Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to start SDPcontroller #5

Open
Cadjoe opened this issue Feb 17, 2021 · 2 comments
Open

Unable to start SDPcontroller #5

Cadjoe opened this issue Feb 17, 2021 · 2 comments

Comments

@Cadjoe
Copy link

Cadjoe commented Feb 17, 2021

Setup:

  • CentOS 8, x86_64

Issue

[root@sdp SDPcontroller]# node ./sdpController.js
prompt: Enter certificate authority key password:  *****************

prompt: Enter server key password:  *****************

prompt: Enter database password:  *****************

readline.js:1154
            throw err;
            ^

Error: error:0909006C:PEM routines:get_name:no start line
    at Object.createSecureContext (_tls_common.js:129:17)
    at Server.setSecureContext (_tls_wrap.js:1323:27)
    at new Server (_tls_wrap.js:1181:8)
    at Object.createServer (_tls_wrap.js:1224:10)
    at startServer (/opt/SDPcontroller/sdpController.js:195:22)
    at startDbPool (/opt/SDPcontroller/sdpController.js:164:5)
    at /opt/SDPcontroller/sdpController.js:137:17
    at /opt/SDPcontroller/node_modules/prompt/lib/prompt.js:358:32
    at /opt/SDPcontroller/node_modules/async/lib/async.js:154:25
    at assembler (/opt/SDPcontroller/node_modules/prompt/lib/prompt.js:355:9) {
  library: 'PEM routines',
  function: 'get_name',
  reason: 'no start line',
  code: 'ERR_OSSL_PEM_NO_START_LINE'
}

Config file

module.exports = {
    // print debug statements
    'debug': false,

        'serverPort': 5000,
        'maxConnections': 100,

        // milliseconds, 0 indicates no timeout
        // this is controller's way of noticing a lost connection
        'socketTimeout': 30000,

        // false indicates the server should disconnect
        // after a successful credential update
        'keepClientsConnected': true,

        // allow legacy access request type
        // Legacy access request means the SPA packet specifies
        // the port to open along with detailed NAT instructions
        // if applicable. This mode is not secure because the
        // client can be NAT'ed to anywhere it requests if NAT
        // is enabled.
        'allowLegacyAccessRequests': false,

        // can create these using ./setup/create-certs.sh
        'serverCert': './certs/server.crt',
        'serverKey':  './certs/server.key',

        // to be prompted for a password, set this field
        // to a null string using '' (that's 2 single quotes
        // with no spaces between)
        'serverKeyPassword': '',
        'serverKeyPasswordRequired': true,

        // can create these using ./setup/create-certs.sh
        'caCert': './certs/ca.crt',
        'caKey': './certs/ca.key',

        // to be prompted for a password, delete this field or
        // set it to a null string using '' (that's 2 single
        // quotes with no spaces between)
        'caKeyPassword': '',
        'caKeyPasswordRequired': true,

        // how many days new certificates should be good for
        'daysToExpiration': 31,

    // SPA encryption key length in bytes, range is 64 to 256
    'encryptionKeyLen': 256,

        // SPA HMAC key length in bytes, range is 4 to 128
        'hmacKeyLen': 128,

        // database options
        'dbHost': 'localhost',
        'dbUser': 'root',
        'dbPasswordRequired': true,

        // to be prompted for a password, delete this field or
        // set it to a null string using '' (that's 2 single
        // quotes with no spaces between)
    'dbPassword': '',
    'dbName': 'sdp',

    // if any of these are exceeded, the controller
    // disconnects from the client
    'maxDataTransmitTries': 3,
    'maxCredentialMakerTries': 3,
    'maxBadMessages': 3,

    // retry interval (milliseconds) for database failures
    'databaseRetryInterval': 5000,
    'databaseMaxRetries': 5,

    // interval (milliseconds) to check database for changes
    // that require sending updates to gateways
    'databaseMonitorInterval': 3000,

};

I'm not sure whether I missed something or not, but I have no idea what's going on here. Some assistance is appreciated in advance.
@Jack0209-Huang
Copy link

Hello, did you solve the problem? I was able to leave your email and contact you?

@takahiro-ono
Copy link

As the error 'ERR_OSSL_PEM_NO_START_LINE' was thrown when TLS server was being started, I suspect one of the below is not in proper PEM format:

  • CA certs
  • CA private key
  • Server certs
  • Server private key

How about checking the format of these files? : caCert, caKey, serverCert, serverKey

You can use openssl command to open a PEM file like below:

openssl x509 -text -noout -in ./certs/ca.crt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@takahiro-ono @Cadjoe @Jack0209-Huang