Menu
▾
▴
Re: [Ejbca-develop] EJBCA Community 6.10.1.2 : Database problem while install
|
From: Christian F. <pu...@fe...> - 2018-03-04 15:50:09
|
Tomas,
all configurable passwords are created by that snippet:
pwgen() {
NEW_PASSWORD=$(dd if=/dev/urandom bs=1 count=64 2> /dev/null |
sha512sum | awk '{print $1}' | tr -d "\n")
if [ -z "$NEW_PASSWORD" ]; then
echo "Created empty password - very bad"
exit 1
fi
echo -n "${NEW_PASSWORD}"
}
keystorepass=$(pwgen)
truststorepass=$(pwgen)
httpsserver_password=$(pwgen)
cmskeystorepass=$(pwgen)
at least sha512sum ends up with a password of 128 bytes. For complete
script, see https://github.com/ip6li/ejbca-setup which is also enclosed
in EJBCA itself. In EJBCA enclosed script is for EJBCA 6_5.0.5
(bin/extra/ejbca-setup.sh).
Complete error message which occurs at phase ant runinstall:
[java] Caused by: java.sql.SQLException: Data too long for column
'clearPassword' at row 1
[java] Query is: update UserData set cAId=?, cardNumber=?,
certificateProfileId=?, clearPassword=?, endEntityProfileId=?,
hardTokenIssuerId=?, keyStorePassword=?, passwordHash=?, rowVersion=?,
status=?, subjectAltName=?, subjectDN=?, subjectEmail=?, timeCreated=?,
timeModified=?, tokenType=?, type=?, extendedInformationData=?,
rowProtection=? where username=? and rowVersion=?, parameters
[1402720174,<null>,9,'OBF:185b1j6b1i291jkl1awr194y1sor19xc1k191s3g1irx1
9xg1san1j631igh1svw18jj1idp1iz018xp1a4h1kff1apq1hzj1awv19xg19q11j8x19c5
1t331j8z1rpc1ikq1ju81irz1iz21bi61ink19j21a4n1iut1i9a18jl1j1u1ail19bz1ap
w19xg1idt1igj19xg1sho1s3k1abc1k171j8t1jro1jdg185b19q51ju41iur1jrm1jn11j
kh1ju41irv1jrm19q9185b1jfu1ju21j691jyr1abq1s3i1shu19x61idn1igd19x61apm1
9bz1aip1iz018jh1i6o1irt1a4719j41iku1bi81j1s1iun1jri1ino1rpa1j631t3319bt
1j6519qd19x61awv1i271aps1kcz1a4d18xt1j1u1igh18jj1sw21idp1j8z1san19x61iu
p1s3m1jyp19xa1soz194s1awz1jmx1hzh1j8r185b',1,0,<null>,'$2a$01$NZXr1YAF9
b01pfDzgp1j2O5K2JDQq0OfzfXpBrwEwInJVhj0qYLyi',1,10,'dnsName=ejbca.examp
le.com',...
Same happens with smaller passwords.
Christian
Am Sonntag, den 04.03.2018, 13:06 +0100 schrieb Tomas Gustavsson:
> Hm, sounds more that it's something with the script. Using a password
> longer than 250 characters sounds really excessive to me. What in the
> script generates such a long password?
>
> When does the error occur?
>
> Do you use the script provided with EJBCA, or some external version?
>
> Regards,
> Tomas
>
>
> On March 4, 2018 11:53:04 AM GMT+01:00, Christian Felsing via Ejbca-
> develop <ejb...@li...> wrote:
> > Hello,
> >
> > while testing ejbca-setup with 6.10.1.2 following problem occurs
> > while
> > install process:
> >
> > Data too long for column 'clearPassword' at row 1
> >
> > which is caused by a SQL declaration for clearPassword with a
> > length of
> > 250. Wildfly log shows a real length of 517. For now a very nasty
> > hack
> > in ejbca-setup fixes that:
> >
> > doPatch() {
> > if [ $EJBCA_RELEASE == "6_10_1_2" ]; then
> > cd ejbca || exit 1
> > sed -i.bak 's/<basic fetch="EAGER" name="clearPassword"><column
> > name="clearPassword" column-definition="VARCHAR(250)
> > BINARY"\/><\/basic>/<basic fetch="EAGER"
> > name="clearPassword"><column
> > name="clearPassword" column-definition="VARCHAR(1000)
> > BINARY"\/><\/basic>/g' modules/ejbca-entity/resources/orm-ejbca-
> > mysql.xml || exit 1
> > echo "patch for 6_10_1_2 applied"
> > cd ..
> > fi
> > }
> >
> >
> > Christian
> >
> >
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> >
> > Ejbca-develop mailing list
> > Ejb...@li...
> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop
|
