[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Handle-info] Failure to replicate mirror handle server 7.3.1 from primary handle 6.2.5 server



I can assure you that the DSA vs DSAwithSHA1 issue was a purely cosmetic issue in the code.  

What's really happening here is that the mirror is initiating a session with the primary, but then can't validate the server's response within that session.  I thought that somehow an incompatibility might have been introduced, but I tried this with a 6.2.5 server and a 7.3.1 server and didn't get the error.

I do not know what is causing your error.  Would you be willing to upgrade your primary to 7.3.1 in order to see if that helps?  This should be as easy as stopping the primary, and then restarting with the 7.3.1 software.  No data migration will occur; it will simply run the 7.3.1 code with the existing data store.

Robert

On 2013-12-03, at 17:46 , Evguenia Krylova <evguenia.krylova@doit.wisc.edu> wrote:

> I have a mirror server setup with Handle 7.3.1 against the primary Handle 6.2.5 server. 
> Followed the instructions to configure the mirror "6.1 Setting up a Single Mirror Handle Server" 
> from http://www.handle.net/tech_manual/Handle_Tech_Manual_7_v1-1-22Dec10.pdf 
> 
> The replication fails with the following error:
> 
> starting replication thread
> "2013-12-03 15:25:14.286-0600" 50 unspecified max_handlers count, using default: 200
> "2013-12-03 15:25:14.287-0600" 50 unspecified max_handlers count, using default: 200
> "2013-12-03 15:25:14.287-0600" 50 unspecified max_handlers count, using default: 200
> "2013-12-03 15:25:14.690-0600" 50 Error doing replication at server: 1 144.92.161.120 (TCP/2645/adm+qry,UDP/2645/qry,HTTP/2646/adm+qry): HandleException (MISSING_OR_INVALID_SIGNATURE) Unable to verify signature for message: version=2.1; oc=1001; rc=402; snId=1 crt caCrt noAuth expires:Wed Dec 04 03:25:14 CST 2013
> HandleException (MISSING_OR_INVALID_SIGNATURE) Unable to verify signature for message: version=2.1; oc=1001; rc=402; snId=1 crt caCrt noAuth expires:Wed Dec 04 03:25:14 CST 2013
>         at net.handle.hdllib.HandleResolver.verifyResponse(HandleResolver.java:2368)
>         at net.handle.hdllib.HandleResolver.sendHttpRequest(HandleResolver.java:3077)
>         at net.handle.hdllib.HandleResolver.sendRequestToInterface(HandleResolver.java:2268)
>         at net.handle.hdllib.HandleResolver.sendRequestToServerByProtocol(HandleResolver.java:1943)
>         at net.handle.hdllib.HandleResolver.sendRequestToServerByProtocol(HandleResolver.java:1818)
>         at net.handle.hdllib.HandleResolver.sendRequestToServerInSiteByProtocol(HandleResolver.java:1649)
>         at net.handle.hdllib.HandleResolver.sendRequestToServer(HandleResolver.java:1737)
>         at net.handle.hdllib.HandleResolver.sendRequestToServer(HandleResolver.java:1688)
>         at net.handle.server.replication.ReplicationDaemon.run(ReplicationDaemon.java:435)
> Caused by: HandleException (UNKNOWN_ALGORITHM_ID) Unknown signature type: HS_MAC
>         at net.handle.hdllib.AbstractMessage.verifyMessage(AbstractMessage.java:503)
>         at net.handle.hdllib.HandleResolver.verifyResponse(HandleResolver.java:2362)
>         ... 8 more
> 
> 
> Has anybody successfully done this? 
> 
> I suspect that the error might be caused by this change from 7.3 release notes:
> "Signature code now uses algorithm DSAwithSHA1 instead of just DSA." 
> Any ideas how I can force 7.3.1 to use  DSA instead of DSAwithSHA1?
> 
> Ev
> 


_______________________________________________
Handle-Info mailing list
Handle-Info@cnri.reston.va.us
http://www.handle.net/mailman/listinfo/handle-info