jlibster
(Jonah Libster)
April 13, 2017, 5:53pm
1
Hey, saw that there are series of updates including the nextcloud server. As per the advice of the members I disabled the Epel nextcloud updates. Am I able to proceed with the the current updates?
NetworkManager 1.4.0 19.el7_3
NetworkManager-libnm 1.4.0 19.el7_3
NetworkManager-team 1.4.0 19.el7_3
NetworkManager-tui 1.4.0 19.el7_3
NetworkManager-wifi 1.4.0 19.el7_3
ca-certificates 2017.2.11 70.1.el7_3
dmidecode 3.0 2.1.el7_3
duplicity 0.7.12 1.el7
grubby 8.28 21.el7_3
httpd 2.4.6 45.el7.centos.4
httpd-tools 2.4.6 45.el7.centos.4
initscripts 9.49.37 1.el7_3.1
irqbalance 1.0.7 6.el7_3.1
kernel 3.10.0 514.16.1.el7
kernel-devel 3.10.0 514.16.1.el7
kernel-headers 3.10.0 514.16.1.el7
kernel-tools 3.10.0 514.16.1.el7
kernel-tools-libs 3.10.0 514.16.1.el7
libblkid 2.23.2 33.el7_3.2
libgudev1 219 30.el7_3.8
libipa_hbac 1.14.0 43.el7_3.14
libmount 2.23.2 33.el7_3.2
libsss_autofs 1.14.0 43.el7_3.14
libsss_idmap 1.14.0 43.el7_3.14
libsss_nss_idmap 1.14.0 43.el7_3.14
libsss_sudo 1.14.0 43.el7_3.14
libtool-ltdl 2.4.2 22.el7_3
libuuid 2.23.2 33.el7_3.2
mod_ssl 2.4.6 45.el7.centos.4
net-snmp-libs 5.7.2 24.el7_3.2
nethserver-backup-data 1.3.0 1.ns7
nethserver-firewall-base 3.1.7 1.ns7
nethserver-firewall-base-ui 3.1.7 1.ns7
nethserver-nextcloud 1.1.0 1.ns7
nethserver-ntp 1.1.3 1.ns7
nethserver-openssh 1.2.1 1.ns7
nextcloud 11.0.2 1.4.ns7
openssh 6.6.1p1 35.el7_3
openssh-clients 6.6.1p1 35.el7_3
openssh-server 6.6.1p1 35.el7_3
openvpn 2.4.1 2.el7
python-perf 3.10.0 514.16.1.el7
python-sssdconfig 1.14.0 43.el7_3.14
squid 3.5.20 2.el7_3.3
squid-migration-script 3.5.20 2.el7_3.3
sssd 1.14.0 43.el7_3.14
sssd-ad 1.14.0 43.el7_3.14
sssd-client 1.14.0 43.el7_3.14
sssd-common 1.14.0 43.el7_3.14
sssd-common-pac 1.14.0 43.el7_3.14
sssd-ipa 1.14.0 43.el7_3.14
sssd-krb5 1.14.0 43.el7_3.14
sssd-krb5-common 1.14.0 43.el7_3.14
sssd-ldap 1.14.0 43.el7_3.14
sssd-libwbclient 1.14.0 43.el7_3.14
sssd-proxy 1.14.0 43.el7_3.14
systemd 219 30.el7_3.8
systemd-libs 219 30.el7_3.8
systemd-sysv 219 30.el7_3.8
util-linux 2.23.2 33.el7_3.2
thanks!
Jonah
davidep
(Davide Principi)
April 13, 2017, 5:55pm
2
Now NextCloud 11 comes from nethserver-updates. The conflict with nc10 from epel is solved!
Yes, epel can be safely re-enabled!
dnutan
(Marc)
April 13, 2017, 7:26pm
3
There might be an issue with the openvpn update. If you encounter an issue check out this thread:
NethServer Version: NethServer release 7.3.1611 (Final)
Module: OpenVPN
After updating NS, OpenVPN client doesn’t connect to the server.
I note this error in the log file /var/log/openvpn/openvpn.log
Wed Apr 12 16:19:34 2017 xxx.xxx.xxx.xxx:50849 OpenSSL: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
Wed Apr 12 16:19:34 2017 xxx.xxx.xxx.xxx:50849 TLS_ERROR: BIO read tls_read_plaintext error
Wed Apr 12 16:19:34 2017 xxx.xxx.xxx.xxx:50849 TLS Error: TLS ob…
Note some updates will not take effect until the server is rebooted.
1 Like
“error.log” shows me follow:
[Wed Apr 12 11:28:31 2017] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
_ [Wed Apr 12 11:28:31 2017] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)_
_ [Wed Apr 12 11:28:31 2017] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)_
_ [Wed Apr 12 11:28:31 2017] [notice] Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/1.0.1e-fips configured – resuming normal operations_
_ [Wed Apr 12 21:20:22 2017] [notice] caught SIGTERM, shutting down_
The only thing I did was an update from 6.8 to 6.9. What happened?
davidep
(Davide Principi)
April 14, 2017, 9:45am
5
I see only three warns and two notices… Should not harm. Any other problem?
I’ve looked a bit on the internet and found this solution. I am not sure, however, is this constellation your wish
Actually, I’ve looked for a solution for my SSL problem with Firefox.
What ever - I found follow:
If you encounter this error: [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) in you apache error.log this means you have created a cert that is intended to be used to sign other certs, but you’re using that cert as your SSL cert. So, it depends how you create the SSL cert.But how can we solve this problem?!
http://sammit.net/fix-rsa-server-certificate-ca-certificate-basicconstraints-ca-true-error/