Hi@all,
hope somebody can help me out solving this issue.
I´m running this great piece of software (KDM creator) on a ubuntu server.
I generated the leaf certificate to create some DKDM keys,
for a couple of month it worked perfect. All DKDM files were usable for the kdm creation tool
but suddenly it stopped working.
After some testing I found out that the leaf certificate changed, but the config.xml file seems to be untouched.
For nearly 4 month everything worked fine. No updates on the server or the software.
The timestamp of the config.xml file is untouched.
Is there any kind of automated certificate regeneration?
Best regards
G470
KDM creator certificate magically changed ->error reading DKDM
-
- Posts: 4
- Joined: Tue Oct 26, 2021 11:13 am
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: KDM creator certificate magically changed ->error reading DKDM
Hello,
There shouldn't be any certificate regeneration except in one case if you have an old version (with buggy certificate creation) then install a new one it will ask you if you want to make some new certificates.
What error do you get when you try to use a "bad" DKDM?
There shouldn't be any certificate regeneration except in one case if you have an old version (with buggy certificate creation) then install a new one it will ask you if you want to make some new certificates.
What error do you get when you try to use a "bad" DKDM?
-
- Posts: 4
- Joined: Tue Oct 26, 2021 11:13 am
Re: KDM creator certificate magically changed ->error reading DKDM
Hi Carl thx for your reply,
when I try to import the previously working DKDM files via gui, I get the error message 'Could not decrypt...' (which makes sense as the decryption certificate changed).
I have a ubuntu server where V 2.16.08 of the kdm creation tool is running.
I´m generating the cinemas.xml via php script so all cinemas, screens and certificates are updated every few minutes from our database.
We generated some DKDM files and they worked for a few month.
As I´m not touching the gui and all kdm files are generated via the commandline
I´m pretty sure that nobody clicked the button to regenerated the certificates.
Sometimes I get bad certificates for the cinema screens, so I thought maybe a error in the cinema.xml triggered a regeneration when the gui was started. Is this possible?
Best regards G470
when I try to import the previously working DKDM files via gui, I get the error message 'Could not decrypt...' (which makes sense as the decryption certificate changed).
I have a ubuntu server where V 2.16.08 of the kdm creation tool is running.
I´m generating the cinemas.xml via php script so all cinemas, screens and certificates are updated every few minutes from our database.
We generated some DKDM files and they worked for a few month.
As I´m not touching the gui and all kdm files are generated via the commandline
I´m pretty sure that nobody clicked the button to regenerated the certificates.
Sometimes I get bad certificates for the cinema screens, so I thought maybe a error in the cinema.xml triggered a regeneration when the gui was started. Is this possible?
Best regards G470
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: KDM creator certificate magically changed ->error reading DKDM
Ah - that's a good point - that might be possible... I'll look into that. There should be some backups of the config.xml next to it (config.xml.1, config.xml.2 and so on) so you should be able to recover from those, if you need to?
-
- Posts: 2807
- Joined: Tue Apr 15, 2014 9:11 pm
- Location: Germany
Re: KDM creator certificate magically changed ->error reading DKDM
That said - if you actually use encryption and DKMs, you definitely take care to create your own backups.
-
- Site Admin
- Posts: 2550
- Joined: Thu Nov 14, 2013 2:53 pm
Re: KDM creator certificate magically changed ->error reading DKDM
You're right - an error in cinemas.xml is enough to make DoM re-write config.xml with current versions. I fixed that in my local copy so it should be better in 2.16.25.