[5.0.11] Cannot enable encryption on Windows #5079
Comments
|
@karlitschek Can we get this assigned before the support call tmro? |
|
@schiesbn @ringmaster Do you have an idea what the problem might be? |
|
This error most often happens when OpenSSL is not configured correctly for ownCLoud on Windows, even when it seems like all of the requirements are met. It's most likely that the environment variable value is not visible to the PHP process, or is incorrectly set. When this happens and all requirements seem to be otherwise met, entries are written to the owncloud.log file with "openssl_pkey_new() fails". The additional data in those entries will be useful for diagnosis. |
|
Will get the owncloud.log file and take a look. |
|
@ringmaster : Here are the logs you requested: {"app":"Encryption library","message":"openssl_pkey_new() fails: error:02001002:system library:fopen:No such file or directory","level":3,"time":"2013-10-04T03:20:51+00:00"} |
|
@ringmaster Any ideas on the logs provided last week? |
|
This looks like your system can't find the openssl.conf. You have to make sure that the your openssl.conf is in your servers system PATH. With OC6 you will be able to set the path in config.php alternatively. I think @ringmaster can give you more detailed information on how to set the path correctly |
|
Setting environment values is kind of convoluted, since IIS is pretty particular about what environment settings it passes through to CGI apps that it executes. Still, it's possible to configure. I've put together a short video explaining the process in Windows Server 2012. The process should be similar in other recent editions of Windows Server, although some older versions may have different methods of configuring environment variables for FastCGI processes. Video: http://screencast.com/t/WWpuqKFVFwr2 Note that early in the video, I execute the command as the server user, through the server. Even though (this wasn't shown in the video) there is a global environment variable set on this server for There may be ways to pass through this value from the system environment to the web server environment, but this is better, since it could potentially allow you to set different key settings for different hosts on the server, and isolates those environment settings to a single site, limiting cross-site exposure of sensitive environment settings. As @schiesbn said, OC6 has a simpler method that allows you to set the path directly in the OC config file, but this setting isn't available in OC5. |
|
Thanks @ringmaster . That video did the trick. |
Expected behavior
Ability to enable encryption
Actual behavior
Error upon enabling encryption
Steps to reproduce
Customer has ownCloud 5.0.11 running on Windows Server 2008 R2 and can not enable encryption. He gets the following error:
Encryption library
Missing requirements. Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.
Looking in the code, the error was introduced here:
#4268
Verified PHP is 5.4.19
Verified OPENSSL_CONF environment variable is set to the proper directory
Verified that PHP extension is enabled
After upgrade of PHP and creation of OPENSSL_CONF and enable PHP Extension, customer restarted IIS, as well as rebooted the server. He still gets the error
Was unable to reproduce in lab!
Server configuration
OC 5.0.11
Windows Server 2008 R2
PHP 5.4.19
The text was updated successfully, but these errors were encountered: