Hi <div><br></div><div>I am having a problem with setting up x509 authentication for the cli . The symptoms are as follows: If I run the following command as the new x509 authenticated user:</div><div><br></div><div>onetemplate list</div>
<div><br></div><div>I get:</div><div><br></div><div>[TemplatePoolInfo] User couldn't be authenticated, aborting call.</div><div><br></div><div>I tried to debug this with rdebug by running something like:</div><div><br>
</div><div>ruby -rdebug /var/lib/one/remotes/auth/x509/authenticate <new_user> <user_dn> <user_secret></div><div><br></div><div>where <new_user> is the newly x509 authenticated user</div><div><user_dn> is then password taken from onehost show <new_user></div>
<div><user_secret> is the string in file /home/new_user/.one/one_x509 containing <new_user>:encrypted string</div><div><br></div><div><div>/usr/lib/one/ruby/x509_auth.rb:183: `data greater than mod len' (OpenSSL::PKey::RSAError)</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>from /usr/lib/one/ruby/x509_auth.rb:183:in `decrypt'</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>from /usr/lib/one/ruby/x509_auth.rb:116:in `authenticate'</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>from authenticate:50</div><div>/usr/lib/one/ruby/x509_auth.rb:183: @cert_chain[0].public_key.public_decrypt(Base64::decode64(data)</div></div><div><br>
</div><div>From similar errors mentioned on the internet it seems this has something to do with a truncation that may have occurred in the database</div><div><br></div><div>the certificate certs = "MII..==" contains 2532 characters and the </div>
<div> token = "..=" contains 690 characters</div><div><br></div><div>Many thanks</div><div>Uli</div><div><br></div>