[RESOLVED] Update 2.4 and personal certificate

Questions about WAPT Server / Requests and help related to the WAPT server
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
corriou
Messages: 26
Registration: May 16, 2019 - 09:59

June 13, 2023 - 08:41

Good morning,

I just upgraded from version 2.3 to version 2.4 Community (up-to-date Debian 11 server).
After updating following the official instructions, I accessed the wapt webpage and installed wapt-setup 2.4.0.14058. After some trial and error with the certificates, I finally launched the console and tried to edit a post. I received the following message:

Code: Select all

Unable to red key data.Either supplied password is wrong or not proper key data (must be PKCS#8 or PKCS#12).
I don't have a PKCS #8 or 12 file (and I never had one in previous versions), but the password is correct. I tested it by going to "Tools->Settings->Personal Certificate Path".

Do you have any leads?

Best regards,
Last edited by corriou on June 20, 2023 - 10:49, edited 1 time.
High
User avatar
dcardon
WAPT Expert
Messages: 1929
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

June 13, 2023 - 12:39

Hello Alain,

the message is indeed not very clear. The pkcs#8 format corresponds to the historical WAPT .pem (private key) / .crt (public key) format. The pkcs#12 format corresponds to a file format where the .pem and .crt are contained within the same .p12 or .pfx file.
We plan to switch to a .p12/.pfx format in the future to prevent WAPT users from confusing the public and private keys.

That said, in your case the message is quite strange; it means that the console cannot recognize the .pem / .crt file format. What version of WAPT was your private key generated with? Was it with a very old version (like before 1.8?), as there can be differences in interpretation with OpenSSL updates.

Could you try changing the key password through the console? That should update the file format.

Regards,

Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
corriou
Messages: 26
Registration: May 16, 2019 - 09:59

June 13, 2023 - 2:38 PM

I just changed the password. Everything went smoothly when I entered the old password. I restarted the console and... I get the same message.
The key is indeed very old, probably created during Wapt version 1.5. For your information, the .p12 file is not created when the password is changed.
I currently see two avenues to explore further:
  • Create the file using the command line from the two .pem and .crt files, but there may be specific options to specify for this creation
  • create a new private key, but I haven't looked closely at what that would entail
I tried the first solution without success (I get the same message):

Code: Select all

openssl pkcs12 -export -out wapt-private.p12 -in wapt-private.crt -inkey wapt-private.pem
High
corriou
Messages: 26
Registration: May 16, 2019 - 09:59

June 20, 2023 - 10:48

I ended up generating a new key, re-signing the packages, and generating a new agent. It's working again
High
User avatar
dcardon
WAPT Expert
Messages: 1929
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

June 20, 2023 - 5:10 PM

Thanks for the feedback, Alain :-)
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
Locked

Return to "WAPT Server"


  • To go further with WAPT