FRED session at ICANN Brussels ? - Re: Problems when loging in to eppd from fred-client

24 Bře 2010

Jaromír,
I would like to find out if we can have a FRED technical session at the ICANN meeting in
Brussels this coming June.
Our Malawi .mw ccTLD registry is still very much interested in FRED and we would like to
see a full installation being made, operational and being used, if you can arrange such a
session. We believe ICANN in Brussels will be a very good opportunity for you to show
this to us and many other ccTLDs. A hands on session would be great.
Can you please confirm if you or any other technical person from the Czech .cz ccTLD
would be available in Brussels to run such a session?
Regards,
Paulos
======================
Dr Paulos B Nyirenda
.mw ccTLD
http://www.registrar.mw
On 23 Mar 2010 at 17:05, Jaromír Talír wrote:
...
  Hi Ernesto,
 sorry for late response. You mention the same problem as Petur has in
 his last post. Resolution should be the same.
 Regards,
 Jaromir
 Ernesto Pin píse v Ct 28. 01. 2010 v 16:56 -0200:
  Hi, I've been trying to connect to
fred-server from fred-client for a
 long time, but I'couldn not do so. I think that is all about
 certificates, because this procedures are not deeply explained in
 documentations. I would be very pleased if someone can tell me where
 to find the correct procedures.
 The procedure I followed to get certificates and keys, is this one:
      1. download CA.pl
      2. run ./CA.pl -new ca
      3. copy generated demoCA/cacert.pem
         to /usr/share/fred-mod-eppd/ssl/
      4. run ./CA.pl -newreq
      5. run CA.pl -sign
      6. move generated newcert.pem and newkey.pem
         to /usr/share/fred-mod-eppd/ssl/ and remove newreq.pem in
         CA.pl's directory
      7. run again CA.pl -newreq
      8. run again CA.pl -sign
      9. move generated cert and key to /usr/share/fred-mod-eppd/ssl/
 After that, I get client and mod-eppd configured to point these files,
 and run the following script to insert registrars into database:
 #!/bin/bash
 MD5=$(openssl x509 -in /usr/local/share/fred-client/ssl/newcert.pem
 -fingerprint -noout -md5)
 HANDLE=$1
 PASSWORD=$2
 NAME=$3
 psql -U fred fred << _EOF_
 INSERT INTO registrar (handle,name) VALUES ('${HANDLE}','${NAME}');
 INSERT INTO registraracl (registrarid,cert,password) VALUES
 (currval('registrar_id_seq'),'${MD5}','${PASSWORD}');
 _EOF_
 When starting apache, got this error.log:
 FRED:/home/fred# more /var/log/apache2/error.log
 [Wed Jan 27 17:44:07 2010] [warn] Init: Session Cache is not
 configured [hint: SSLSessionCache]
 [Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba
 version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31)
 [Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version
 2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30)
 [Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not
 set, using default.
 [Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd
 version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10)
 [Wed Jan 27 17:44:07 2010] [notice] mod_python: Creating 8 session
 mutexes based on 6 max processes and 25 max threads.
 [Wed Jan 27 17:44:07 2010] [notice] mod_python: using
 mutex_directory /tmp
 [Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba
 version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31)
 [Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version
 2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30)
 [Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not
 set, using default.
 [Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd
 version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10)
 [Wed Jan 27 17:44:07 2010] [notice] Apache/2.2.9 (Debian)
 mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g configured
 -- resuming normal operations
 Following this, configured fred-client to use the two inserted
 registrars to login. When running fred-client, input passphrase used
 to generate client's cert, and getting this output:
 FRED:/home/fred# fred-client
 Unsupported language code: 'es' in os.environ.LANG. Available codes
 are: cs, en. Set default to: 'en'.
 Enter PEM pass phrase:
 FredClient 2.2.0
 Type "help", "license" or "credits" for more information.
 Using configuration from /usr/local/etc/fred/fred-client.conf
 Connecting to localhost, port 700 ...
 ERROR: Login failed.
 Log information in fred-eppd log:
 FRED:/home/fred# more /var/log/fred/fred-eppd.log
 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Client
 connected
 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
 (epp-cmd hello)
 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
 ok
 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request
 received (length 700 bytes)
 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request
 content: <?xml version="1.0" encoding="utf-8"
standalone="no"?> <epp
 xmlns="urn:ietf:param
 s:xml:ns:epp-1.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
 epp-1.0.xsd"><command><login><clID
REG-EPIN</clID><pw>passwd</pw><options><version>1.0</version><lang>en</lang></options><

svcs><objURI>http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>ht
  
tp://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</
 objURI><objURI>http://www.nic.cz/xml/epp/keyset-1.3</objURI><svcExten
  
sion><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login
 ><clTRID>ncai001#10-01-27at17:58:09</clTRID></command></epp>
 > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Fingerprint
 > is: 07:A4:01:3E:56:77:C3:50:4B:84:0D:A8:E5:21:C7:2B
 > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
 > (epp-cmd login)
 > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
 > ok
 > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] after corba
 > call command saved login id is 0, login id is 0
 > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] (epp-cmd 2)
 > response code 2501: sleeping for 0 ms
 > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Response
 > content: <?xml version="1.0" encoding="UTF-8"?> <epp
 > xmlns="urn:ietf:params:xml:ns:epp-1.
 > 0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 > xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
 > epp-1.0.xsd"><response><result
code="2501"><msg>A
 > uthentication error; server closing
  
connection</msg></result><trID><clTRID>ncai001#10-01-27at17:58:09</clTRID><svTRID>ccReg-
 0000000019</svTRID></trID></respo
  nse></epp>
 [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Session
 ended
 Thanks in advance
 --
 Ernesto Pin
 _______________________________________________
 fred-users mailing list
 fred-users(a)lists.nic.cz
 https://lists.nic.cz/mailman/listinfo/fred-users 
 --
 Jaromir Talir
 technicky reditel / Chief Technical Officer
 -------------------------------------------
 CZ.NIC, z.s.p.o.  --    .cz domain registry
 Americka 23, 120 00 Praha 2, Czech Republic
 mailto:jaromir.talir@nic.cz  http://nic.cz/
 sip:jaromir.talir@nic.cz tel:+420.222745107
 mob:+420.739632712       fax:+420.222745112
 -------------------------------------------

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

FRED session at ICANN Brussels ? - Re: Problems when loging in to eppd from fred-client