Not logged in. · Lost password · Register
Forum: General Help and Support Installation and Configuration RSS
can't update plugins (solved)
download of plugin packages failes
Page:  previous  1  2  3  next 
Avatar
Exzellius 2019-02-08, 12:43 #16
Member since Jan 2019 · 26 posts · Location: Bamberg
Group memberships: Members
Show profile · Link to this post
In reply to post ID 64773
ah was not that complicated to install that ^^
I will install a fresh dokuwiki instance next week and test with that
same release or recent stable, what do you think?

I would just answer to this post once I'm done with testing with my finding if thats ok with you
I'm very happy to have someone to help me with my problem, this has haunted me the last 2 months or so :/

Greetings
Dominik
Avatar
virk 2019-02-08, 14:26 #17
Member since Aug 2008 · 644 posts · Location: Aachen, Germany
Group memberships: Members
Show profile · Link to this post
1) I would suggest to you to install the current stable version. But of course you can install as many as you want :-) Just to make sure that dokuwiki can run under the current apache- and php-conditions.
2) If you have access to the webserver directly (running on your on computer f.e.), you can also install a fresh wiki and just copy the content (pages and media) of the "old" wiki to the new one. Then just install all required plugins, activate the indexer once and you're done. By this simple method you will lose old versions but perhaps this is not of big importance currently.

Frankly speaking, I am not the best technical expert here in this forum. I am just a user who is maintaining the wiki here in our company :-) So my knowledge (unix, etc.) is "limited" :-)
Avatar
turnermm (Moderator) 2019-02-08, 16:48 #18
Member since Oct 2009 · 4756 posts · Location: Canada
Group memberships: Global Moderators, Members, Super Mods
Show profile · Link to this post
In reply to post ID 64769
Create an index.php file with the following:

<?php
phpinfo();

See if it has current openssl support.  It's possible it wasn't updated when you updated your php.
Myron Turner
github: https://github.com/turnermm
plugins, templates: http://www.mturner.org/devel
Avatar
virk 2019-02-08, 17:36 #19
Member since Aug 2008 · 644 posts · Location: Aachen, Germany
Group memberships: Members
Show profile · Link to this post
Myron is one of the experts I was calling :-)
Avatar
Exzellius 2019-02-11, 08:31 #20
Member since Jan 2019 · 26 posts · Location: Bamberg
Group memberships: Members
Show profile · Link to this post
In reply to post #18
Hi,

Quote by turnermm on 2019-02-08, 16:48:
Create an index.php file with the following:

<?php
phpinfo();

See if it has current openssl support.  It's possible it wasn't updated when you updated your php.

did that, where can I see if it has openssl support?
I see the following lines that could indicate that:
PHP Version 7.0.7
===========
Registered Stream Socket Transports    tcp, udp, unix, udg, ssl, sslv3, sslv2, tls, tlsv1.0, tlsv1.1, tlsv1.2

mysqlnd
=====
core SSL    supported
extended SSL    not supported

openssl
=====
OpenSSL support    enabled
OpenSSL Library Version    OpenSSL 1.0.2p-fips 14 Aug 2018
OpenSSL Header Version    OpenSSL 1.0.1i-fips 6 Aug 2014
Openssl default config    /etc/ssl/openssl.cnf

PHP Variables
========
$_SERVER['SSL_VERSION_INTERFACE']    mod_ssl/2.4.23
$_SERVER['SSL_VERSION_LIBRARY']    OpenSSL/1.0.2p-fips

Thanks again
Dominik
Avatar
Michaelsy 2019-02-11, 09:17 #21
Member since Jun 2015 · 969 posts · Location: Düsseldorf, Germany
Group memberships: Members
Show profile · Link to this post
For comparison, here a phpinfo() from me.
Provider/Server:  1&1/IONOS (Germany), shared hosting server (probably well maintained)
I never had problems to update plugins (and for safety tested today).

Feedback welcome - Michael Sy.
By Patreon.com a few eurons can be fed into the code phasers of
the DokuWiki engine. Besides, Andi's posts are worth reading.
The author has attached one file to this post:
phpinfo.zip 23.1 kBytes
You have no permission to open this file.
Avatar
Michaelsy 2019-02-11, 09:46 #22
Member since Jun 2015 · 969 posts · Location: Düsseldorf, Germany
Group memberships: Members
Show profile · Link to this post
MY PHPINFO():

Phar           <===== I guess, this could be relevant
=====
Phar: PHP Archive support    enabled
Phar EXT version     2.0.2
Phar API version     1.1.1
SVN revision     $Id: 5a13ea43696d12b18046758c0fa7b12eb1098e5e $
Phar-based phar archives     enabled
Tar-based phar archives     enabled
ZIP-based phar archives     enabled
gzip compression     enabled
bzip2 compression     enabled
Native OpenSSL support     enabled     <===== I guess, this could be relevant

YOUR PHPINFO():
mysqlnd
=====
core SSL    supported
extended SSL    not supported      <===== Here my phpinfo() shows "supported"  (but relevant??)
By Patreon.com a few eurons can be fed into the code phasers of
the DokuWiki engine. Besides, Andi's posts are worth reading.
This post was edited on 2019-02-11, 09:53 by Michaelsy.
Avatar
andi (Administrator) 2019-02-11, 10:19 #23
User title: splitbrain
Member since May 2006 · 3510 posts · Location: Berlin Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Quote by Michaelsy:
Phar           <===== I guess, this could be relevant
extended SSL    not supported      <===== Here my phpinfo() shows "supported"  (but relevant??)

Nope. phpinfo looks good. Might be missing certificates. See http://php.net/manual/en/openssl.configuration.php
Read this if you don't get any useful answers.
Lies dies wenn du keine hilfreichen Antworten bekommst.
Avatar
Exzellius 2019-02-11, 10:26 #24
Member since Jan 2019 · 26 posts · Location: Bamberg
Group memberships: Members
Show profile · Link to this post
Hi,

I'll attach my complete phpinfo :)
hope that helps

Greetings
Dominik
The author has attached one file to this post:
phpinfop.txt 25.3 kBytes
You have no permission to open this file.
Avatar
andi (Administrator) 2019-02-11, 10:28 #25
User title: splitbrain
Member since May 2006 · 3510 posts · Location: Berlin Germany
Group memberships: Administrators, Members
Show profile · Link to this post
From your file:

openssl.cafile => no value => no value
openssl.capath => no value => no value
Read this if you don't get any useful answers.
Lies dies wenn du keine hilfreichen Antworten bekommst.
Avatar
Exzellius 2019-02-11, 10:31 #26
Member since Jan 2019 · 26 posts · Location: Bamberg
Group memberships: Members
Show profile · Link to this post
Thanks.
From your file:

openssl.cafile => no value => no value
openssl.capath => no value => no value

I've seen that too,
how can I get this changed tho?
I have seen your link above "http://php.net/manual/en/openssl.configuration.php",
but I am a little clueless on what to do with the information given on that page.

I guess my question formed clearer would be: what is my cafile and capath? theoretically php should use the default ca's for my os right?
This post was edited on 2019-02-11, 10:33 by Exzellius.
Avatar
Michaelsy 2019-02-11, 10:37 #27
Member since Jun 2015 · 969 posts · Location: Düsseldorf, Germany
Group memberships: Members
Show profile · Link to this post
The behaviour of these functions is affected by settings in php.ini.
[...]
For further details and definitions of the PHP_INI_* modes, see the Where a configuration setting may be set.
Source: http://php.net/manual/en/openssl.configuration.php
By Patreon.com a few eurons can be fed into the code phasers of
the DokuWiki engine. Besides, Andi's posts are worth reading.
Avatar
Exzellius 2019-02-11, 10:45 #28
Member since Jan 2019 · 26 posts · Location: Bamberg
Group memberships: Members
Show profile · Link to this post
Hi,

I can see the following in /etc/php7/apache2/php.ini:
;curl.cainfo =
;openssl.capath=

my question would be: what do I need to fill these with?
do I need to fill these with the CA-certs of my company or do I need to fill these with another CA-cert?

I am not the expierenced person with Certificates, sorry :/

###EDIT
I changed the parameter in /etc/php7/apache2/php.ini to the path where the certs get stored in my OS (SLES12 SP4)
now phpinfo shows the following:
Directive    Local Value    Master Value
openssl.capath    /usr/share/pki/trust/    /usr/share/pki/trust/
but unfortunately still not able to download from github :/
###EDIT END

###EDIT2
I noticed that this might not be the correct directory as this parameter needs the hashed certs, so I changed it again but still not able to download
now phpinfo shows the following:
Directive    Local Value    Master Value
openssl.cafile    /etc/ssl/ca-bundle.pem    /etc/ssl/ca-bundle.pem
openssl.capath    /etc/ssl/certs    /etc/ssl/certs
###EDIT2 END

Greetings
Dominik
This post was edited 3 times, last on 2019-02-11, 11:02 by Exzellius.
Avatar
schplurtz (Moderator) 2019-02-12, 07:59 #29
Member since Nov 2009 · 506 posts · Location: France, Finistère
Group memberships: Global Moderators, Members
Show profile · Link to this post
cafile and capath are empty on various servers I use, and everythng works on these servers.

If the problem you're facing really comes from your lack of CA certs, then you must set capath to a directory that has a recent list of such certs. Maybe, you have such a directory. try to find a directory that contains 4042bcee.0 or 6187b673.0 . search under /etc and /usr/local/etc . If that's the case, use that dir for the value of capath.

Some distro have packages just for ca-certificates. I don't know SLES. You may find an rpm file for a newer version of your OS that has an updated list of CA. Check on your distro forum, but it should be safe to install such rpm on your venerable SLES

Otherwise, I add an archive in this post, it contains the certs files from my raspberry pi, that has no problem with SSL. (I prepared it quickly so it is suboptimal). Expand it anywhere, say /etc/myownssl-certs/hashed .The directory does not need any particular protection, these data are public and meant to be world readable. Then, change php.ini capath
openssl.capath="/etc/myownssl-certs/hashed"
restart your webserver/php and try.
The author has attached one file to this post:
hashed.zip 377.7 kBytes
You have no permission to open this file.
Avatar
Exzellius 2019-02-12, 08:17 #30
Member since Jan 2019 · 26 posts · Location: Bamberg
Group memberships: Members
Show profile · Link to this post
Hi,

I downloaded you package and unzipped it in /srv/www/htdocs (not a good location but it doesn't matter for this test)
I gave it 777 permissions to be sure it is readable etc...
then I changed capath in my /etc/php7/apache2/php.ini to look like this
[openssl]
; The location of a Certificate Authority (CA) file on the local filesystem
; to use when verifying the identity of SSL/TLS peers. Most users should
; not specify a value for this directive as PHP will attempt to use the
; OS-managed cert stores in its absence. If specified, this value may still
; be overridden on a per-stream basis via the "cafile" SSL stream context
; option.
;openssl.cafile=/etc/ssl/ca-bundle.pem

; If openssl.cafile is not specified or if the CA file is not found, the
; directory pointed to by openssl.capath is searched for a suitable
; certificate. This value must be a correctly hashed certificate directory.
; Most users should not specify a value for this directive as PHP will
; attempt to use the OS-managed cert stores in its absence. If specified,
; this value may still be overridden on a per-stream basis via the "capath"
; SSL stream context option.
;openssl.capath=/etc/ssl/certs
openssl.capath=/srv/www/htdocs/hashed
after that I restarted the apache2 and it changed nothing
to be sure I restarted the whole server and also no result

so I guess the certs are not the main issue here?

Greetings
Dominik
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Page:  previous  1  2  3  next 

Go to forum
Imprint
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Current time: 2020-01-23, 05:28:57 (UTC +01:00)

Global DokuWiki Links