On Tue, Jul 3, 2018 at 9:18 AM John Spray <jsp...@redhat.com> wrote: > > On Tue, Jul 3, 2018 at 6:25 AM jaywaychou <jaywayc...@gmail.com> wrote: > > > > > > HI,Cephers: > > > > I just use Mimic Ceph for Dashboard. I just do as > > http://docs.ceph.com/docs/mimic/mgr/dashboard/ > > > > When install a self-signed certificate as build-in commend , it stuck ERR > > like as bellow: > > > > [root@localhost ~]# ceph dashboard create-self-signed-cert > > Error EINVAL: Traceback (most recent call last): > > File "/usr/lib64/ceph/mgr/dashboard/module.py", line 319, in > > handle_command > > self.create_self_signed_cert() > > File "/usr/lib64/ceph/mgr/dashboard/module.py", line 328, in > > create_self_signed_cert > > pkey.generate_key(crypto.TYPE_RSA, 2048) > > Error: [('rsa routines', 'RSA_BUILTIN_KEYGEN', 'BN lib')] > > What linux distro are you running? This seems like it could be > something wrong with the openssl library on your system.
Sorry, I missed that you had verified that the library worked when called separately. So now I'm wondering if selinux is enabled on your system, which might be somehow restricting what the ceph-mgr process can do vs. what you can do at the console. John > John > > > I check the /usr/lib64/ceph/mgr/dashboard/module.py . And execute in local > > env. it's OK. > > > > ``` > > [root@localhost ~]# cat xx.py > > from OpenSSL import crypto > > from uuid import uuid4 > > > > def create_self_signed_cert(): > > # create a key pair > > pkey = crypto.PKey() > > pkey.generate_key(crypto.TYPE_RSA, 2048) > > # create a self-signed cert > > cert = crypto.X509() > > cert.get_subject().O = "IT" > > cert.get_subject().CN = "ceph-dashboard" > > cert.set_serial_number(int(uuid4())) > > cert.gmtime_adj_notBefore(0) > > cert.gmtime_adj_notAfter(10*365*24*60*60) > > cert.set_issuer(cert.get_subject()) > > cert.set_pubkey(pkey) > > cert.sign(pkey, 'sha512') > > > > cert = crypto.dump_certificate(crypto.FILETYPE_PEM, cert) > > print cert > > > > pkey = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey) > > print pkey > > > > create_self_signed_cert() > > > > [root@localhost ~]# python xx.py > > -----BEGIN CERTIFICATE----- > > MIICzzCCAbcCEDPwZUMnzU46kIAo0OdYes8wDQYJKoZIhvcNAQENBQAwJjELMAkG > > A1UEChMCSVQxFzAVBgNVBAMTDmNlcGgtZGFzaGJvYXJkMB4XDTE4MDcwMzA1MTEx > > OFoXDTI4MDYzMDA1MTExOFowJjELMAkGA1UEChMCSVQxFzAVBgNVBAMTDmNlcGgt > > ZGFzaGJvYXJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRFebQbR > > 2CuIucrhEZLI3V9hV/Jf3ca2+Hl54q5jWwk1SP5iki88zDxYxSthByBm4B07RUc1 > > TMYnLCpoC4APN2wENsYcp/D6+VydBKigDeG8cGMHgrwuQGgHKU40rTXZ88SFbzqT > > 7gzeYe0kuXTCNNIPtsjFdbRo33Ra5eoTzEeEaWqz6BfUknufF0Lf4ibRPVMwdH3a > > mrESBhc8EAxd3h8ZvulObat76S4oQlL/E28NYkooZMpszZKAg5vCz7WNPjOcLbu+ > > MQ0LrjLZoZi9039/UxJISVmOWTvylgWGZ8rN+KTPtA+yUMxtXhSCW5eNl3YmUJPY > > ER4r10B+g46UyQIDAQABMA0GCSqGSIb3DQEBDQUAA4IBAQBL6ZYWw4VqW24p7zsU > > gyIgTqX9yZTMb1Iavgyx8w7JtMrVbLSTM3zxu8LU4z4WlEtLiM/lYVWzDVlpVcfH > > sChbS8LtbWELf71hnceBJl+UzaZOUQVdzzo7l5G6ULLo5QPC0NkqKjqd+vOpiIyE > > j28XXIzwT9tRj1SCE/3ItzPVm7NpMVMpLavR2aH9sxOntUIp0leLVFXjy5gnEdfI > > uhvjoXtnImeXLOUhdP3ihpyiWu1UshLH7H3wiXI9pPG4M38lQBgX4gaGiw46nH8u > > B+DvyND2/uGWhtLveQ8yuckj6PaHGdMe1QTfBu4tm9Okb06Tgpk8wZlJ1UQi6lZg > > GjmT > > -----END CERTIFICATE----- > > > > -----BEGIN PRIVATE KEY----- > > MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCZEV5tBtHYK4i5 > > yuERksjdX2FX8l/dxrb4eXnirmNbCTVI/mKSLzzMPFjFK2EHIGbgHTtFRzVMxics > > KmgLgA83bAQ2xhyn8Pr5XJ0EqKAN4bxwYweCvC5AaAcpTjStNdnzxIVvOpPuDN5h > > 7SS5dMI00g+2yMV1tGjfdFrl6hPMR4RparPoF9SSe58XQt/iJtE9UzB0fdqasRIG > > FzwQDF3eHxm+6U5tq3vpLihCUv8Tbw1iSihkymzNkoCDm8LPtY0+M5wtu74xDQuu > > MtmhmL3Tf39TEkhJWY5ZO/KWBYZnys34pM+0D7JQzG1eFIJbl42XdiZQk9gRHivX > > QH6DjpTJAgMBAAECggEAEoJ0LbD2bTKOfREYeFyMp6BiEBWCHDpsY82kvJGj+B07 > > 8VC5sL2/l17wyR7+w7LaXd2LDkyXGGqZ0BBstn9M18HbHJiGXJSadM8LOcX+XM9g > > TyLahKem3Cj4PLl1S0DI015/WDz4KIAr4CGiID8LQQHp3ouWvS4MxIC4gTb2H+yS > > KUN6fkOM0KgdaSUSPpuh5FdsRHpbozux6G+77nOIm9InQTf9I0F+s9mf9tD74evR > > +1UVDk8Ox4BZm5jTHy1cq0q881OhfZftlItRDAoekiV+0TV8od6CrLheDJYImZeQ > > ufcBumr7YS3YkOI0+wCcldY7xrPzX4pWEcv7A21eAQKBgQDG/66WQzlQ8zHV0YPT > > SH8PHnv+95FQJ/Y9rJHYe7K9/Du2/1vjJDLdz4cs9aFFFa0/GmD8D0sqh8VZIwvP > > rUDKgfJF0Q4wAnuoisIYhoPU35jEMKzut98ww5t5Hln00XblTD7koe4+e8/VN4jl > > Du976cKEW981poj2S2lCUcRUwQKBgQDE6aIm9J+eM2YlXAUJceT9Amdn46B2wbMS > > fwEABCKcYdjzELi5xmXqY2vfmg+sQ/43GUNyc2fmrRHC8wqtZIg2QvHllzlmeXb1 > > OprbrfUSa8Zlo2dTUoPgmOueS1DS8q0eeQuTvhaKaA3idLF6TwceCTizVjyYOZ8C > > cFl0OgwaCQKBgQCQ10bm3dUZA3nxbEbsAOdiRMjxopYk5oFHEJUzIY3O1IlOP/1M > > jWtsoQF9iucv1oA73uJadHM8aIgOwgB1z1/KRdzmTixqa1RAL4bovPe1eG3D1r34 > > HuMXpjhCZwIIvHEyolVgqjAzUIDMa1h7iGxtH47SMeB8N1OXGPprKAKjwQKBgDqu > > DP5i47Y3RvdXJsEbycuEDeCtusHpEz4tztR8ZvwHRKmakBH8h56Dpj/qH0WMtZMh > > 2jGfJpVdee+IkeP+E4FoDcIHgLmC9Oo7Xq6cdm3Y5DShr0brThV+PKjddOaIHwL3 > > u3V5rinsvEaB0+nI5ywSP21iA4ixkysc4+t46OZRAoGBAKnlID2KANL/JllCyLZF > > LpnodKn0l7K40QWgbhfBxT/AqiRSR8rTIkTGP/Vkj0IwOBjp8zj/D5/6GjazbPXC > > J3O45Fpu6ESkx/LUKBjncvyww7b9UNHY2tPQW1HliUexd7mufRGn0urFZjabPCuO > > 84KXuWTVsQjT0oChqsToh3Oy > > -----END PRIVATE KEY----- > > ```` > > > > What can I do ? somebody give me some suggestion . > > > > > > 发自网易邮箱大师 > > > > _______________________________________________ > > ceph-users mailing list > > ceph-users@lists.ceph.com > > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com _______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
