1.generator工具生成链,启用加密类型为国密,SSL也为国密,出现ssl handshake failed报错
问题描述:
WeBase一键安装启动后,发现5002端口没有起来
# Encrypt type (0: standard, 1: guomi) encrypt.type=1 # ssl encrypt type (0: standard ssl, 1: guomi ssl) # only guomi type support guomi ssl encrypt.sslType=1
查看 webase-front目录下log
2020-12-23 15:42:53.819 [main] ERROR ChannelConnections() - all connections have failed, [ ssl handshake failed:/0.0.0.0:20200] 2020-12-23 15:42:53.819 [main] ERROR Service() - service init failed, error message: Failed to connect to nodes: [ ssl handshake failed:/0.0.0.0:20200]The reasons for failure may be: 1. the configured certificate is not the same set of certificates as the node's certificate; 2. the configured certificate is not issued by the same authority as the node's certificate. Please refer to https://fisco-bcos-documentation.readthedocs.io/zh_CN/latest/docs/sdk/java_sdk.html#id24
查看端口发现5002,5004均为启动成功
解决思路:
后来发现是链的问题,因为链是通过generator工具生成,节点的config.ini中sm_crypto_channel为false,而要整链 功使用国密算法,需要下面两个变量都为true
sm_crypto = true sm_crypto_channel = true
而generator似乎没有提供更改的方法,因此更改generator中配置文件。
解决方法:
研究generator脚本发现国密启动后节点的配置文件是拷贝./tpl/config.ini.gm,因此需要手动或使用脚本将该文件中sm_crypto_channel置为true,generator会自动将该文件copy给节点文件,比较省事。
需要删除原来generator生成的链以及WeBase,再重新部署安装,问题解决。
2.nginx问题,[emerg] open() "/etc/nginx/mime.types"。
问题描述:
============== Starting WeBASE-Web ============== Traceback (most recent call last): File "deploy.py", line 106, in <module> do() File "deploy.py", line 25, in do commBuild.do() File "/root/develop/webase-deploy/comm/build.py", line 22, in do installWeb() File "/root/develop/webase-deploy/comm/build.py", line 239, in installWeb startWeb() File "/root/develop/webase-deploy/comm/build.py", line 263, in startWeb res2 = doCmd("sudo " + res["output"] + " -c " + nginx_config_dir) File "/root/develop/webase-deploy/comm/utils.py", line 108, in doCmd raise Exception("execute cmd error ,cmd : {}, status is {} ,output is {}".format(cmd,status, output)) Exception: execute cmd error ,cmd : sudo /usr/bin/nginx -c /root/develop/webase-deploy/comm/nginx.conf, status is 1 ,output is nginx: [emerg] open() "/etc/nginx/mime.types" failed (2: No such file or directory) in /root/develop/webase-deploy/comm/nginx.conf:13
解决思路:
这是由于该web应用nginx配置中找不到/etc/nginx/mime.types。
解决方法:
find / -name mime.types
显示地址为
/www/server/nginx/conf/mime.types
修改nginx.conf
vim /root/develop/webase-deploy/comm/nginx.conf
将报错位置处
include /etc/nginx/mime.types; 改为 include /www/server/nginx/conf/mime.types;
重新启动即可:
python deploy.py startAll