You are not logged in.

#1 2009-10-05 22:06:06

caldwellbailey
Member
Registered: 2008-05-27
Posts: 8

Cups hangs on upgrade to https [SOLVED]

Hey

I have edited my  cupsd.conf to allow remote configuration of my Cups server and can access the web interface through port 631.  My problem is when I click on the admin tab and then try to "upgrade" to https the page just hangs.  I also have the problem that when I try to restart the cups daemon it successfully kills it but then cannot start back up.  /var/log/cups/error_log shows the following.

I [05/Oct/2009:16:39:09 -0500] Generating SSL server key...

So I'm assuming that the ssl key could not be generated.  I've seen similar problems in other posts that are due to /etc/cups/ssl/server.crt being a broken link but I don't have the file at all.  If anyone could help me I would greatly appreciate it.

Thanks

here is my cupsd.conf

#
# "$Id: cupsd.conf.in 7199 2008-01-08 00:16:30Z mike $"
#
#   Sample configuration file for the Common UNIX Printing System (CUPS)
#   scheduler.  See "man cupsd.conf" for a complete description of this
#   file.
#

# Log general information in error_log - change "info" to "debug" for
# troubleshooting...
LogLevel info

# Administrator user group...
SystemGroup sys root


# Only listen for connections from the local machine.
port 631
Listen /var/run/cups/cups.sock

# Show shared printers on the local network.
Browsing On
BrowseOrder allow,deny
BrowseAllow all

# Default authentication type, when authentication is required...
DefaultAuthType Basic

# Restrict access to the server...
<Location />
  Order allow,deny
  Allow all
</Location>

# Restrict access to the admin pages...
<Location /admin>
  Encryption Required
  Order allow,deny
  Allow all
</Location>

# Restrict access to configuration files...
<Location /admin/conf>
  AuthType Default
  Require user @SYSTEM
  Order allow,deny
  Allow all
</Location>

# Set the default printer/job policies...
<Policy default>
  # Job-related operations must be done by the owner or an administrator...
  <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>

  # All administration operations require an administrator to authenticate...
  <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>

  # All printer operations require a printer operator to authenticate...
  <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs>
    AuthType Default
    Require user @SYSTEM
    Order deny,allow
  </Limit>

  # Only the owner or an administrator can cancel or authenticate a job...
  <Limit Cancel-Job CUPS-Authenticate-Job>
    Require user @OWNER @SYSTEM
    Order deny,allow
  </Limit>

  <Limit All>
    Order deny,allow
  </Limit>
</Policy>

#
# End of "$Id: cupsd.conf.in 7199 2008-01-08 00:16:30Z mike $".
#

Last edited by caldwellbailey (2009-10-07 18:03:33)

Offline

#2 2009-10-06 22:34:03

caldwellbailey
Member
Registered: 2008-05-27
Posts: 8

Re: Cups hangs on upgrade to https [SOLVED]

bump?

Offline

#3 2009-10-07 00:52:41

BurntSushi
Member
From: Massachusetts
Registered: 2009-06-28
Posts: 362
Website

Re: Cups hangs on upgrade to https [SOLVED]

I had this same problem. I know it can take a *long* time to general the SSL cert. For example:

I [21/Jan/2008:17:08:38 +0100] Generating SSL server key...
I [21/Jan/2008:17:32:21 +0100] Created SSL server key file
"/etc/cups/ssl/server                                                         
                   .key"...
I [21/Jan/2008:17:32:21 +0100] Generating self-signed SSL certificate...
I [21/Jan/2008:17:32:21 +0100] Created SSL server certificate file
"/etc/cups/ss                                                                 
           l/server.crt"...

If that doesn't work, check out: http://mybookworld.wikidot.com/print-server#toc2


Education is favorable to liberty. Freedom can exist only in a society of knowledge. Without learning, men are incapable of knowing their rights, and where learning is confined to a few people, liberty can be neither equal nor universal.

Tu ne cede malis sed contra audentior ito

Offline

#4 2009-10-07 18:03:02

caldwellbailey
Member
Registered: 2008-05-27
Posts: 8

Re: Cups hangs on upgrade to https [SOLVED]

Thanks for the reply, I'm not sure why but it worked today.  I read somewhere that the keys are generated based on the terminal input but considering it's a headless server it hasn't had much.  That could be the reason it was taking so long to generate a key and since i've been trying to get it to work it maybe just got enough input to generate one. Either way I'm not quite sure.  Thanks again.

Offline

#5 2010-03-21 16:41:10

waldek_a
Member
From: Munich, Germany
Registered: 2005-04-19
Posts: 85

Re: Cups hangs on upgrade to https [SOLVED]

I hit the same problem a few days ago, headless server, it seems the SSL key generation process relies on "kernel.randon.entropy_avail". one can see its value by executing

sysctl kernel.random.entropy_avail

on my server the value was very low, because it is populated by any kind of activity and there was not much happening on my server. It was enough to do a few "find" commands and then it worked.

explanation here:

http://burtonini.com/blog/computers/cup … 8-14-18-00

Offline

#6 2010-04-19 18:23:02

synthead
Member
From: Seattle
Registered: 2006-05-09
Posts: 1,326

Re: Cups hangs on upgrade to https [SOLVED]

How do I create an SSL key for cups?  There are no files in /etc/cups/ssl and I'm not sure what to do.  I'm having the same problem here, but sysctl kernel.random.entropy_avail reveals 39, which I guess is sufficient, right?


Touch my kernel

Offline

#7 2010-04-19 18:25:01

synthead
Member
From: Seattle
Registered: 2006-05-09
Posts: 1,326

Re: Cups hangs on upgrade to https [SOLVED]

Ooh, /var/log/cups/error_log is telling me this:

E [19/Apr/2010:14:03:51 -0400] Unable to set ACLs on root certificate "/var/run/cups/certs/0" - Operation not supported

Touch my kernel

Offline

Board footer

Powered by FluxBB