• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

PHP and XML-RPC

I am using moodle and using moodle networking to connect to other instances on our server.  It uses XML RPC to do this.  When I move one of our instances to another ip on our web server, I get this message:

RPC auth/mnet/user_authorise:Payload not signed: faultCode 7017  faultString Your IP address does not match the address we have on record. ERROR 2:2:Payload not signed: faultCode 7017  faultString Your IP address does not match the address we have on record.

So the ip that its getting is not returning the right value.  I thought it was something with my apache config, so I created a separate apache instance with just 1 site.

Does anyone know how I can fix this so that XML-RPC returns the right ip for the web site?
0
Tigger996
Asked:
Tigger996
  • 10
  • 10
1 Solution
 
giltjrCommented:
I did a little reading on Moodle.

When you installed it you need to provide it with the hostname that would be used in the URL.  Do you have a DNS record that maps that name back to the proper IP address?

Is that IP address the primary IP address for the box you are running this on?

It sounds like moodle is expecting a connection from a.a.a.1, but it is getting one from a.a.a.2.

0
 
giltjrCommented:
Also:

Migrating Moodle to a new site or server

Migrating Moodle means that you have to move the current installation to a new server, and so may have to change IP addresses or DNS entries. To do this you will need to change the $CFG->wwwroot value in the config.php on the new server. You will also have to change any absolute links stored in the database backup file (before restoring the file on the new server) either using the admin/replace.php script, your text editor or another "search and replace" tool, e.g. sed. For more details see the Moodle Migration page.

0
 
Tigger996Author Commented:
ok, my moodle setup is ok, and my DNS is pointing to the right ip, when I ping it I get 199.XX.XX.17 which is the ip I set it up on.  If I have all my sites setup on .23 (where I have MANY) and .23 is the default server in my apache config, it works.  That's why I thought another instance would fix that problem, but it doesn't.

My moodle instance runs ok, just not when I try to connect to it via moodle networking.

So basically I login to site 1 and jump to site 2 securely so that my users only have to create 1 login.

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
giltjrCommented:
--> moodle networking.

What is moodle networking?

-> login to site 1 and jump to site 2

To make sure I understand, site 1 and site 2 are really on the same server, but (hopefully) different IP addresses.

Are the two IP address (.17 and .23) assigned to the same NIC?  If so which one is the NIC's primary IP address?

My first guess is that moodle know that it is .17, but it sees a connection from .23 and thinks something is wrong.
0
 
Tigger996Author Commented:
Moodle networking is a way to allow users to "jump" from one site to the other without having to create a login for each site.

Right now - I have site1 and site 2 on the same server under the same ip and moodle networking works.

I have Many ip's assigned to my nic with a primary up of .16   .23 is where I have my virtual hosts setup in apache with many web sites that will never require SSL or just my play sites.  I have other websites on their own ip address that use SSL as well.

So yes, I think that its seeing the wrong ip from one of the other.  That's why I thought my apache config was making things confusing.  That's why I tried doing another instance where the default server is .17 but that didn't work, so maybe its at the server level?  But that wouldn't explain why it works from the same ip.

0
 
giltjrCommented:
I am fairly sure that when a outbound connection is made it does not matter what the 'default' server is.

The server IP address in the Apache configuration is used for accepting inbound connections.  I am 99% sure that when apache needs to make an outbound connection it will use the first/primary IP address of the 1st/primary NIC.  In this case .16.
0
 
Tigger996Author Commented:
But that doesn't make sense -- it's all on the same sever, so the ip would always return .16 which wouldn't give me the problem of ip on record issue.

Thanks for your input though.
0
 
giltjrCommented:
What is the setup when it works?

I was under the impression that if you run both "site1" and "site2" that it has never worked.

If the moodle thinks it is ".17" and attempts to connect to itself it will see a connection from ".16", which will confuse it.
0
 
Tigger996Author Commented:
Right now I have .23 on a virtual host setup with site 1 and site 2 assigned to that ip, I also have about 5 other web sites on that ip.  

When the sites are on the same ip it will let me "jump" from instance to instance.

If I move site 1 to .17 with no other sites on .17 -- just the one. it says the above error.

I hope that clarifies things.
0
 
giltjrCommented:
What is the IP address of the default Apache site?
0
 
Tigger996Author Commented:
Apache Config:

Default: XXX.XXX.XX.23 --> Has about 8 virtual hosts
.16 has 1 virtual host --> Default IP of Card
.17 -- Has 1 virtual host
.18 -- Has 1 virtual host and ssl
.8 -- Has 1 virtual host and ssl
.20 -- Has 1 virtual host
.24 -- Has 1 virtual host
.19 -- Has 1 virtual host


Everything works great if all moodle instances are on .23

I tried moving 1 site to .17 and get the above error.

I tried separate apache instance on just .17 and it still didn't work.

Here;s my next thought.  Moodle generates SSL keys to verify the connection between instances.  It stores the peers keys in the db to verify the connect.  Could there be something when the ssl key is generated that it's not seeing the different ip??

0
 
giltjrCommented:
Ah, yes.  My guess is that moodle is using the IP address to generate the keys.  The IP address has changed so that SSL key does not match.  You may want to see how to delete and re-generate the key(s).
0
 
Tigger996Author Commented:
My keys are regenerated. But what I'm wondering is the script that is used to generate the keys is somehow using the wrong ip since there are multiple on the machine?  I will see if I can find some code on how it generates the keys.

0
 
giltjrCommented:
When you go to generate the keys what parameters do you provide?  An IP address, a host name, or nothing?
0
 
Tigger996Author Commented:
As far as I can tell it uses the hostname --> It basically takes the string in the moodle config for the site address: so forexample, moodle.org or whatever the site is.

The error that get first comes up when moodle calls this line:

$isOpen = openssl_open(base64_decode($data),$payload,base64_decode($key),$MNET->get_private_key));

Don't know if that helps any, but maybe we're getting somewhere.

0
 
giltjrCommented:
O.K. I am reading the moodle doc as quickly as I can.  I am a bit confused.  You keep refing to "site1" and "site2".  I assumed that moodle was setup as a 3 tier application: Web Presenation, Application, and Database.

However from what I can see right now it is only a 2 tier, Web/Application and Databse.

Can you point me to the doc that talks about "site1" and "site2"?
0
 
Tigger996Author Commented:
site1 and site2 are moodle instances.  So 2 seperate directories, 2 seperate databases.  
Moodle Networking allows to to login to 1 instances and "jump" to the next without having to login again.  It creates a local user based on the instance you came from.  So single sign on.

0
 
giltjrCommented:
Are you signed up for the moodle formum at:

     http://moodle.org/login/index.php

When I do searches I find a few hits with the string "moodle single sign-on virtual-hosts apache", as I am not registered I can't see anything.

What happens if you move both sites to the same IP address?

If that does not work, then my guess is that somewhere internally moodle is doing something on address .23, the default apache address, no matter what you setup in apache.

To test that theory you would need to temporally change the default host in apache to something else, say .17, and then re-generate the certificate and see if it works or not.  If that works, then moodle is definitely doing something on the default host definition.
0
 
Tigger996Author Commented:
You can actually login as a guest... I do have an account there.

You have to watch your search.  It's actually moodle networking.  and I have posts in the tracker, etc.
Both sites were originally on the same ip and it works fine.  If I change the default host to .17 that would be fine, all my sites would still be on .23.  If my current setup quit working, then I know for sure its going on the default host.  
I will try and let you know how it goes.

0
 
Tigger996Author Commented:
They finally fixed it in moodle.  There was a line in one of the pages that checks the ip.  Anyway, thanks for all the effort and time.

0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

  • 10
  • 10
Tackle projects and never again get stuck behind a technical roadblock.
Join Now