2010/3/24 Dr Paulos Nyirenda
<paulos@sdnp.org.mw>
Jaromír,
I would like to find out if we can have a FRED technical session at the ICANN meeting in
Brussels this coming June.
Our Malawi .mw ccTLD registry is still very much interested in FRED and we would like to
see a full installation being made, operational and being used, if you can arrange such a
session. We believe ICANN in Brussels will be a very good opportunity for you to show
this to us and many other ccTLDs. A hands on session would be great.
I have yet to see FRED install without any technical glitches. Thats the main issue I have with FRED. It does not work cleanly out of the box. Even the bootable cdroms have issues.
regards
joe baptista
Can you please confirm if you or any other technical person from the Czech .cz ccTLD
would be available in Brussels to run such a session?
Regards,
Paulos
======================
Dr Paulos B Nyirenda
.mw ccTLD
http://www.registrar.mw
On 23 Mar 2010 at 17:05, Jaromír Talír wrote:
> Hi Ernesto,
> sorry for late response. You mention the same problem as Petur has in
> his last post. Resolution should be the same.
>
> Regards,
> Jaromir
>
> Ernesto Pin píse v Ct 28. 01. 2010 v 16:56 -0200:
> > Hi, I've been trying to connect to fred-server from fred-client for a
> > long time, but I'couldn not do so. I think that is all about
> > certificates, because this procedures are not deeply explained in
> > documentations. I would be very pleased if someone can tell me where
> > to find the correct procedures.
> >
> > The procedure I followed to get certificates and keys, is this one:
> > 1. download CA.pl
> > 2. run ./CA.pl -new ca
> > 3. copy generated demoCA/cacert.pem
> > to /usr/share/fred-mod-eppd/ssl/
> > 4. run ./CA.pl -newreq
> > 5. run CA.pl -sign
> > 6. move generated newcert.pem and newkey.pem
> > to /usr/share/fred-mod-eppd/ssl/ and remove newreq.pem in
> > CA.pl's directory
> > 7. run again CA.pl -newreq
> > 8. run again CA.pl -sign
> > 9. move generated cert and key to /usr/share/fred-mod-eppd/ssl/
> > After that, I get client and mod-eppd configured to point these files,
> > and run the following script to insert registrars into database:
> >
> > #!/bin/bash
> > MD5=$(openssl x509 -in /usr/local/share/fred-client/ssl/newcert.pem
> > -fingerprint -noout -md5)
> > HANDLE=$1
> > PASSWORD=$2
> > NAME=$3
> > psql -U fred fred << _EOF_
> > INSERT INTO registrar (handle,name) VALUES ('${HANDLE}','${NAME}');
> > INSERT INTO registraracl (registrarid,cert,password) VALUES
> > (currval('registrar_id_seq'),'${MD5}','${PASSWORD}');
> > _EOF_
> >
> >
> > When starting apache, got this error.log:
> >
> > FRED:/home/fred# more /var/log/apache2/error.log
> >
> > [Wed Jan 27 17:44:07 2010] [warn] Init: Session Cache is not
> > configured [hint: SSLSessionCache]
> > [Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba
> > version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31)
> > [Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version
> > 2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30)
> > [Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not
> > set, using default.
> > [Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd
> > version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10)
> > [Wed Jan 27 17:44:07 2010] [notice] mod_python: Creating 8 session
> > mutexes based on 6 max processes and 25 max threads.
> > [Wed Jan 27 17:44:07 2010] [notice] mod_python: using
> > mutex_directory /tmp
> > [Wed Jan 27 17:44:07 2010] [notice] mod_corba started (mod_corba
> > version 1.3.0, SVN revision unknown, BUILT Jan 18 2010 19:11:31)
> > [Wed Jan 27 17:44:07 2010] [notice] mod_eppd started (mod_eppd version
> > 2.2.0, SVN revision unknown, BUILT Jan 18 2010 19:13:30)
> > [Wed Jan 27 17:44:07 2010] [warn] mod_whoisd: whoisd disclaimer not
> > set, using default.
> > [Wed Jan 27 17:44:07 2010] [notice] mod_whoisd started (mod_whoisd
> > version 3.1.1, SVN revision unknown, BUILT Jan 18 2010 19:15:10)
> > [Wed Jan 27 17:44:07 2010] [notice] Apache/2.2.9 (Debian)
> > mod_python/3.3.1 Python/2.5.2 mod_ssl/2.2.9 OpenSSL/0.9.8g configured
> > -- resuming normal operations
> >
> > Following this, configured fred-client to use the two inserted
> > registrars to login. When running fred-client, input passphrase used
> > to generate client's cert, and getting this output:
> >
> > FRED:/home/fred# fred-client
> > Unsupported language code: 'es' in os.environ.LANG. Available codes
> > are: cs, en. Set default to: 'en'.
> > Enter PEM pass phrase:
> > FredClient 2.2.0
> > Type "help", "license" or "credits" for more information.
> >
> > Using configuration from /usr/local/etc/fred/fred-client.conf
> > Connecting to localhost, port 700 ...
> > ERROR: Login failed.
> >
> > Log information in fred-eppd log:
> >
> > FRED:/home/fred# more /var/log/fred/fred-eppd.log
> >
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Client
> > connected
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
> > (epp-cmd hello)
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
> > ok
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request
> > received (length 700 bytes)
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] request
> > content: <?xml version="1.0" encoding="utf-8" standalone="no"?> <epp
> > xmlns="urn:ietf:param
> > s:xml:ns:epp-1.0"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
> > epp-1.0.xsd"><command><login><clID
> >
> >REG-EPIN</clID><pw>passwd</pw><options><version>1.0</version><lang>en</lang></options><
> svcs><objURI>http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>ht
> >
> tp://www.nic.cz/xml/epp/nsset-1.2</objURI><objURI>http://www.nic.cz/xml/epp/domain-1.4</
> objURI><objURI>http://www.nic.cz/xml/epp/keyset-1.3</objURI><svcExten
> >
> sion><extURI>http://www.nic.cz/xml/epp/enumval-1.2</extURI></svcExtension></svcs></login
> ><clTRID>ncai001#10-01-27at17:58:09</clTRID></command></epp>
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Fingerprint
> > is: 07:A4:01:3E:56:77:C3:50:4B:84:0D:A8:E5:21:C7:2B
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
> > (epp-cmd login)
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Corba call
> > ok
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] after corba
> > call command saved login id is 0, login id is 0
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] (epp-cmd 2)
> > response code 2501: sleeping for 0 ms
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Response
> > content: <?xml version="1.0" encoding="UTF-8"?> <epp
> > xmlns="urn:ietf:params:xml:ns:epp-1.
> > 0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0
> > epp-1.0.xsd"><response><result code="2501"><msg>A
> > uthentication error; server closing
> >
> connection</msg></result><trID><clTRID>ncai001#10-01-27at17:58:09</clTRID><svTRID>ccReg-
> 0000000019</svTRID></trID></respo
> > nse></epp>
> > [27/Jan/2010:17:58:09 --0200] 127.0.0.1 [sessionID 408120] Session
> > ended
> >
> > Thanks in advance
> >
> > --
> > Ernesto Pin
> > _______________________________________________
> > fred-users mailing list
> > fred-users@lists.nic.cz
> > https://lists.nic.cz/mailman/listinfo/fred-users
>
> --
> Jaromir Talir
> technicky reditel / Chief Technical Officer
> -------------------------------------------
> CZ.NIC, z.s.p.o. -- .cz domain registry
> Americka 23, 120 00 Praha 2, Czech Republic
> mailto:jaromir.talir@nic.cz http://nic.cz/
> sip:jaromir.talir@nic.cz tel:+420.222745107
> mob:+420.739632712 fax:+420.222745112
> -------------------------------------------
>
_______________________________________________
fred-users mailing list
fred-users@lists.nic.cz
https://lists.nic.cz/mailman/listinfo/fred-users