Resource unauthorized while calling LOGIN:CR_Login

[Derryn Jones]

Hi,

We had a power outage which necessitated a shutdown of all our servers.

Since the Ubuntu VM containing our WebADM installation booted back up it has not allowed MFA authentications.

On the admin page I get "Error (cache mismatch or expired)" under License status.

On the software license details page I get:

The same shows in the logs as it's booting.

I have requested a new freeware license and installed it, to no avail. I've also tried updating to the latest version.

I've followed the knowledgebase regarding a similar error, and I get the following:

$ sudo openssl s_client -connect cloud.rcdevs.com:443
[sudo] password for otpadmin:
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = cloud.rcdevs.com
verify return:1
---
Certificate chain
 0 s:CN = cloud.rcdevs.com
   i:C = US, O = Let's Encrypt, CN = R3
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISA+JgmuKyYlumPmrgCUFKPI3IMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjA3MjQyMTAyMjVaFw0yMjEwMjIyMTAyMjRaMBsxGTAXBgNVBAMT
EGNsb3VkLnJjZGV2cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUDTMr62W1Y41dEwoMYs+1RETEmMBa3Le+/XccpJ0D+RpttPtIjQZO0TT2lkus
6c7mpxYqGmbP0bk+FGeXN3acTcJ03Nug4LbeqnFN1pqKs7+z/Anw8xdFcBq+R0Wl
X3P4RZxUIXdtuJIf3x7Ehhx/ymIPQAfbqcvwWpXB9Fl1MBmRB1dmBP1Tsy5az9cT
kexfZOGuxHil1TSptqkN6zn/IGAY8cntddEktrge/AjdnaNFsiunjbqbvgdMoiJW
PVaryTxF4H5zk6v/uEe6XmaugGgfWgfY5nBAbjJ1BfCOJo7QVfiHWq5UUFmbSBAP
pS9G3tNK7+01oCJrEzqNwlJ/AgMBAAGjggJMMIICSDAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFOH3GTwN0YDgOEAt6vWIOi66KBl3MB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMBsGA1UdEQQUMBKCEGNsb3VkLnJjZGV2cy5jb20wTAYDVR0gBEUwQzAIBgZn
gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwApeb7wnjk5
IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAYIyO6PBAAAEAwBIMEYCIQCO7MEf
USzppKU61A7WoOq0u1qac2uzN4ANVMIG3tOY7wIhAMRGBK1aiXWaGodZwH2q4W2a
Yj1QscezG3y+Xk9p2+WxAHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKW
BvYAAAGCMjuk8wAABAMARzBFAiEA7/vh3pqC2+XMp5PQFc9MxJBap6+HXXgIE3ye
vKEAzbACIA4xIJmMlpE2j6jEG9RCWH8zArHDGjXWW9m/zss5GeZnMA0GCSqGSIb3
DQEBCwUAA4IBAQAX7pY2cv8M+wXkrxnqpuU2JZ4gspB/Xu2SazRb3arQ/ycD8OS4
d84+N3JXk1hMxhm7Tbq5as23qOiyx8OLl8IDBf2LH/ZFajuxwVWnGViSsz9yWpor
d2kAH7tE5s4coXHLNmxfmJXxGWxLacWKcYOakWp+MYBm8noTxVO3Rcbtl9U3Nd9Y
MPVc4dXhzEUqDbdhpq/17BtCGslYmmw52lMx/ahPeAZJTY8WdAR1/0HPlyVixWYO
dQogaPWI8GfIExn4MWKuOa6tw1RjLzx/VPyyj5En3c33Wkd+JpEpbUpFWjKUDM4n
vLw2uGfhT2qlCvPMmPz4w9Dlx2HyU72BvqKr
-----END CERTIFICATE-----
subject=CN = cloud.rcdevs.com

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4579 bytes and written 388 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: E7076C5373254EF3931F533D33CBFDF5887FEC625339432B205A14C4268100F6
    Session-ID-ctx:
    Resumption PSK: 859874BAE493813EA9A6F4D4475AFD946E9E8A86E7AFAB4A275669EAED28327B5F14220F6D3E829B08903E4028CB5181
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 00 4e c9 4a eb 5f b5 51-9b ee 3f b1 a0 20 2e 36   .N.J._.Q..?.. .6
    0010 - 85 bb 4a d7 07 45 ae bd-17 63 98 de f4 17 c7 f1   ..J..E...c......

    Start Time: 1663939678
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 24FC4BA982CFAB65F8EA51273DEFDDDC3B43603C5239128A33E09A1447EFBC73
    Session-ID-ctx:
    Resumption PSK: C3EAF9E85CD281B5CE69F713831BA39AF12DDF001E30836998C0807A4824AEEC1CE6DA9509E6542E7BAA19471ABA1720
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - e4 71 0f ec 32 fd 85 7e-07 e4 f4 4e e5 f8 33 84   .q..2..~...N..3.
    0010 - e0 4e 20 e4 1d 43 9b 2f-cf 63 96 45 69 6b d5 01   .N ..C./.c.Eik..

    Start Time: 1663939678
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK

HTTP/1.1 408 Request Time-out
Content-length: 110
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<html><body><h1>408 Request Time-out</h1>
Your browser didn't send a complete request in time.
</body></html>
closed

Any help would be useful.

Regards,

Derryn

[Tarik Rachdani]

Hello,

Can you send a screenshot of all the Software License Details page ?

Regards,

[Derryn Jones]

Attached. I realise we are over the 20 free, but that's because you guys changed it on us! It was 40 until I did the renewal to get it working again. I'm pretty disappointed nobody said a thing that this was happening beforehand.

Surely that's not the cause?

--
You received this message because you are subscribed to a topic in the Google Groups "RCDevs Security Solutions - Technical" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rcdevs-technical/QjdfCRBny64/unsubscribe.
To unsubscribe from this group and all its topics, send an email to rcdevs-technic...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rcdevs-technical/6fc860dd-82b3-4f8b-a293-007f84e478a1n%40googlegroups.com.

[Tarik Rachdani]

Hello,

Indeed, this is the cause. Now, the freeware version is only available for up to 20 users.

We're sorry for the disappointment. However, I invite you to contact our sales department and describe your issue : sa...@rcdevs.com

Regards,