Jump to content
PLEASE READ - Webmaster Support Forum
This forum will be retired in the near future. Please direct all queries to our dedicated GitHub support page https://github.com/vatsimnetwork/developer-info/discussions 
Here you can find documentation on our services and we are continuing to migrate pertinent information into the Wiki pages https://github.com/vatsimnetwork/developer-info/wiki

SSO RSA-SHA1 key generate probrem.


Masayoshi Yamamoto 1245671
 Share

Recommended Posts

Hi. SSO Administrator

 

I am VATJPN Webmaster.

We are constructing new VATJPN website using vatsim SSO System.

 

I want generate RSA-SHA1 key by "OpenSSL 1.0.1e-fips 11 Feb 2013"

 

openssl rsa -in keyname.pem -pubout > keyname.pub
openssl genrsa -out keyname.pem 2048

but it shows following error "Your RSA key appeared to be in an incorrect format."

 

I'm sorry to trouble you. Please tell me if you know how to fix it.

mail: [email protected]

 

Sorry poor english.

VATSIM C1 Controller

VATJPN Webmaster ([email protected])

Link to comment
Share on other sites

  • 7 months later...

I'm going to [Mod - Happy Thoughts]ume you're talking about getting that error when updating your RSA key in the SSO interface, not actually on the key generation.

 

I presume you're simply not putting the right thing in the right place. You should be putting the public key output into the SSO field (with no spaces, extra info etc).

 

Also worth noting that the 2 commands are the wrong way around, so make sure you're actually generating an RSA keypair with a public key being generated out of it.

Link to comment
Share on other sites

I'm not quite sure what 'live' means in this context; naturally, the site needs to have access to the internet in order to communicate with VATSIM SSO.

 

Your site needs to be connecting from one of your specific authorised IP addresses, and using the correct RSA key that you have generated and registered. Have you checked both these things?

Link to comment
Share on other sites

We have set all that up in terms of authorized keys on https://cert.vatsim.net/SSO

 

In the configuration on the moodle sso which is server side I have it set to HMAC. Is it ok I leave that as HMAC or does that need to change to RSA. If it needs to change to RSA im guessing I need to specify the correct public key there no?

Jonathan Aquilina 1336916

ACCMAL 9 - Webmaster

Link to comment
Share on other sites

You can set up your site to use RSA or HMAC as your authentication method, but these can be enabled/disabled in the site settings. Please could you check your settings on the SSO control panel to be sure you have the right authentication method(s) enabled?

 

We have HMAC set on the SSO control panel as well as in the moodle SSO configuration and yet the white screen persists.

Jonathan Aquilina 1336916

ACCMAL 9 - Webmaster

Link to comment
Share on other sites

You can set up your site to use RSA or HMAC as your authentication method, but these can be enabled/disabled in the site settings. Please could you check your settings on the SSO control panel to be sure you have the right authentication method(s) enabled?

 

We have HMAC set on the SSO control panel as well as in the moodle SSO configuration and yet the white screen persists.

 

The white screen whilst on your own domain? What's the output if you enable error reporting? What do your server logs say?

0
Link to comment
Share on other sites

This forum is specifically for support with SSO integration, rather than general web development discussion. You will need to ask whoever does your PHP development to debug the problem further - they should also be able to see if there are any problems apparent in the logs.

 

The PHP sample code provided for SSO includes error handling, which will let your system know the details of any problems that are occurring with the SSO communication, if that's where the problem lies. If after debugging there is a specific problem with SSO that you can't solve, please let us know.

Link to comment
Share on other sites

This forum is specifically for support with SSO integration, rather than general web development discussion. You will need to ask whoever does your PHP development to debug the problem further - they should also be able to see if there are any problems apparent in the logs.

 

The PHP sample code provided for SSO includes error handling, which will let your system know the details of any problems that are occurring with the SSO communication, if that's where the problem lies. If after debugging there is a specific problem with SSO that you can't solve, please let us know.

 

Jamie, I am using Kieran's code from his github repository for moodle SSO. I am the webmaster for Malta and I am doing all the coding. I will try to figure out how to add error handling but all I am doing is uploading the moodle SSO authentication code into the moodle authentication directory. I am enabling the plugin and setting the consumer key secret key and if its HMAC or RSA and pointing the server to https://cert.vatsim.net/sso

 

At this point I have not done any custom code on our website for SSO that is still in the pipeline.

Jonathan Aquilina 1336916

ACCMAL 9 - Webmaster

Link to comment
Share on other sites

To answer your question. Once someone logs into moodle through the SSO they are a normal user. How can I grant moodle administrative access to certain users that login with the SSO.

 

Now to the initial steps to fix the issue.

 

1) I disabled SSO temporariliy so I can login to moodle.

2) Enabled Developer debug

3) Reenabled the SSO plug

4) Debugged the error messages that were presented when testing

5) BAM SSO worked.

 

As an additional side note Kieran's repository says that it works on 2.7.x version of moodle. I have successfully gotten this to work on 2.8.9. So it is safe to say 2.7.x + versions of moodle will work with the current SSO code for moodle in Kieran's repository.

Jonathan Aquilina 1336916

ACCMAL 9 - Webmaster

Link to comment
Share on other sites

 Share

×
×
  • Create New...