Forums | Mahara Community
Support
/
Mahoodle broken after SSL move
26 June 2015, 3:39
Good morning (or whatever time it is in your world)!
We've had a Mahoodle instance running for quite a while, SSO (Moodle->Mahara only) leveraging an XMLRPC instance. This summer we upgraded Moodle, and made the decision to SSL the entire site. (Previously, login only was protected.) That, of course, meant a root URL change from http to https, which apparently broke SSO. I can still log in as an admin, but even account masquerading doesn't work, so we currently have no access to any other user but admin.
Mahara won't let me replace the XMLRPC instance with another (I get a "An unknown error occurred while processing this form" error), and it can't apparently see the Moodle site so I can't edit the existing one (no cert is showing, updates give the same error). Anyone have a clue where I can start?
- Moodle 2.9
- Mahara 1.4 (we're going to upgrade to the latest to see if that helps)
- Windows 8SP2/IIS 7.5
- MySQL 5.4
Thanks.
Jeff
p.s. Apparently Mahara 1.4 doesn't like PHP 5.5+, which we'd also upgraded, so we're sorting that out too...*sigh*...
26 June 2015, 6:00
I recently went through this with a client when they changed their domain. I had to update the MNET settings through the database as the Moodle interface would give me errors when I tried to update. Make sure the URLS and Public keys are correct in the mnet_host table.
30 June 2015, 1:09
Patrick:
Thanks for the response. Moodle has been updated, and its public key renewed. I have not been able to induce Mahara into doing the same, I'm afraid. I found a forum with instructions on what to delete directly from the database to force Mahara into renewing its cert, but that seemed crude. I guess I could modify the expiration date in the database, which should have the same effect. But since things are seriously broken, I'm a little gun-shy on editing the database. I've been unable to edit the XMLRPC settings through the front end...
Anyway, unless there's a procedure I'm missing, or you have any other ideas, I'll probably try one of those. Thanks again.
Jeff
30 June 2015, 2:26
Hi,
I had same problem when I test upgrade Moodle (2..6 => 2.9) and Mahara (1.9 => 15.04)
It's in the mah_host table
Find the institution used to join Moodle and Mahara, and put the correct value in the table
wwwroot => URL of your Moodle site
ipaddress => ip of your Moodle host
publickey => copy the public key from your Moodle host
After I update thes 3 values, I can configure XMLRPC on Mahara again
It's not very difficult to do, just make a backup of your database before ...
30 June 2015, 2:38
Hello Jeffrey,
You can update the Mahara public key in Administration -> Configure site -> Networking: http://manual.mahara.org/en/15.04/administration/config_site.html#networking
Cheers
Kristina
30 June 2015, 4:06
Thanks, Kristina.
I've made some progress here. Both Moodle and Mahara are showing new certs (woo-hoo!), and I've made the database changes Bruno mentions above. Mahara's "Networking" page shows the cert as associated with the new "https" URL (it is full-site SSL too). However, Moodle won't retrieve the cert from Mahara. If I attempt to copy /paste the public cert into the window, Moodle tells me it's associated with another URL (but it's wrong - it shows the same URL!). Any ideas now?
30 June 2015, 5:37
This is where I had to paste the new key into the Moodle mnet_host database table and everything started working again.
Patric
30 June 2015, 18:53
Hi,
Look at the mnet_host table in Moodle. If you have deleted instance of Mahara site to recreate it, this instance stay in the table marked as deleted.
You can try to reactivate it and copy the certificate in the table or change URL and IP address of the deleted instance with fake values.
I had same problems with my upgrades (Moodle & Mahara). I think these parts need som improvements in Mahara and Moodle but we can deal with it by changes in databases.
01 July 2015, 5:55
You guys have been great. I'm still not there. I created an entry in Moodle's mdl_host table (no deleted one was still there) by scratch. I entered the new URL, IP, public key, and expiration date. SSO still doesn't work, and Mahara can't seem to retrieve anything from Moodle. If I click on the XMLRPC instance in Mahara, it throws the following error:
[WAR] 68 (E:\www\inetwork\api\xmlrpc\lib.php:1433) This is not a valid SSL Certificate Call stack (most recent first): * PublicKey->__construct("-----BEGIN CERTIFICATE-----MIIDuDCCAyGgAwIBAgIBADA...", "https://ischool.fcps.net") at E:\www\inetwork\lib\peer.php:112 * Peer->findByWwwroot("https://ischool.fcps.net") at E:\www\inetwork\auth\xmlrpc\lib.php:667 * PluginAuthXmlrpc::get_instance_config_options("ischool", "2") at E:\www\inetwork\admin\users\addauthority.php:92
I'm pretty sure I did everything carefully. Both Moodle and Mahara have certs they like. I still don't have "Login as..." access either, that throws similar errors.
01 July 2015, 16:01
Hi Jeffrey,
Sorry, I don't know what else you could do. I've never had to put a public key directly into a table. Maybe it's best to delete any MNet keys you have in your Moodle table and start fresh? Sometimes, deleted keys can interfere. But it seems that there is still something fishy with your SSL certificate as it won't be recognized as the error message says. Can you delete the key from the Mahara networking page and have it regenerated just to see if that worked and maybe solves your problem in case that information needs to be stored elsewhere for Moodle to retrieve it? But I'm just guessing here...
All the best
Kristina