Failed to startup domino-iam-services. According to the tutorial https://doc.cwpcollaboration.com/appdevpack/docs/en/iam_setup_prepare_part.html
I have installed the database adpconfig.nsf for HCL Domino AppDev Pack Configuration.
At the access control page, I have granted the read access to IAMAccessors as tutorial.
I have created the self-signed SSL certificates, but failed to startup the demo services, IAM.
enter code here C:\iam>npm start
> domino-iam-service#2.2.0 start
> cross-env NODE_ENV=production node iam-server.js
WARNING: NODE_ENV value of 'production' did not match any deployment config file names.
WARNING: See https://github.com/lorenwest/node-config/wiki/Strict-Mode
[17:40:58][info][master][master]: IAM version: 2.2.0
[17:40:58][warn][master][master]: IAM is in pilot mode. Please do not use this in production environment.
[17:40:58][warn][master][master]: To swith to production mode, delete config/local.properties then setup in production mode.
Start to unlock config:
? Enter current IAM server password: ************
Config is unlocked.
[17:41:09][info][master][master]: Starts as single node mode.
[17:41:09][info][initServices][master]: Start IAM service on allAddress:443
[17:41:09][info][stats][master]: IAM StatsClient enabled: false
[17:41:09][error][DBConnector][master]: Failed to obtain certificate content with: EISDIR: illegal operation on a directory, read
[17:41:09][error][adpConfig][master]: Error polling adpconfig. Error: EISDIR: illegal operation on a directory, read
at Object.readSync (node:fs:727:3)
at tryReadSync (node:fs:433:20)
at Object.readFileSync (node:fs:479:19)
at t (C:\iam\iam-server.js:1:57672)
at Object.g [as createCredentialOption] (C:\iam\iam-server.js:1:57795)
at Object.init (C:\iam\iam-server.js:1:9475)
at Object.init (C:\iam\iam-server.js:1:18954)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async e.exports (C:\iam\iam-server.js:1:87837)
at async C:\iam\iam-server.js:1:83053 {
errno: -4068,
syscall: 'read',
code: 'EISDIR'
}
[17:41:09][warn][IAMService][master]: LDAP has not been configured yet! Please go to Admin Service to configure it.`enter code here`
[17:41:09][error][initServices][master]: Exiting.. Error: keystore must be a JSON Web Key Set formatted object
[17:41:09][info][initServices][master]: IAM service is shutdown
C:\iam>
[![enter image description here][1]][1]
[1]: https://i.stack.imgur.com/KIpue.png
ADP config integration will likely not work in pilot mode. In pilot mode there is no set up connection to the domino server. You will need to configure it for production for that to work.
Related
C:\domino-iam-service>npm start
> domino-iam-service#2.2.0 start
> cross-env NODE_ENV=production node iam-server.js
WARNING: NODE_ENV value of 'production' did not match any deployment config file names.
WARNING: See https://github.com/lorenwest/node-config/wiki/Strict-Mode
[11:52:41][info][master][master]: IAM version: 2.2.0
Start to unlock config:
? Enter current IAM server password: ********
Config is unlocked.
[11:53:43][info][master][master]: Starts as cluster mode.
[11:53:43][info][stats][master]: IAM StatsClient enabled: false
[11:53:43][info][cluster][master]: Worker 1 is started
[11:53:43][info][cluster][master]: Worker 2 is started
WARNING: NODE_ENV value of 'production' did not match any deployment config file names.
WARNING: See https://github.com/lorenwest/node-config/wiki/Strict-Mode
WARNING: NODE_ENV value of 'production' did not match any deployment config file names.
WARNING: See https://github.com/lorenwest/node-config/wiki/Strict-Mode
[11:53:49][info][worker][worker-1]: Worker 1 starts to provide service, which process id is: 3752
[11:53:49][info][initServices][worker-1]: Start IAM service on allAddress:9443
[11:53:49][info][worker][worker-2]: Worker 2 starts to provide service, which process id is: 2772
[11:53:49][info][stats][worker-1]: IAM StatsClient enabled: false
[11:53:49][info][initServices][worker-2]: Start IAM service on allAddress:9443
[11:53:50][warn][DBConnector][worker-1]: dbConfig.dominoConfig.credential.CLIENT_KEY_PASSPHRASE setting is empty, it is NOT SECURE.
[11:53:50][info][stats][worker-2]: IAM StatsClient enabled: false
[11:53:50][warn][DBConnector][worker-1]: Please use openssl tool to add passphrase for your client key file.
[11:53:50][warn][DBConnector][worker-2]: dbConfig.dominoConfig.credential.CLIENT_KEY_PASSPHRASE setting is empty, it is NOT SECURE.
[11:53:50][warn][DBConnector][worker-2]: Please use openssl tool to add passphrase for your client key file.
[11:53:50][error][ClusterCache][worker-2]: Error occurred when constructing ClusterCache with error: timeout
[11:53:50][error][ClusterCache][worker-1]: Error occurred when constructing ClusterCache with error: timeout
[11:53:50][info][DBConnector][worker-2]: Domino isn't connected, retry after 30s
[11:53:50][info][DBConnector][worker-1]: Domino isn't connected, retry after 30s
The domino server with only one error message.
0554:0002-0594] 2022/07/14 下午 12:06:17 AMgr: Error executing agent 'DeleteExpiredDocs' in 'iam-store.nsf'. Agent signer 'Domino Template Development/Domino': You are not authorized to perform that operation
I am at my wits end!
I have a minimal install of Ubuntu Server 18.04 and OpenJDK 11 (headless).
Downloaded, to a local folder are the java 9+ binaries for Derby (db-derby-10.15.2.0-bin)
Path and Environment settings are all correct!
When I start the server startNetworkServer -h 0.0.0.0, I get an error when doing a simple connect using the ij command line tool
ij> connect 'jdbc:derby://localhost:1527/dbname;create=true';
ERROR XJ041: DERBY SQL error: ERRORCODE: 40000, SQLSTATE: XJ041, SQLERRMC: Failed to create database 'dbname', see the next exception for details.::SQLSTATE: XBM01::SQLSTATE: XJ001
The derby.log file makes reference to:
java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getenv.SOURCE_DATE_EPOCH")
Looking further into this error, I learned that I somehow need a security.profile. I found this website that seemed to be the answers to my problems. https://www.javacodegeeks.com/2020/04/apache-derby-database-jvm-security-policy.html
Following these pretty straight-forward instructions, I get:
java.security.AccessControlException: access denied
org.apache.derby.shared.common.security.SystemPermission( "engine", "usederbyinternals" )
For the next person who has this strange problem (it seems to happen with some regularity, here's a simple workaround, copied from this FAQ page at Chalmers Institute of Technology:
Q: When we try to create a database in Derby and the database explorer in NetBeans, we get one or more of the following error(s):
An error occurred while creating the database:
java.sql.NonTransientConnectionException: DERBY SQL error: ERRORCODE:
40000, SQLSTATE: XJ041, SQLERRMC: ...
Caused by: java.security.AccessControlException: access denied
("java.lang.RuntimePermission" "getenv.SOURCE_DATE_EPOCH")
A: This is some kind of missconfiguration in the JVM with a very aggressive security policy that doesn't allow applications to fetch the time on the system (since epoch). The solution is to edit ~/.java.policy or [java.home]/lib/security/java.policy and add the following:
grant {
permission java.lang.RuntimePermission "getenv.SOURCE_DATE_EPOCH", "read";
};
If you are on Windows you can read about where this policy file is supposed to be located here;
https://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html
Apache-Derby is a database management system prepared for a multi-user environment, therefore, when you execute the startNetworkServer -h 0.0.0.0 instruction, you are telling it by default to take certain security into account, and that is why it does not let you do an insecure connection such as ij> connect 'jdbc:derby://172.16.17.31:1527/BBDD_server;create=true';
because you are connecting without specifying username and password, so you should either connect by specifying username + password, or start the server without any security:
startNetworkServer -h 0.0.0.0 -noSecurityManager
More help:
https://db.apache.org/derby/docs/10.4/adminguide/tadminnetservopen.html
https://db.apache.org/derby/docs/10.4/adminguide/tadminnetservbasic.html
I am trying to run the Hyperledger fabric Tuna app and getting the below error when running the regiseterAdmin.js
Store path:/home/chaindev/.hfc-key-store
Error: Calling enrollment endpoint failed with error [Error: connect ECONNREFUSED 127.0.0.1:7054]
at ClientRequest.<anonymous> (/home/chaindev/fabricProjects/src/github.com/education/LFS171x/fabric-material/tuna-app/node_modules/fabric-ca-client/lib/FabricCAClientImpl.js:711:12)
at emitOne (events.js:116:13)
at ClientRequest.emit (events.js:211:7)
at Socket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
at Socket.emit (events.js:211:7)
at emitErrorNT (internal/streams/destroy.js:64:8)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
Failed to enroll admin: Error: Failed to enroll admin
The issue was occurring for me because I had the wrong Private Key name mentioned in the docker-compose.yml file
FABRIC_CA_SERVER_CA_KEYFILE=/etc/hyperledger/fabric-ca-server-config/4239aa0dcd76daeeb8ba0cda701851d14504d31aad1b2ddddbac6a57365e497c_sk
When I re-generated the artificats the key file name was changed and after correction everything worked fine.
Also thanks for rocket-fabric group for mentioning the commands on how to look for logs in docker container. Below commands can be useful to debug
docker ps -a
docker logs <ca container name>
The docs need be updated on this. Localhost 127.0.0.1 does not work for Docker For Windows and Docker Toolbox as they both give their run-time IP address on start of Docker (here taken as 192.168.1.2).
This start-up IP needs to be updated in the registerAdmin.js file (or in my case enrollAdmin.js file as referred in the Tutorial "Writing First App" ).
The enrollAdmin.js needs be updated in this line:
// be sure to change the http to https when the CA is running TLS enabled
fabric_ca_client = new Fabric_CA_Client('http://192.168.1.2:7054', tlsOptions , 'ca.example.com', crypto_suite);
The output certificate should be like:
Successfully enrolled admin user "admin"
Assigned the admin user to the fabric client :: "name":"admin","mspid":"Org1MSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment": "signingIdentity":"c198861140fc723abc058c70d23395a2d7b73c926ca673b53d713053aaade419","identity":{"certificate":"-----BEGIN CERTIFICATE-----\nMIICATCCAaigAwIBAgIUK/o2ege+nT73jK/NXSgYIKoZIzj0EAwIw\nczELM...QnCkD6AiApKxxU1maQIt1TKFl3KYZWGBNDSSa6SCbob7q1p5xfpQ==\n-----END CERTIFICATE-----\n"}}}
Similar problem solved here.
As your .hfc-key-store directory is in chaindev,
Try running the following commands:
$ cd ~/chaindev/
$ rm -rf .hfc-key-store/
Then, run the command:
$ node registerAdmin.js
This can also happen if the port in PeerAdmin#Org.card does not match the port in docker-compose.yaml, I had hard time finding solution to this problem.
Mismatch in connection protocols, either you have done fabric setup without TLS and trying to connect to CA using https protocol or vice-versa.
Run docker ps and check if all the docker containers are running or not.
If it is not running run it, if it fail, download the fabric binaries.
I have the same error.
I run networkDown.sh and the run startFabric.sh again.Then it succeeded.
I am fairly new to Linux (and brand new to chef) and I have ran into an issue when setting up my chef server. I am trying to create an admin user with the command
sudo chef-server-ctl user-create admin Admin Ladmin admin#example.com
examplepass -f admin.pem
but after I keep getting this error:
ERROR: Connection refused connecting...
ERROR: Connection refused connecting to https://127.0.0.1/users/, retry 5/5
ERROR: Network Error: Connection refused - Connection refused
connecting to https://..., giving up
Check your knife configuration and network settings
I also noticed that when I ran chef-server-ctl I got this output:
[2016-12-21T13:24:59-05:00] ERROR: Running exception handlers Running
handlers complete
[2016-12-21T13:24:59-05:00] ERROR: Exception
handlers complete Chef Client failed. 0 resources updated in 01 seconds
[2016-12-21T13:24:59-05:00] FATAL: Stacktrace dumped to
/var/opt/opscode/local-mode-cache/chef-stacktrace.out
[2016-12-21T13:24:59-05:00] FATAL: Please provide the contents of the
stacktrace.out file if you file a bug report
[2016-12-21T13:24:59-05:00] FATAL:
Chef::Exceptions::CannotDetermineNodeName: Unable to determine node
name: configure node_name or configure the system's hostname and fqdn
I read that this error is due to a prerequisite mistake but I'm uncertain as to what it means or how to fix it. So any input would be greatly appreciated.
Your server does not have a valid FQDN (aka full host name). You'll have to fix this before installing Chef server.
I'm running Ionic2 to build windows app. but it is giving me following error:
shell.js: internal error
Error: EBUSY: resource busy or locked, open 'C:\Users\edge\AppData\Local\Temp\shelljs_60d55c70cdc922162f4b'
at Error (native)
at Object.fs.openSync (fs.js:640:18)
at Object.fs.writeFileSync (fs.js:1333:33)
at execSync (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\node_modules\shelljs\src\exec.js:67:57)
at Object._exec (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\node_modules\shelljs\src\exec.js:179:12)
at Object.exec (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\node_modules\shelljs\src\common.js:168:23)
at Object.gatherGulpInfo (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\node_modules\ionic-app-lib\lib\info.js:201:24)
at Object.t (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\lib\utils\stats.js:148:15)
at Object.run (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\lib\cli.js:135:16)
at Object.<anonymous> (C:\Users\edge\AppData\Roaming\npm\node_modules\ionic\bin\ionic:13:10)
I sow a same error:
Ionic run android - Internal Error
But I don't want to remove my antivirus and reinstall nodeJS.
But when I restart my system and immediately after I run the command It works(Possibly some process takes time to execute which one access this resource)
Snapshot of process running on my system are as follows:
I faced the same issue , and resolved it by uninstalling bytefence anti malware . it actually use the same resource mentioned above .(I checked in dell laptop)