe it's a problem with the 2.0.3+ release, maybe it's just a coincidence.
-the PHP error log simpy shows this message: "[01-Jun-2011 10:48:43] Can not generate keypair, sorry"

Average of ratings: -
In reply to Christoph Ackermann

Re: Moodle 2 - Missing Public Key

by Christoph Ackermann -

some more infos:
I have two systems (production and test). Now I copied the complete production system (moodle-directory, moodledata-directory, database, php-directory) to the test server
-production: keypair generation does not work.
-test: the generation works without a problem.

->The moodle-system is identical (moodle-directory, moodledata-directory, database)
->php-directory is identical
->environment variables are identical
->user-privileges are identical

Does anybody have an idea where to continue troubleshooting?

Average of ratings: -
In reply to Christoph Ackermann

Re: Moodle 2 - Missing Public Key

by Christoph Ackermann -

ok, I found a solution -> restart the computer. I guess this is necessary for moodle and PHP to see the changes in the system environment variables

Average of ratings: -
In reply to Christoph Ackermann

Re: Moodle 2 - Missing Public Key

by Fred Weiss -

Unfortunately I had already restarted my computer more than once.  Still no joy on generating a key.  No PHP error message in the syslog either.

Is there anything else I could have missed?

Thanks

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by Christoph Ackermann -

It's strange, that there's nothing in the PHP-log. OpenSSL generates a message if it works and also if it doesn't work. Maybe somethings wrong with your log-settings?
When you go to site administration -> server -> environment, is OpenSSL also ok?

I also read something about the environment variable SSLEAY_CONF that should point to openssl.cnf. I'm not sure if that's true, but you can give it a try.

You can also check if this thread helps you: http://mahara.org/interaction/forum/topic.php?id=625
It's for mahara instead of moodle, but that shouldn't make a difference...

Average of ratings: -
In reply to Christoph Ackermann

Re: Moodle 2 - Missing Public Key

by Fred Weiss -

I have both OPENSSL_CONF  & SSLEA_CONF variable setup.

If I try where openssl command it points to the correct directory.

If ai start openssl at the command line it starts and I can generate a RSA key. (see below)

I am getting lots of errors in my PHP error_log but none pertaining to OPENSSL.

I think I have run out of ideas and don't know enough about openssl to get any further.

So any ideas appreciated.

 

OPENSSL

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by John Andrewartha -

You may find the following WIKI entry is of help.

http://docs.moodle.org/20/en/Moodle_Network_FAQ

Note the section Moodle does not generate a key.

Add the variable as described.

 

John

Average of ratings: -
In reply to John Andrewartha

Re: Moodle 2 - Missing Public Key

by Fred Weiss -

I finally got mnet working for a clean install of Moodle 2.  However I still haven't been able to get it going for the Migrated 1.9 server.  I do now however have an error message.

It seems to say a new public key has been generated although none is displayed then when I try to delete I get the bottom print_error() and a 404 error is displayed in the browser.

Thanks for your ideas so far hopefully someone has another.

[17-Jun-2011 09:40:40] New public key has been generated. It expires 2011/07/15 08:40:40

[17-Jun-2011 09:40:42] New public key has been generated. It expires 2011/07/15 08:40:42

[17-Jun-2011 09:40:42] Default exception handler: An error has occurred. If you were not trying to delete your server's SSL key, it is possible you have been the subject of a malicious attack. No action has been taken. Debug:

*line 429 of \lib\setuplib.php: moodle_exception thrown

* line 74 of \admin\mnet\index.php: call to print_error()

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by John Andrewartha -

You where the Moode admin when you tried to change the key?

The line with "If you were not trying to delete your server's SSL key, it is possible you have been the subject of a malicious attack." Suggests otherwise.

If it was not the reason there may be a bug.  You will need your Moodle version.   As admin go to Site Admin > Notifications  where you will find something like " Moodle 2.0.2+ (Build: 20110406)", the version number.

From there we can look in the tracker for know issues and Mnet.

Average of ratings: -
In reply to John Andrewartha

Re: Moodle 2 - Missing Public Key

by Fred Weiss -

Thanks for the response.  In answer to your questions.

1. Yes I was logged in as Moodle Admin.

2. I actually updated Moodle to the latest build last week to see if this helped. We are now on.

Moodle 2.0.3+ (Build: 20110609)

and as mentioned Windows 2008 R2, IIS 7.5 Fastcgi, MS-SQL 2008, PHP 5.3.6

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by Fred Weiss -

I found this tracker entry http://tracker.moodle.org/browse/MDL-16561

When I looked in the mnet_host table there was not entry for the local site only the remote site.

I can add an entry manually via SQL including a public_key and then see it in admin -> networking -> settings

However, the id of the entry does not match the mnet_localhost_id value in mdl_config table so it still does not really work.

I cannot set the mnet_host id value manually and if I change the mnet_localhost_id to match it no-one can login.

Anymore ideas appreciated.

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by jason goodwin -

Adding the entry in CONFIG.PHP worked for my setup:

$CFG->opensslcnf = 'C:\Program Files (x86)\PHP\v5.3.6\extras\openssl\openssl.cnf';

(DEV on my workstation) Win7, IIS 7.5 Fastcgi, MS-SQL 2008 R2, PHP 5.3.6

Average of ratings: -
In reply to jason goodwin

Re: Moodle 2 - Missing Public Key

by Fred Weiss -

Thanks Jason but had added that CFG setting early on.

Finally fixed it by modifying the database directly. 

Had to change the mnet_localhost_id in the config_table and in the mdl_user table so they were the same as the mnet_host table.

This is because when I migrated we moved physical servers and changed the URL so it make sense that the mnet_localhost_id did change.

Average of ratings: -
In reply to Fred Weiss

Re: Moodle 2 - Missing Public Key

by Kevin Saunders -

I had the same problem, missing public key.

I found that I had to set the environment variable OPENSSL_CONF in the advanced settings tab of system properties.

I also set $CFG->opensslcnf in the config.php file.

It refused to work.

What I needed to do was set the OPENSSL_CONF only and NOT set the $CFG->opensslcnf variable.

Once I did that, I managed to generate the public keys

Average of ratings: -