Open Microscopy Environment

jburel wrote:Hello

Quick update
I have opened a PR https://github.com/openmicroscopy/openm ... /pull/5332 with some adjustments.
I have deployed the modified server on debian9 and I could connect from both the desktop client (Java)
and the CLI (python). I need to check the Cpp client.
Tomorrow we will do further tests to see if the changes does not affect anything.

Thanks to carandraug for pointing out the SECLEVEL flag.

Cheers

Jmarie

Hello,


Just wanted to say thank you for the ":@SECLEVEL=0"!
I wanted to upgrade my server to Stretch so that we could (easily) switch to Ice 3.6 but I had this bug too.
Thanks to your patch, I just edited both templates.xml and got it working on Debian 9!

Dear Jean-Marie,

thank you for the client. I tested it and it shows a list of cipher but no ADH. Therefore, I tested a different approach. Rather than editing the two files in the existing omero server, checked out out the code (using git) at tag v5.3.2, cherry-picked your 4 commits of the PR and compiled. This compiled version works fine and solved the issue.

I assume that editing the file in the released version already installed was not enough and that the IceSSL was maybe in an inconsistent state. Alternatively, the template.xml cannot be changed and read again if the server keep on running. Indeed, at each server restart, my changes in template.xml were reverted.

Thank you so much for your help.

Cheers

Jacques

Glad that everything is now working
Out of curiosity did you edit the template under

Code: Select all

/etc/templates/grid

?

Cheers
Jmarie

jburel wrote:Glad that everything is now working
Out of curiosity did you edit the template under

Code: Select all

/etc/templates/grid

?

Cheers
Jmarie

Well... Yes...
Maybe I should have avoided that... ?

Sorry for the confusion

No that is the location I was expecting you to make the changes. I was trying to understand why the modifications that Jacques made were reverted

Cheers

Jmarie

Ok. Thank you for these instructions.

However, I must say that editing "lib/python/omero/clients.py" gives me an error in OMEROweb:

Code: Select all

PluginInitializationException: exception ::Ice::PluginInitializationException
{
    reason = IceSSL: unable to set ciphers using `ADH:@SECLEVEL=0':
invalid command
}


Keeping the original clients.py and editing etc/templates/grid/templates.xml works for me...

Hello

is OMERO.web running on the same machine?
I have seen that error only when I tried the command with older version of OpenSSL.

Does the CLI work?

Thanks

Hi

We just discovered another issue.
omero.tables will not work with the version of Pytables installed by default (3.3.0).
you will have to downgrade it to version 3.2.2

Cheers


Jmarie

Dear Jean-Marie,

I put back our production server on debian 9 and omero 5.3.3 and indeed the correction in the two template.xml plus the clients.py fixed the issue. I experienced no problem with the CLI ran on the server machine and with the omero.web (ran also on the server machine with nginx). So far, we are not using tables to my knowledge, so we have likely not experienced the issue you are reporting.
Thank you very much for your help in these issues.

Cheers

Jacques

jburel wrote:Hello

is OMERO.web running on the same machine?
I have seen that error only when I tried the command with older version of OpenSSL.

Does the CLI work?

Thanks

Yes, OMERO.web is running on the same machine (and not in a virtual env yet...).
And yes, the CLI works, if I don't modify clients.py.

Also, OpenSSL version is 1.1.0f-3
It's kind of weird...