24 Bře
2010
24 Bře
'10
8:58
Jaromír,
I would like to find out if we can have a FRED technical session at the ICANN meeting in
Brussels this coming June.
Our Malawi .mw ccTLD registry is still very much interested in FRED and we would like to
see a full installation being made, operational and being used, if you can arrange such a
session. We believe ICANN in Brussels will be a very good opportunity for you to show
this to us and many other ccTLDs. A hands on session would be great.
Can you please confirm if you or any other technical person from the Czech .cz ccTLD
would be available in Brussels to run such a session?
Regards,
Paulos
======================
Dr Paulos B Nyirenda
.mw ccTLD
http://www.registrar.mw
On 23 Mar 2010 at 17:05, Jaromír Talír wrote:
Hi Ernesto,
sorry for late response. You mention the same problem as Petur has in
his last post. Resolution should be the same.
Regards,
Jaromir
Ernesto Pin píse v Ct 28. 01. 2010 v 16:56 -0200:
tp://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</
objURI><objURI>http://www.nic.cz/xml/epp/keyset-1.3</objURI><svcExten
sion><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login
><clTRID>ncai001#10-01-27at17:58:09</clTRID></command></epp>
> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Fingerprint
> is: 07:A4:01:3E:56:77:C3:50:4B:84:0D:A8:E5:21:C7:2B
> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
> (epp-cmd login)
> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
> ok
> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] after corba
> call command saved login id is 0, login id is 0
> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] (epp-cmd 2)
> response code 2501: sleeping for 0 ms
> [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Response
> content: <?xml version="1.0" encoding="UTF-8"?> <epp
> xmlns="urn:ietf:params:xml:ns:epp-1.
> 0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
> epp-1.0.xsd"><response><result
code="2501"><msg>A
> uthentication error; server closing
connection</msg></result><trID><clTRID>ncai001#10-01-27at17:58:09</clTRID><svTRID>ccReg-
0000000019</svTRID></trID></respo
Hi, I've been trying to connect to
fred-server from fred-client for a
long time, but I'couldn not do so. I think that is all about
certificates, because this procedures are not deeply explained in
documentations. I would be very pleased if someone can tell me where
to find the correct procedures.
The procedure I followed to get certificates and keys, is this one:
1. download CA.pl
2. run ./CA.pl -new ca
3. copy generated demoCA/cacert.pem
to /usr/share/fred-mod-eppd/ssl/
4. run ./CA.pl -newreq
5. run CA.pl -sign
6. move generated newcert.pem and newkey.pem
to /usr/share/fred-mod-eppd/ssl/ and remove newreq.pem in
CA.pl's directory
7. run again CA.pl -newreq
8. run again CA.pl -sign
9. move generated cert and key to /usr/share/fred-mod-eppd/ssl/
After that, I get client and mod-eppd configured to point these files,
and run the following script to insert registrars into database:
#!/bin/bash
MD5=$(openssl x509 -in /usr/local/share/fred-client/ssl/newcert.pem
-fingerprint -noout -md5)
HANDLE=$1
PASSWORD=$2
NAME=$3
psql -U fred fred << _EOF_
INSERT INTO registrar (handle,name) VALUES ('${HANDLE}','${NAME}');
INSERT INTO registraracl (registrarid,cert,password) VALUES
(currval('registrar_id_seq'),'${MD5}','${PASSWORD}');
_EOF_
When starting apache, got this error.log:
FRED:/home/fred# more /var/log/apache2/error.log
[Wed Jan 27 17:44:07 2010] [warn] Init: Session Cache is not
configured [hint: SSLSessionCache]
[Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba
version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31)
[Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version
2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30)
[Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not
set, using default.
[Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd
version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10)
[Wed Jan 27 17:44:07 2010] [notice] mod_python: Creating 8 session
mutexes based on 6 max processes and 25 max threads.
[Wed Jan 27 17:44:07 2010] [notice] mod_python: using
mutex_directory /tmp
[Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba
version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31)
[Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version
2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30)
[Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not
set, using default.
[Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd
version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10)
[Wed Jan 27 17:44:07 2010] [notice] Apache/2.2.9 (Debian)
mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g configured
-- resuming normal operations
Following this, configured fred-client to use the two inserted
registrars to login. When running fred-client, input passphrase used
to generate client's cert, and getting this output:
FRED:/home/fred# fred-client
Unsupported language code: 'es' in os.environ.LANG. Available codes
are: cs, en. Set default to: 'en'.
Enter PEM pass phrase:
FredClient 2.2.0
Type "help", "license" or "credits" for more information.
Using configuration from /usr/local/etc/fred/fred-client.conf
Connecting to localhost, port 700 ...
ERROR: Login failed.
Log information in fred-eppd log:
FRED:/home/fred# more /var/log/fred/fred-eppd.log
[27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Client
connected
[27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
(epp-cmd hello)
[27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
ok
[27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request
received (length 700 bytes)
[27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request
content: <?xml version="1.0" encoding="utf-8"
standalone="no"?> <epp
xmlns="urn:ietf:param
s:xml:ns:epp-1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
epp-1.0.xsd"><command><login><clID
REG-EPIN</clID><pw>passwd</pw><options><version>1.0</version><lang>en</lang></options><
svcs><objURI>http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>ht
nse></epp>
[27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Session
ended
Thanks in advance
--
Ernesto Pin
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users
--
Jaromir Talir
technicky reditel / Chief Technical Officer
-------------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Americka 23, 120 00 Praha 2, Czech Republic
mailto:jaromir.talir@nic.cz http://nic.cz/
sip:jaromir.talir@nic.cz tel:+420.222745107
mob:+420.739632712 fax:+420.222745112
-------------------------------------------