You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I had a problem with getting the est server to start.
To Reproduce:
Host directory setup:
Dockerfile
libest/
# where libest it a clone of the repo, which in this case is at:
# commit f8a6e5b53a5f70e72fe4029981df0693b17cbb32 (HEAD -> main, origin/main, origin/HEAD)
Dockerfile:
FROM ubuntu:latest
RUN apt update
RUN apt install -y build-essential
RUN apt install -y openssl libssl-dev libsafec-dev
ARG DEBIAN_FRONTEND=noninteractive
RUN apt install -y pkg-config
RUN apt install -y net-tools
COPY libest libest
RUN cd libest; ./configure --with-system-libsafec; make; make install
RUN cd libest/example/server; ./createCA.sh
To run
docker build -t estserver .
docker run -it estserver
# then in the image
root@3ee56ea7e92f:/# cd libest/example/server
root@3ee56ea7e92f:/libest/example/server# ./runserver.sh
Using OpenSSL 1.1.1f 31 Mar 2020
***EST [INFO][est_log_version:231]--> libest 3.2.0p (API level 4)
***EST [INFO][est_log_version:235]--> Compiled against OpenSSL 1.1.1f 31 Mar 2020
***EST [INFO][est_log_version:236]--> Linking to OpenSSL 1.1.1f 31 Mar 2020
***EST [ERROR][est_server_init:3225]--> Length of ca_chain doesn't match ca_chain_len
/libest/src/est/.libs/libest-3.2.0p.so(+0xbed0) [0x7fc4ea033ed0]
/libest/src/est/.libs/libest-3.2.0p.so(est_server_init+0x247) [0x7fc4ea041c37]
/libest/example/server/.libs/estserver(+0x8af8) [0x5608e2766af8]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf3) [0x7fc4e9ace0b3]
/libest/example/server/.libs/estserver(+0x96ce) [0x5608e27676ce]
Unable to initialize EST context. Aborting!!!
root@3ee56ea7e92f:/libest/example/server#
Out of curiosity I replaced EST_CA_MAX with 32000 and it fell to the next error on about line 3234.
***EST [ERROR][est_server_init:3234]--> Actual length of cacerts_resp_chain does not match passed in length value
So I did the same there and it appears to get to the point of waiting for connections:
***EST [INFO][ossl_init_cert_store_from_raw:257]--> Cert being added to trust store: CN = estExampleCA
***EST [INFO][ossl_init_cert_store_from_raw:257]--> Cert being added to trust store: CN = estEXTERNALCA
Retry period being set to: 300
Disabling PoP check
Launching EST server...
***EST [INFO][set_ssl_option:1409]--> Using default ECDHE curve (prime256v1)
***EST [INFO][set_ssl_option:1459]--> TLS SRP not enabled
##Image details:
uname -a
Linux 24ef38b9e87a 5.10.47-linuxkit #1 SMP Sat Jul 3 21:51:47 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
I stared to do some digging but ran out of time so I ended up rebuilding with: --disable-safec
Let me know if you need any more information.
The text was updated successfully, but these errors were encountered:
Hi,
I had a problem with getting the est server to start.
To Reproduce:
Host directory setup:
Dockerfile:
To run
So with respect to the following line,
libest/src/est/est_server.c
Line 3223 in f8a6e5b
I added added a print statement:
printf("len: %d, sizeof(size_t): %d, EST_CA_MAX: %d\n\n strlen(ca_chain): %d\nCA:\n%s\n\n", len, sizeof(size_t), EST_CA_MAX, strlen((char *)ca_chain), (char *)ca_chain);and got the following:
Out of curiosity I replaced
EST_CA_MAXwith32000and it fell to the next error on about line 3234.So I did the same there and it appears to get to the point of waiting for connections:
##Image details:
I stared to do some digging but ran out of time so I ended up rebuilding with:
--disable-safecLet me know if you need any more information.
The text was updated successfully, but these errors were encountered: