Author Topic: [WORKAROUND] Can't dis-/enable service certificate for web server  (Read 2101 times)

newton

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Hi folks,

after freshly installing zentyal i was able to enable ssl for the web server after issuing a CA and checking the service certificate-checkbox for the web server, afterwards the checkbox got greyed out and i wasn't able check or uncheck it. Even revoking the issued certificate didn't solve the problem. Unfortunately after revoking the certificate i can't connect to the web server via ssl anymore.

Is it a bug, or just my disability?!

I would be very happy if anyone could help me with my problem.
« Last Edit: November 15, 2010, 10:08:09 pm by newton »

newton

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Can't dis-/enable service certificate for web server (box is greyed out)
« Reply #1 on: November 04, 2010, 11:30:38 pm »
I figured out, that before activating the SSL for the web server in the web server submenu the checkbox for the service certifictae can be checked and unchecked without any problems. After activating the SSL option the box cannot be unchecked, so far a normal behaviour from my point of view as the certificate is "in use". But even after disabling the ssl option for the web server the checkbox is still greyed out and cannot be unchecked. So far no problem as you can reactivate the ssl option again... But unfortunately i revoked the certificate after disabling the ssl option.... AND NOW?  I can't issue an new certificate by activating the checkbox, because it's greyed out.

Does anyone have an idea?


P.S.: Sorry for my bad english... :)
« Last Edit: November 04, 2010, 11:36:22 pm by newton »

newton

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Can't dis-/enable service certificate for web server (box is greyed out)
« Reply #2 on: November 05, 2010, 06:49:13 pm »
Ok maybe it seems a little bit weird if i'm writing to myself the whole time, but while waiting for an answer or solution i could write down my thoughts or questions to the topic...  8)

Let's start in the beginning... Where is the reason to switch the service certificate to read-only after activating the SSL-option of the web server, so that it can't be modified anymore?

quentin.jodhaa

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +1/-0
    • View Profile
Re: Can't dis-/enable service certificate for web server (box is greyed out)
« Reply #3 on: November 12, 2010, 05:30:55 pm »
Hi Newton, Hi guys,

I'm having the exact same problem.

I've been able to activate the ssl for the webserver and therefore to have access to zarafa with ssl, but then I played with the certificates for the vpn, and now in Services Certificates, webserver is greyed out, unclickable.

The common name of Web Server is different from the others though, it is my fqdn while the others are 'ebox'.

Any hint would be greatly appreciated.

I'm running Zentyal 2.0-2, installed from the iso.

Two network cards, but only eth0 has been in use so far.

Thanks again in advance,

Quentin

newton

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Can't dis-/enable service certificate for web server (box is greyed out)
« Reply #4 on: November 15, 2010, 10:07:38 pm »
I'm sure it's a bug. Zentyal doesn't recognize that the ssl-option in the web-server-menu is deactivated again, and so the checkbox and the edit-button in the service-certificates-menu stay disabled.

But i found a workround, by debugging the javascript of the zentyal-webconfig.
You need a javascript-debugger (I used "venkman javascript debugger" for firefox).

1. Open the service-certificate-menu and right-click somewhere in the table with the services and choose "show source code" from firefox menu.
2. Search for "Web Server" in the source code (third or fourth entry)
3. Several lines below you will find something like "<div id='Certificates_enable_cert1249_loading'></div>", remember the mentioned cert! (in my case: "cert1249")
4. Open the javascript-debugger
5. Click on any edit-button in the service-certificate-menu in the zentyal-webconfig (Dunno why, but otherwise the javascript debugger won't find the javascripts)
6. Go back to the javascript debugger, and look for "table-helper.js" in the upper left window ("loaded scripts") in the debugger
7. Left-click on "table-helper.js" and choose the "changeView"-Function, do a right-click on it and choose "Set Breakpoint"
8. Go back to the service-certificate-menu in the zentyal-webconfig and click on any edit-button
9. The script will halt, due to the fact that we set a breakpoint, and now we can manipulate the values of the variables
10. Edit the value and enter your cert "certXXXX" (in my case: "cert1249"; with "") and click on the continue-button
11. Go back to the service-certificate-menu in the zentyal-webconfig and now you will be able to edit and reactivate your certificate for the webserver instead of the certificate whoose edit-button you clicked.
12. Enable the ssl-option in the webserver menu

Maybe there are easier ways to achieve this, but i'm just a javascript-noob and it worked fine for me... ;-)
« Last Edit: November 15, 2010, 11:35:42 pm by newton »