Не могу подключится через ssl к Cups (убил уже два дня(( )
Ubuntu server 20.04. Стоят сертификаты для домена. Я их скопировал и указал в конфиге
Сертификаты скопировал и указал
Самое интересное что тот-же конфиг на другом компе работает норамально, тупо 1в1
Соответственно клиенты видят принтер по сети но печатать не могут
В веб морду тоже по https тоже не пускает, а только по http
в логе error.log есть строки
E [06/Feb/2023:03:00:45 +0200] [Client 210] Unable to encrypt connection: Error while reading file.
Ну и сам конфиг
LogLevel warn
PageLogFormat
MaxLogSize 1m
# Allow remote access
Listen *:631
Listen /run/cups/cups.sock
ServerAlias *
#Listen 127.0.0.1:631
#Listen /var/run/cups/cups.sock
#Listen 192.168.1.119:631
Browsing On
BrowseLocalProtocols dnssd
DefaultAuthType Basic
WebInterface Yes
<Location />
# Allow remote access...
Order allow,deny
Allow all
</Location>
<Location /admin>
AuthType Default
Require valid-user
</Location>
<Location /admin/conf>
AuthType Default
Require user [member=54482]system[/member]
</Location>
<Location /admin/log>
AuthType Default
Require user [member=54482]system[/member]
</Location>
<Policy default>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user [member=8428]Owner[/member] [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit CUPS-Authenticate-Job>
Require user [member=8428]Owner[/member] [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy authenticated>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user [member=8428]Owner[/member] [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user [member=8428]Owner[/member] [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy kerberos>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Negotiate
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Negotiate
Require user [member=8428]Owner[/member] [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Negotiate
Require user [member=8428]Owner[/member] [member=54482]system[/member]
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
BrowseWebIF Yes
DefaultEncryption Required
ServerCertificate /etc/cups/ssl/server.crt
ServerKey /etc/cups/ssl/server.key
ErrorPolicy retry-job
Через докер все работает, но докер костыль конечно
Пользователь добавил сообщение 07 Февраля 2023, 14:34:32:
Нашел причину, но не знаю как ее обойти
У меня в системе сделан бридж для qemu br0
если система работает через него то не пускает по ssl только cups
При переключении на стандартное подключение через через netplan ( не бридж) соединение по ssl с Cups происходит норально.
Есть мысли ?