Re: [Dataverse-Users] Can't load private key in /hs/svr_1/admpriv.bin

[Philip Durbin]

Thanks for stopping by the chat room and leaving some further details at http://irclog.iq.harvard.edu/dataverse/2020-02-28#i_119886

[#|2020-02-28T08:26:42.209-0300|SEVERE|glassfish 4.1|edu.harvard.hul.ois.jhove|_ThreadID=47;_ThreadName=jk-connector(1);_TimeMillis=1582889202209;_LevelValue=1000;|   Testing SEVERE level|#]  [#|2020-02-28T08:26:46.138-0300|SEVERE|glassfish 4.1|edu.harvard.iq.dataverse.HandlenetServiceBean|_ThreadID=50;_ThreadName=jk-connector(4);_TimeMillis=1582889206138;_$   Can't load private key in /hs/svr_1/admpriv.bin: java.lang.NullPointerException|#

at net.handle.hdllib.HandleResolver.sendRequestToSite(HandleResolver.java:915)         at net.handle.hdllib.HandleResolver.sendRequestToService(HandleResolver.java:742)         at net.handle.hdllib.HandleResolver.processRequestGlobally(HandleResolver.java:578)         at net.handle.hdllib.HandleResolver.processRequest(HandleResolver.java:553)         at net.handle.hdllib.HandleResolver.processRequest(HandleResolver.java:563)         at edu.

Unfortunately, I'm not sure what the problem is. I've never installed Handle myself. But I hope these errors above help someone who knows more about Handle troubleshoot the problem!

I downloaded https://handle.net/hnr-source/handle-9.2.0-distribution.tar.gz but I don't see any source code in there so I don't know what line 915 of HandleResolver.java, for example, does.

Phil

On Fri, Feb 28, 2020 at 9:35 AM Alexandre Abreu <alsanti...@gmail.com> wrote:

Good morning, 

I'm working at FGV.  We have a Dataverse with Handle installed. 
After we have installed and configured Handle, we are not able to create datasets. 
When we try to do this, an error rises and we find the following log report:

 [#|2020-02-28T08:26:46.138-0300|SEVERE|glassfish 4.1|edu.harvard.iq.dataverse.HandlenetServiceBean|_ThreadID=50;_ThreadName=jk-connector(4);_TimeMillis=1582889206138;_6138;_LevelValue=1000;|

  Can't load private key in /hs/svr_1/admpriv.bin: java.lang.NullPointerException|#]

How to solve this?

Best regards,

Alexandre.

--
You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-commu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/3c96bcef-7461-434c-9ab4-8203d74b4918%40googlegroups.com.

--

Philip Durbin
Software Developer for http://dataverse.org
http://www.iq.harvard.edu/people/philip-durbin

[Alexandre Abreu]

We solved it!
We simply didn't encrypt the admpriv.bin...
Now it is working nicely. 
But, Now I have another question: Is it necessary to encrypt ?

[James Myers]

Alexandre,

 

I haven’t used Handles in Dataverse but looking at the code I see that it is trying to use the ' dataverse.handlenet.admprivphrase’ JVM option as the key to decrypt the Handle credentials. If you didn’t have that set/set correctly when you tried before (remembering that you have to restart glassfish after changing jvm options), I think that could be the source of the error you saw and setting it might help you to use encryption.

 

If not, encryption is probably not necessary if your server is adequately protected, which it should be any way. It is probably better to get security advice from your local experts, but it may be useful to know that while encrypting means that intruders can’t access the Handle credentials directly, if they can get to the machine and read the glassfish jvm options, they could decrypt it anyway – that’s a little more work and more Dataverse-specific but the main defense in either case is probably keeping the machine itself secured. (Encryption is probably more important if you’re creating the credentials on one machine and moving them to another.)

 

I hope that’s helpful. If setting the jvm option above doesn’t allow you to use encryption, I would suggest that you create an issue at Github.

 

      --   Jim

--

You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-commu...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/6a76d712-100d-44e0-9b41-f3e14e81c5c8%40googlegroups.com.