#26 mounting failed

closed
5
2007-01-06
2006-11-14
Anonymous
No

I am running sled10 and I installed the binary version of davfs. I tried symlinking the certs directory and then as root (just as an initial test), I tried mounting to my secure webdav server but the mount failed. What simply thing am I missing? Below are some snapshots of mount and the log file.

The server certificate is not trusted.
Server identity: xxxxxxx
Issuer: Equifax Secure Inc., US
Subject: Domain Control Validated - QuickSSL(R), See www.geotrust.com/resources/cps (c)05, businessprofile.geotrust.com/get.jsp?GT17610841, xxxxxxx.com, US
Fingerprint:

You only should accept this certificate, if you can
verify the fingerprint! The server might be faked
or there might be a man-in-the-middle-attack.
Accept certificate for this session? [y,N] y
/sbin/mount.davfs: Mounting failed: Can not connect to the server.
itlaptop1:/etc/ssl/certs #

/var/log/messages:
Nov 14 15:40:40 itlaptop1 mount.davfs: The server certificate is not trusted.
Nov 14 15:40:40 itlaptop1 mount.davfs: identity: xxxxxxxx.com
Nov 14 15:40:40 itlaptop1 mount.davfs: issuer: Equifax Secure Inc., US
Nov 14 15:40:40 itlaptop1 mount.davfs: subject: Domain Control Validated - QuickSSL(R), See www.geotrust.com/resources/cps (c)05, businessprofile.geotrust.com/get.jsp?GT17610841, xxxxxx, US
Nov 14 15:40:40 itlaptop1 mount.davfs: Accepted by user.
Nov 14 15:40:41 itlaptop1 kernel: coda_read_super: device index: 0
Nov 14 15:40:41 itlaptop1 kernel: coda_read_super: rootfid is (01234567.ffffffff.081c5718.00000000)
Nov 14 15:40:41 itlaptop1 kernel: coda_read_super: rootinode is -1886444185 dev coda

Discussion

  • Werner Baumann

    Werner Baumann - 2006-11-16

    Logged In: YES
    user_id=1260327
    Originator: NO

    This maybe two different problems:

    Certificate
    -----------
    mount.davfs propably does not find the certificate of Equifax. Maybe the link does not point to the correct location, maybe there is no or not the matching certifcate of Equifax in the store. Maybe there is something wrong with the server certificate.

    Connection failed
    -----------------
    As you accepted the certificate the connection should succeed. Possible reasons for failing: A protocoll error by either mount.davfs or the server (not very likely), wrong or mistyped credentials, the server does not like the requests from mount.davfs.

    How do find the reason for the failure
    --------------------------------------
    - Use a browser to connect to the server. If this succeeds, the correct certificates are installed.

    - 'ls -l /usr/lib/ssl/certs' to see if there are Equifax certificates

    - you may use the s_client command of the openssl tool to connect to the server. This will print a lot of information that are helpful for debugging. Please see the man page for details. A basic command could be:
    'openssl s_client -CApath /etc/ssl/certs/ -connect xxxxx.com:443'
    If the connection succeeds you should type:
    GET / HTTP/1.1
    host: xxxxxx.com <hit return two times>

    The server should respond with some 'Authorisation required' message.

    You may send the messages from openssl s_client (after replacing all confidential information with xxxx).

    Another aproach:
    While the binary version seems easyer to install, there is the danger that it will not fit your system (I have built it on Debian/Sarge).
    Building davfs2 from the source package on your system has the advantage that mount.davfs will use the libraries of your system (e.g. there will be no need for this symbolic link). If there are hard to detect problems, you can configure it with option --enable-debug and it will print a lot of debug messages into the log files.

    If there is a RPM for sled, this may avoid incompatibilities too, but maybe it is an older version of davfs2 with older bugs.

    Greetings
    Werner

     
  • Werner Baumann

    Werner Baumann - 2006-11-18
    • assigned_to: nobody --> wbaumann
     
  • Werner Baumann

    Werner Baumann - 2007-01-06
    • status: open --> closed
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks