TwoWholeWorms Posted November 24, 2014 Report Share Posted November 24, 2014 I've installed Plastic SCM on a Debian box and configured it in UPWorkingMode. When I start up the GUI client config and put in my server and port and click "Connect", this bit works and I get back the "Connected OK (UPWorkingMode)" response. However, when I now type in my username and password and click "Check" I get the error "Unknown response message from server: domain.com:8088", and this lot appears in plastic's log file: 2014-11-24 16:53:17,279 WARN Channel - Keep alive cannot be set because it's not supported. Error:The requested feature is not implemented. at Codice.Channels.ReusableTcpClient.KeepAlive () [0x00000] in <filename unknown>:0 2014-11-24 16:53:17,279 DEBUG Channel - Create connection to plastic://domain.com:8088 took 13 ms 2014-11-24 16:53:17,299 ERROR plastic - Error when checking credentials: Unknown response message from server: doain.com:8088 2014-11-24 16:53:17,299 DEBUG plastic - Stack trace: at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke (System.Runtime.Remoting.Proxies.RealProxy rp, IMessage msg, System.Exception& exc, System.Object[]& out_args) [0x00000] in <filename unknown>:0\ The server itself logs this message at the same time, every time: 2014-11-24 16:53:17,291 (null) root at (null) INFO Channel - conn 12. The authentication or decryption has failed. I'm not exactly sure what's going on here, as there doesn't seem to be any configuration option for KeepAlive anywhere in the documentation (that I've found, that is—I may have missed it). Anyone got any ideas? Link to comment Share on other sites More sharing options...
manu Posted November 24, 2014 Report Share Posted November 24, 2014 I think you are trying to use the wrong port. The 8088 is the SSL one and you need to configure the client with the 8087. Link to comment Share on other sites More sharing options...
TwoWholeWorms Posted November 25, 2014 Author Report Share Posted November 25, 2014 8087 is unencrypted, isn't it? I'd prefer to use the SSL port if possible. As an aside, I have noticed that it doesn't seem possible to configure the server to use LDAP-over-SSL (eg, ldaps://foo.bar.com:636) as the server just won't connect to the LDAP server if it's expecting an SSL connection, but that's a different problem entirely. Link to comment Share on other sites More sharing options...
manu Posted November 25, 2014 Report Share Posted November 25, 2014 ok, in that case, can you check in your "client.conf" file (at the C:\Users\your:user\AppData\Local\plastic4) if the "<WorkspaceServer>" tag is having a "ssl://" preffix? For example: <WorkspaceServer>ssl://localhost:8088</WorkspaceServer> Link to comment Share on other sites More sharing options...
TwoWholeWorms Posted November 26, 2014 Author Report Share Posted November 26, 2014 There is no client.conf yet—I haven't got that far. I've installed the client on my machine and am going through the first-run configuration process. I've entered domain.com:8088 into the server box (step 1), and ticked "Use encryption (SSL)". When I click "Connect", this part works and I get the message Connected OK (UPWorkingMode). However, when I now enter my username and password into the credentials box and click check, I get the Unknown response message from server: domain.com:8088 error in the configuration dialog and the logged errors listed in the original post above. Edit: Oh, I think I can see what it's doing. The logged errors have plastic://domain.com:8088 but you've mentioned that it should be ssl://domain.com:8088 in client.conf. My guess would be that the credentials check code is ignoring the "Use encryption (SSL)" tickbox and trying to execute the connection over an unencrypted connection, which quite rightly should not work. Also, I thought I'd put this in my original post, but I'm using the Mac OS X client on 10.10. Sorry for missing that out earlier! If I check the credentials using an unencrypted connection, everything works OK. I guess I'll configure it to use the unencrypted connection, and then update the config file afterwards. Link to comment Share on other sites More sharing options...
manu Posted December 2, 2014 Report Share Posted December 2, 2014 Edit: Oh, I think I can see what it's doing. The logged errors have plastic://domain.com:8088 but you've mentioned that it should be ssl://domain.com:8088 in client.conf. My guess would be that the credentials check code is ignoring the "Use encryption (SSL)" tickbox and trying to execute the connection over an unencrypted connection, which quite rightly should not work. Also, I thought I'd put this in my original post, but I'm using the Mac OS X client on 10.10. Sorry for missing that out earlier! If I check the credentials using an unencrypted connection, everything works OK. I guess I'll configure it to use the unencrypted connection, and then update the config file afterwards. Hi! No problem. Please check if manually editing the "client.conf" file works. You can just execute a "cm lrep" command after editing it to check if the secure communication is possible. Link to comment Share on other sites More sharing options...
PaulForest Posted February 10, 2015 Report Share Posted February 10, 2015 I can also confirm that the "Check" button on the Client Configuration Wizard doesn't work most of the time, even when the client is correctly configured and the server is running. We're using SSL on a non-standard port. Yes we can telnet from the client to the server. On Windows, the command: telnet OUR_REPO_SERVER 22022 connects to the server and we can send / receive characters. It seems the check button itself is doing something different from the regular client to figure out the fully qualified address URL. From C:\Users\WINDOWS_USERNAME\AppData\Local\plastic4: ... <WorkspaceServer>ssl://OUR_REPO_SERVER:22022</WorkspaceServer> ... The "Connect" button works correctly with result: "Connected OK (UPWorkingMode) The "Check" button gives this text in red, note the lack of ssl:// in the url: Tcp transport error. Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.: OUR_REPO_SERVER:22022. Unable to read data Workaround: don't use the check button, it gives false negatives. You may still be able to connect correctly. Link to comment Share on other sites More sharing options...
manu Posted February 12, 2015 Report Share Posted February 12, 2015 Thank you Paul, as you said it seems the wizard has problems trying to validate the user when the SSL port is used. We'll try to fix it ASAP and we'll post here the new release link. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.