Failed to Create public.pem on OSX Lion
83 views
Skip to first unread message
Kevin Wheelock
Feb 20, 2014, 12:23:46 AM2/20/14
to sage-s...@googlegroups.com
Hi all,
I compiled 6.1.1 on OSX Lion. The compile went flawlessly. I did
I compiled 6.1.1 on OSX Lion. The compile went flawlessly. I did
./sage -i openssl make ssl
My goal is to run a Sage server. I issued the command
sage: notebook(interface='', ulimit='-v 500000',accounts=True,automatic_login=False, secure=True)
notebook().setup ran automatically. It successfully created cert.cfg and private.pem, but did not create public.pem. And that (eventually) caused the server to fail:
Failed to load application: [Errno 2] No such file or directory: '/Users/wheelock/.sage/notebook/public.pem'
I can run the server in unsecured mode, works great.
Can anyone shed any light on this? Any tests I could run, or perhaps a fix?
The complete transcript is pasted below.
Thanks much in advance!
Cheers,
K.
----------------------------------------------------------------
sage: sage: notebook(interface='', ulimit='-v 500000',accounts=True,automatic_login=False, secure=True)
The notebook files are stored in: sage_notebook.sagenb
In order to use an SECURE encrypted notebook, you must first run notebook.setup().
Now running notebook.setup()
Domain name [localhost]: kwheelock.info
Using openssl to generate key
openssl genrsa 1024 > /Users/wheelock/.sage/notebook/private.pem
WARNING: can't open config file: /Users/wheelock/Apps/sage-6.1.1/local/openssl/openssl.cnf
Generating RSA private key, 1024 bit long modulus
..++++++
....................++++++
e is 65537 (0x10001)
certtool --generate-self-signed --template /Users/wheelock/.sage/notebook/cert.cfg --load-privkey /Users/wheelock/.sage/notebook/private.pem --outfile /Users/wheelock/.sage/notebook/public.pem
usage:
Create a keypair and cert: certtool c [options]
Create a CSR: certtool r outFileName [options]
Verify a CSR: certtool v infileName [options]
Create a system Identity: certtool C domainName [options]
Import a certificate: certtool i inFileName [options]
Display a certificate: certtool d inFileName [options]
Import a CRL: certtool I inFileName [options]
Display a CRL: certtool D inFileName [options]
Display certs and CRLs in keychain: certtool y [options]
Options:
k=keychainName
c (create the keychain)
p=passphrase (specify passphrase at keychain creation)
o=outFileName (create cert command only)
v (verbose)
d (infile/outfile in DER format; default is PEM)
r=privateKeyFileName (optional; for Import Certificate only)
f=[18fo] (private key format = PKCS1/PKCS8/FIPS186; default is PKCS1
(openssl) for RSA, openssl for DSA, PKCS8 for Diffie-Hellman,
OpenSSL for ECDSA
x=[asSm] (Extended Key Usage: a=Any; s=SSL Client; S=SSL Server; m=SMIME)
a (create key with default ACL)
u (create key with ACL limiting access to current UID)
P (Don't create system identity if one already exists for specified domain)
h(elp)
Successfully configured notebook.
Failed to setup notebook. Please try notebook.setup() again manually.
┌──────────────────────────────────────────────────┐
│ │
│ Open your web browser to https://localhost:8080 │
│ │
└──────────────────────────────────────────────────┘
There is an admin account. If you do not remember the password,
quit the notebook and type notebook(reset=True).
Executing twistd --pidfile="sage_notebook.sagenb/sagenb.pid" -ny "sage_notebook.sagenb/twistedconf.tac"
/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.
_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
Unhandled Error
Traceback (most recent call last):
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/application/app.py", line 642, in run
runApp(config)
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/scripts/twistd.py", line 23, in runApp
_SomeApplicationRunner(config).run()
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/application/app.py", line 376, in run
self.application = self.createOrGetApplication()
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/application/app.py", line 441, in createOrGetApplication
application = getApplication(self.config, passphrase)
--- <exception caught here> ---
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/application/app.py", line 452, in getApplication
application = service.loadApplication(filename, style, passphrase)
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/application/service.py", line 405, in loadApplication
application = sob.loadValueFromFile(filename, 'application', passphrase)
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/persisted/sob.py", line 210, in loadValueFromFile
exec fileObj in d, d
File "sage_notebook.sagenb/twistedconf.tac", line 80, in <module>
s = strports.service('ssl:8080:interface=:privateKey=/Users/wheelock/.sage/notebook/private.pem:certKey=/Users/wheelock/.sage/notebook/public.pem', site)
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/application/strports.py", line 77, in service
endpoints._serverFromStringLegacy(reactor, description, default),
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/internet/endpoints.py", line 1393, in _serverFromStringLegacy
nameOrPlugin, args, kw = _parseServer(description, None, default)
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/internet/endpoints.py", line 1384, in _parseServer
return (endpointType.upper(),) + parser(factory, *args[1:], **kw)
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/internet/endpoints.py", line 1107, in _parseSSL
certPEM = FilePath(certKey).getContent()
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/python/filepath.py", line 287, in getContent
fp = self.open()
File "/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/Twisted-13.2.0-py2.7-macosx-10.7-x86_64.egg/twisted/python/filepath.py", line 828, in open
return open(self.path, mode + 'b')
exceptions.IOError: [Errno 2] No such file or directory: '/Users/wheelock/.sage/notebook/public.pem'
Failed to load application: [Errno 2] No such file or directory: '/Users/wheelock/.sage/notebook/public.pem'
---------------------------------------------------------------------------
error Traceback (most recent call last)
<ipython-input-1-37a87ab79ab1> in <module>()
----> 1 notebook(interface='', ulimit='-v 500000',accounts=True,automatic_login=False, secure=True)
/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/sage/misc/lazy_import.so in sage.misc.lazy_import.LazyImport.__call__ (sage/misc/lazy_import.c:2550)()
/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/sagenb-0.10.8.2-py2.7.egg/sagenb/notebook/notebook_object.py in __call__(self, *args, **kwds)
226 """
227 def __call__(self, *args, **kwds):
--> 228 return self.notebook(*args, **kwds)
229
230 notebook = run_notebook.notebook_run
/Users/wheelock/Apps/sage/local/lib/python2.7/site-packages/sagenb-0.10.8.2-py2.7.egg/sagenb/notebook/run_notebook.py in notebook_run(self, directory, port, interface, port_tries, secure, reset, accounts, openid, server_pool, ulimit, timeout, doc_timeout, upload, automatic_login, start_path, fork, quiet, server, profile, subnets, require_login, open_viewer, address)
630 os.chdir(cwd)
631 if e == 256:
--> 632 raise socket.error
633
634 def get_admin_passwd():
error:
----------------------------------------------------------------
Dima Pasechnik
May 12, 2015, 9:44:26 AM5/12/15
to sage-s...@googlegroups.com
OSX certtool is a completely different beast from OpenSSL's certtool, therefore you see the error
message:
usage:
Create a keypair and cert: certtool c [options]
....
kcrisman
May 12, 2015, 9:53:15 AM5/12/15
to sage-s...@googlegroups.com, dim...@gmail.com
OSX certtool is a completely different beast from OpenSSL's certtool, therefore you see the errormessage:
Do you have a recommendation for Kevin? Something explicit to do would be helpful to have archived here, as I'm sure it will come up again.
Dima Pasechnik
May 12, 2015, 10:04:45 AM5/12/15
to sage-s...@googlegroups.com, dim...@gmail.com
Well, on OSX 10.10 pyopenssl does not even install without a patch. And then there is an OSX-specific bug in notebook.setup().
A bit of work needs to be done.
Volker Braun
May 12, 2015, 10:09:47 AM5/12/15
to sage-s...@googlegroups.com, dim...@gmail.com
On Tuesday, May 12, 2015 at 3:53:15 PM UTC+2, kcrisman wrote:
Do you have a recommendation for Kevin?
Yes, under no circumstance should you allow others to acces OSX Lion until Apple fixes the rootpipe bug. Realistically, you must update to 10.10 asap.
Dima Pasechnik
May 12, 2015, 10:14:39 AM5/12/15
to Volker Braun, sage-support
Well, Kevin's message dates Feb 2014. It just popped up in Google
while I worked on #18397.
while I worked on #18397.
kcrisman
May 12, 2015, 10:28:49 AM5/12/15
to sage-s...@googlegroups.com, dim...@gmail.com
Well, Kevin's message dates Feb 2014. It just popped up in Google
while I worked on #18397.
Wow, good "necromancy".
Reply all
Reply to author
Forward
0 new messages