Sandeepan Nath's questions

We are trying to setup SSL on our application running on Wordpress, PHP, Apache. After doing the necessary configuration changes, we get the following error on curl command -

[root@www ~]# curl https://www.<domain name> -v
* About to connect() to www.<domain name> port 443 (#0)
*   Trying 192.168.1.5...
* Connected to www.<domain name> (<domain IP>) port 443 (#0)
* Initializing NSS with certpath: sql:/sql/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
* NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG)
* SSL received a record that exceeded the maximum permissible length.
* Closing connection 0
* curl: (35) SSL received a record that exceeded the maximum permissible length.
[root@www ~]#

We noticed the .crt file name here (/etc/pki/tls/certs/ca-bundle.crt) is different from what we have set in the SSL config file - /etc/pki/tls/certs/<domain name>.crt.

We followed these steps -

• Found the effective httpd.conf file using ps aux | grep httpd
• Configured SSLCertificateFile and SSLCertificateKey in apache/conf/ssl.conf -

https://freeimage.host/i/UQ6Zxt

• Made changes to httpd.conf -

  Listen 443

  ServerName www.<domain name>:443

• Restarted httpd service.

Also checked that PHP configurations shows the following on phpinfo() output -

Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2
openssl
Openssl default config => /etc/pki/tls/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value

On checking this file, we found -

[ CA_default ]

dir             = /etc/pki/CA           # Where everything is kept
certs           = $dir/certs            # Where the issued certs are kept
crl_dir         = $dir/crl              # Where the issued crl are kept
database        = $dir/index.txt        # database index file.
#unique_subject = no                    # Set to 'no' to allow creation of
                                        # several ctificates with same subject.
new_certs_dir   = $dir/newcerts         # default place for new certs.

certificate     = $dir/cacert.pem       # The CA certificate
serial          = $dir/serial           # The current serial number
crlnumber       = $dir/crlnumber        # the current crl number
                                        # must be commented out to leave a V1 CRL
crl             = $dir/crl.pem          # The current CRL
private_key     = $dir/private/cakey.pem# The private key
RANDFILE        = $dir/private/.rand    # private random number file

Here as well, I don't see the .pem and .crt files that are being referenced in the curl output, so I am clueless.

I have checked this question as well and verified Open ssl extension loaded using https://www.php.net/manual/en/function.extension-loaded.php.

The network/server administration team that provided the above details said that something configured at Wordpress end could be causing this scenario. Do you think this makes sense?

Update

Following is also set on ssl.conf file of Apache -

SSLEngine on

Also, following is the entire ssl.conf file (removing all commented lines) -

Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout  300
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

<VirtualHost _default_:443>
DocumentRoot "/var/www/html"
ServerName www.<domain name>:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
SSLHonorCipherOrder on
SSLCertificateFile /etc/pki/tls/certs/<domain name>.crt
SSLCertificateKeyFile /etc/pki/tls/private/<domain name>.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

I need PEAR installed. So, I tried running the go-pear batch file inside by PHP extract. But it gives this error -

The program can't start because php_pdo.dll is missing from your computer. Try reinstalling the program to fix this.

But I have that dll file inside \ext folder. My environment variables have the path D:\php5 (I added it) and in my php.ini I have the following paths -

include_path =".;D:\php5\PEAR"
extension_dir = "D:\php5\ext"

Which are all valid. And I have the php_pdo.dll file present inside D:\php5\ext.

Any pointers guys?

Further details
I have a 64-bit system with Windows 7 running. I took PHP 5.2.17 VC6 from http://windows.php.net/download/ -> VC6 x86 Thread Safe. It worked fine. - Then I took the php.ini file of a teammate (having PHP version 5.3.6) and overwrote mine. He has his system completely setup and I am setting up mine. Earlier I had simply copied his PHP installation folder but later got problems like -

PHP Warning: PHP Startup: Unable to load dynamic library 'D:\\php5\\ext\\php_curl.dll' - The operating system cannot run %1.\r\n in Unknown on line 0

The problem got fixed by taking a fresh PHP download. Check https://stackoverflow.com/q/1343514/351903 for a similar issue.

• Okay, now, after taking the fresh download, I needed to have all the project specific config changes like my teammate, for which I need to have PEAR installed, which is why I was trying to run that batch file.

I am stuck again with apache setup guys. I am working on a 64-bit system running Windows 7 professional with service pack 1. I copied the working php5 installation directory from teammates, copied the necessary .dll files from inside php5 installation folder (like they were in the working setup of teammates) to my windows/system32/. Apache server started successfully with the default apache config (httpd.conf) file. I was able to access localhost in browser. But php code was not parsing. I noticed no such line like the following in the apache config file:-

# PHP5 module
LoadModule php5_module D:/php5/php5apache2_2.dll

If I add this line, apache server start fails. Running test configuration gives the following error -

httpd.exe: Syntax error on line 60 of C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/httpd.conf: Cannot load D:/php5/php5apache2_2.dll into server: The specified procedure could not be found.  

But the php5apache2_2.dll file is there in the specified location and I have given all permissions to the current system user to the php5 installation directory. The same line also appears in the apache error log. Another thing here is that I am not sure when exactly logs are written to the log file. I am confused if log entries are not made if I have opened the log file for reading? lol ... because I could not observe a pattern in when entries are made. I saw some log entries being made, some not. But that is a separate problem for now.

I had previously setup apache, php on the same system, on another hard disk. I had followed the same steps like I followed now and it did setup successfully, although after a lot of head-scratching, like the log file entry confusion I wrote above. I don't remember how exactly I fixed it earlier. But, I tried with the same apache config file (the one which was working earlier on the previous setup on the old hard disk - had taken a backup), but it still gives the same error.

Update
I read http://us3.php.net/manual/en/install.windows.apache2.php and added AddHandler application/x-httpd-php .php right after LoadModule php5_module "D:/php5/php5apache2_2.dll". Still no success.

I also read this blog where some VC6 and VC9 binaries are mentioned. I don't know about them. Do I need to do something about that?

Further Update
I downloaded apache from http://httpd.apache.org/download.cgi - the "Win32 Binary without crypto (no mod_ssl) (MSI Installer)" option.

I have JRE installed on my system. In fact, Eclipse IDE for Java, which also needs JRE, is already running. Now I tried running Eclipse for PHP and it says -

A JRE or JDK must be available in order to run eclipse. No Java virtual machine was found after searching the following locations:

D:\setups\eclipse for php\eclipse\jre\bin\java.exe
java.exe in your path

I think I just need to correct the path to JRE in the config somewhere. Where to do it? I know the path of the JRE exe file.

Also, how to check in command line, which version of JRE is running?

Thanks.

I am using Apache 2.2 server, PHP 5.3.6 on a Windows 7 OS running on a 64-bit system.

On starting Apache server, this error appears in the apache error log-

PHP Warning: PHP Startup: Unable to load dynamic library 'D:\php5\ext\php_curl.dll' - The specified module could not be found.\r\n in Unknown on line 0

Following are the other extensions mentioned in the php.ini file -

extension=php_curl.dll
extension=php_gd2.dll
extension=php_mbstring.dll 
extension=php_mysql.dll
extension=php_xsl.dll
extension=php_memcache.dll

Echoing phpinfo() does not show the curl extension loaded, but the others are loaded.

The php_curl.dll file is however present in the correct location along with the others - D:\php5\ext\php_curl.dll

phpinfo() shows that

extension_dir = D:\php5\ext

So, that also is correct.

Some more details

I am a new member in this team and I had setup Apache, PHP separately on this Windows 7 system and everything was working fine.

Our project needed a lots of httpd conf changes, so I was asked to simply overwrite the httpd conf file with the team's current version. I did the same and just changed the ServerName, ServerAdmin etc. I also copied their PHP installation directory.

Everything other than this extension is working fine.

I am trying to configure apache on a 64-bit system running Windows 7. I installed apache using a win-32 installer (32-bit installer, which I guess is the reason behind problems). The installation was successful and I can browse to localhost in the browser.

Problem
But, I am not sure where to do the apache config changes. There is one httpd-win file inside \Apache Group\Apache2\conf\ but no httpd.conf file. I did some changes inside the httpd-win file but the changes are not taking effect.

For example I tried to change the port number to fix one problem of apache not starting if skype is already running on my system. I changed the following line -

Listen @@Port@@

to

Listen 8080

But, still if skype is already running, apache does not start. Also, if I type some garbage in the file and restart apache, it works fine. I expected it to not run due to syntax errors.

Is it possible that all these problems are because I installed 32-bit apache on 64 -bit system. I also searched for 64-bit installer but did not find one yet. Can anybody tell me where to find one? Please correct me if I am wrong somewhere.

There are download sections for PECL extensions in http://pecl.php.net/ But I am not getting install steps for PECL *itself**. Following command does not work -

yum intall pecl

In my system, I have PECL installed, so I can install PECL extensions like this-

pecl install mailparse

But, in a system where running pecl command does not recognize the same, how to install PECL first on a Fedora 7 system (old system).

I am setting up a new project on my development system and am stuck with creating the database. I have a large .sql file to create the database with.

At first I created an empty database called adpsnet_Directory and executed this command -

mysqldump -uroot -p  adpsnet_Directory < adpsnet_Directory.sql 

But it displays this and nothing actually happens -

-- MySQL dump 10.13  Distrib 5.1.41, for pc-linux-gnu (i686)
--
-- Host: localhost    Database: adpsnet_Directory
-- ------------------------------------------------------
-- Server version       5.1.41

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

-- Dump completed on 2011-02-28 20:48:56

Then I read here that the above command works only if the database does not exist. I was having an empty database. So, I dropped that database but got this error -

-- MySQL dump 10.13  Distrib 5.1.41, for pc-linux-gnu (i686)
--
-- Host: localhost    Database: adpsnet_Directory
-- ------------------------------------------------------
-- Server version       5.1.41
 ...
...
...

mysqldump: Got error: 1049: Unknown database 'adpsnet_Directory' when selecting the database

Then I tried the following command in the presence and absence of the empty database -

mysqlimport -uroot adpsnet_Directory adpsnet_Directory.sql

And the results -

Presence -

mysqlimport: Error: 1146, Table 'adpsnet_Directory.adpsnet_Directory' doesn't exist, when using table: adpsnet_Directory

Absence -

mysqlimport: Error: 1049 Unknown database 'adpsnet_Directory'

It is pretty late here and I am not getting what is happening. Any pointers please... What am I missing?

Thanks

I have two php.ini files -

• /etc/php.ini which loads in case of cli
• /opt/lampp/etc/php.ini which loads in case of browser.

I am able to use PHP's Mailparse extension after adding the line extension=mailparse.so in the /opt/lampp/etc/php.ini and restarting lampp.

But I am not able to load the same in case of command line -

getting PHP Fatal error: Call to undefined function mailparse_msg_create() in ...

mailparse_msg_create() is a part of the Mailparse extension.

I tried by relogging with the user after making the change and even restarting the system. What needs to be done so that the change takes effect.

Update

I checked that php -i | grep 'Configuration File' gives

PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/mailparse.so' - /usr/lib/php/modules/mailparse.so: cannot open shared object file: No such file or directory in Unknown on line 0
Configuration File (php.ini) Path => /etc
Loaded Configuration File => /etc/php.ini

Update 2
I copied the mailparse.so from /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626 and put it in /usr/lib/php/modules. I added extension=mailparse.so to /etc/php.ini as well. But it still showed this warning

PHP Warning:  PHP Startup: Unable to load dynamic library ...  

As told by Lekensteyn, I did

ldd /usr/lib/php/modules/mailparse.so

and got

ldd: warning: you do not have execution permission for /usr/lib/php/modules/mailparse.so'

So I gave execute permission. Then

ldd /usr/lib/php/modules/mailparse.so

showed

linux-gate.so.1 => (0x00110000) libc.so.6 => /lib/libc.so.6 (0x0011d000) /lib/ld-linux.so.2 (0x003aa000)

which looks normal. BUt now, running php command says

PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/mailparse.so' - /usr/lib/php/modules/mailparse.so: undefined symbol: mbfl_name2no_encoding in Unknown on line 0

I am putting this question basically because I want to use PHP: Mailparse extension and stuck in its installation. But, I also want to know some basics of PHP extension installation - Please check bottom - Basic Question regarding extension installation. This may be a silly question but I still have lots of confusion in these things and always get stuck at important times. So please excuse me and help me if you can

I tried the following methods to install Mailparse extension -

Recompiling PHP
I tried to go for recompiling PHP with mailparse extension but I am unable to do that so far - check https://serverfault.com/questions/227976/on-which-location-to-run-configure-while-recompiling-php.

PECL command install
I was thinking since it is a PECL extension, could it be installed through pecl install mailparse command? On running that command it starts the process -

downloading mailparse-2.1.5.tgz ...
Starting to download mailparse-2.1.5.tgz (37,332 bytes)
..........done: 37,332 bytes
9 source files, building
running: phpize
grep: /opt/lampp/include/php/main/php.h: No such file or directory
grep: /opt/lampp/include/php/Zend/zend_modules.h: No such file or directory

But I finally get this in the end and it fails -

...
...
/tmp/pear/temp/mailparse/php_mailparse.h:113: error: declaration for parameter 'def_charset' but no such parameter
/tmp/pear/temp/mailparse/mailparse.c:1540: error: expected '{' at end of input
make: *** [mailparse.lo] Error 1
ERROR: `make' failed

Downloading mailparse package
Also, they provide mailparse package download option here http://pecl.php.net/package/mailparse. I downloaded it but not sure where to put it and how to install it.

Basic Question regarding extension installation
So, are all these methods of installing an extension valid? If so why do they say in PHP: Mailparse extension that -

In order to use these functions you must compile PHP with mailparse support by using the --enable-mailparse configure option.

Is it because this extension has been moved to the PECL repository. For other PHP extensions which are not moved to PECL repository is it mandatory to recompile PHP?

Thanks

My Fedora system is connected to the internet through a proxy server and we have IPs assigned to every system connected via LAN - mine has 192.168.0.103 (by the way, what is this kind of IP called? the technical term? Anybody). I was trying to setup smartsvn and found that SSH was stopped which is why it was not working. You may check my previous question SmartSVN - Unable to create new repository profile.

sshd was stopped on my system. Trying ssh [email protected] was saying Connection refused. Then the fllowing things happened - I don't remember the exact sequence in which they happened -

• I did service sshd start and then I got password prompt on trying to ssh.
• I entered the correct password of root user but it kept denying saying - Permission denied, please try again..
• I probably restarted sshd and it stopped asking for password on doing ssh [email protected] and kept showing ssh_exchange_identification: Connection closed by remote host instead.

I checked this solution ssh_exchange_identification: Connection closed by remote host and found that -

• my IP was present in /etc/hosts.deny - sshd: 192.168.0.103
• There were failed login attempts in /var/log/secure.

So I deleted these things from both these files. After that, ssh [email protected] prompted for password again but again the same problem. Entering correct password says - Permission denied, please try again.

In that file it is written

> This file describes the names of the
> hosts which are
> #     *not* allowed to use the local INET services, as decided
> #     by the '/usr/sbin/tcpd' server.

But that file cannot be viewed in text. Seems like some more setting needs to be corrected where it is set to disallow this IP for SSH connection. What do I need to fix?

I tried ssh connection from other systems connected via LAN. Permission denied to them too. I logged out and logged in after doing those file changes, restarted sshd and confirmed that those two files do not contain any such thing now.

But still not working. What am I missing. Any pointers?

Thanks,
Sandeepan

I need to put export PATH=$PATH:/opt/lampp/bin to my ~/.bash_profile file so that mysql from command line works on my system. Please check mysql command line not working for further details on that.

I am working on a fedora system and logged in as root user.

If I run locate .bash_profile then I get these:-

/etc/skel/.bash_profile
/home/sam/.bash_profile
/home/sohil/.bash_profile
/home/windows/.bash_profile
/root/.bash_profile

So, I modified the /root/.bash_profile file like this:-

from

PATH=$PATH:$HOME/bin
export PATH

to

PATH=$PATH:/opt/lampp/bin
export PATH

But, still the change is not taking effect - Opening a new console and running mysql again says bash: mysql: command not found.

However running export PATH=$PATH:/opt/lampp/bin in console makes it work for that session. So, I am doing something wrong with the .bash_profile file. May be editing incorrect one or doing the edit incorrectly.

Update

Before doing the above edit, I also tried by just adding export PATH=$PATH:/opt/lampp/bin at the end like this:-

From

PATH=$PATH:$HOME/bin
export PATH

to

PATH=$PATH:$HOME/bin
export PATH=$PATH:/opt/lampp/bin

But it didn't work. What am I missing?

Thanks,
Sandeepan

I have mysql running in my fedora system. I have xampp setup on the system and php projects present in the webspace are working fine. PhpMyAdmin is working fine. echoing phpinfo() in a PHP script also shows mysql enabled. But running mysql connect command

mysql -u[username] -p[password]

Gives this -

bash: mysql: command not found

How do I fix that? Any pointers?

I guess I need to do some pointing (define some path in some file) so that my system knows that mysql is installed. What exactly do I have to do?

Additional Details
This system was someone else's and he is not available here. May be PHP/Mysql was setup already in the system. I just freshly extracted xampp for linux into /opt/lampp/ and have put all the above mentioned things (PHP projects and PhpMyAdmin) there. After doing that I had a socket problem (PhpMyAdmin was not working and showing this)-

#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured) 

I restarted lampp using ./lampp restart but problem remained. Then after turning on system today, I started lampp and everything worked just fine. No project issues anymore only command line Mysql not working

I have just installed SmartSVN on this fedora system.

The application starts (on running ./smartsvn.sh) with its usual UI but many things are not working.

Creating New repository profile
Trying to create a new repository profile (Repositories-> Repository Profiles-> Add)

An Error occurred while processing an SVN command - 
Cannot connect to 'svn+ssh://192.168.0.103': There was a problem while connecting to 192.168.0.103:22

Quick Checkout
Trying to do Quick Checkout (less configuration)

An Error occurred while processing an SVN command -
 Malformed XML.

Some Observations
When I run the smartsvn.sh file like this:-

./smartsvn.sh

It shows this in the console -

Warning: /bin/java does not exist
Could not lock /root/.smartsvn/_lock_
Switched to running instance

I was using SmartSVN in another system before this where it was working. There too, it was showing the warning like Warning: /bin/java does not exist but this part was not showing:-

Could not lock /root/.smartsvn/_lock_ Switched to running instance

I have only JRE installed in both the systems and not JDK. Eclipse IDE which also needs only JRE is running perfectly fine. So, what could be the reason? Any pointers?

Updates
I have just confirmed that it is a smart svn issue. Command line svn is working fine on my system. I created a repository and did a successful checkout.

Thanks,
Sandeepan

I my shell script, I am trying to remove password prompt for scp command (as given in https://stackoverflow.com/questions/459182/using-expect-to-pass-a-password-to-ssh/459225#459225) and this is what I have so far :-

#!/usr/bin/expect
spawn scp $DESTINATION_PATH/exam.tar $SSH_CREDENTIALS':/'$PROJECT_INSTALLATION_PATH
expect "password:"
send $sshPassword"\n";
interact

On running the script, I am getting errors

spawn: command not found
send: command not found
interact: command not found

I was also getting error expect: command not found also, then I realised the path to expect was not correct and expect was not installed at all. So, I did yum install expect, corrected the path and the error was gone. But not able to remove the other 3 errors still.