. . .

FAQ

This list of FAQs contains common questions and problems during installation on various platforms. In most cases the logs tell what is going wrong if something is not working as expected:

Where can I find detailed logs?

Linux

  • MongoDB: As provided with the logpath key in the mongodb config

  • Dashboard: /opt/aom-dashboard/site/apiomat/log/application.log

  • YAMBAS: /var/log/aom-yambas/

Windows

  • MongoDB: As provided with the logpath key in the mongodb config

  • The locations of the other logfiles are linked in one single place: C:\Program Files\ApiOmat\logs. The links go to:

    • C:\tomcat8\logs ("CONSOLE" appender / standard output logs here)

    • C:\Users\YourUser\AppData\Local\ApiOmat\logs ("FILE" appender logs here)

    • C:\Apache24\logs

    • C:\Apache24\htdocs\dashboard\apiomat\log

  • To read the logs in a continuous way (show new lines automatically), use the PowerShell cmdlet Get-Content with the "-wait" parameter

    • For example: gc .\catalina.out -tail 100 -wait

YAMBAS startup setups with error message "license server not available"

This commonly occurs when the installation hosts traffic is can not connect to the license server. Please ask support for a offline license key and provide the hardware ID printed out during startup of YAMBAS in tomcat logs.

Dashboard login does not work, no incoming request is logged on YAMBAS

Please check your hostname settings in yambas.conf and try to run a curl command against the hostname, as shown

curl http://localhost:8080/yambas/rest

Images are not properly displayed in Dashboard, what should I do?

Please see "Dashboard login does not work, no incoming request is logged on YAMBAS"

The error "AH02018: request body exceeds maximum size (xxxxx) for SSL buffer" appears

Go to your SSL configuration and adjust <Location /dashboard>:

SSLRenegBufferSize 10486000

SSL certificate problem: unable to get local issuer certificate' in /opt/aom-dashboard/site/apiomat/protected/extensions/EActiveResource/EActiveResourceRequest.php:542

Please check your certificates. The error "unable to get local issuer certificate" indicates that the CA-certificate (or one of the certs in the chain) couldn't be verified. Try to investigate the error with the command:

openssl s_client -connect host:port

With this command you can take a closer look for the problem. The problem should be that the CA-certificate is missing on the server system. Download the correct CA-certificate file (the output of the command should tell you which one you'll need) from the homepage of your CA and add it to /usr/local/share/ca-certificates and then run

sudo update-ca-certificates

error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

Please check your yambas.host configuration in the yambas.conf. Can you reach the specified server with curl on the command line? The error indicates that you're trying to connect to a wrong port (most common: you're trying to establish a HTTPS connection on the HTTP-Port)

curl https://localhost:8443/yambas/rest

SSL certificate problem: unable to upload/download native module via ANT because of "javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name"

The server alias in your apache conf has a different value than your ssl certificate.

Please change the "ServerAlias" value in your apache conf to the name that is set in the ssl certificate.

403 during yum or apt update

Please check your package manager. Are the packages sources mirrored? Have our installation packages have been added? You can ask the admin or the data center.

Internal Server Error SSL received a record that exceeded the maximum permissible length.

Try the following: Disable useSsl in yambas.conf (useSsl=false)

All users can read the data of other users. Is this a security hole?

No. 1) This only applies to the basics.User class with the default module configuration. 2) You can either create a subclass and modify the access rules, or change the configuration of the module "Basics" accordingly (see Basics Module).

I forgot the SuperAdmin password, but cannot use the password reset function (e.g. no E-Mail-Host is configured). How can I reset the password?

It is possible to hash a new password and set it directly to database. Follow these instructions to reset SuperAdmin password on database layer:

  1. Ensure ApiOmat Yambas is running

  2. Extract the configEncryption key from your apiomat.yaml and use it as pepper, e.g.: pepper=4FhnGPU6WfwP9rJ1X1htuTyj2dRNuaQ8

  3. Open a connection to your MongoDb

  4. Navigate to the collection apiomat.Customer and select the customer with _id=SuperAdmin (e.g. via mongo shell db.Customer.find({_id:"SuperAdmin"}) )

  5. Extract the value of the json key 'salt' from response, e.g. salt=75b1620333c34606623a9b6789589c98fff268c966591310072ad1503401a0ba

  6. Create a new password, e.g. password=123456

  7. Hash your password manually using the following settings: PBKDF2 With Hmac SHA512 , 4 iterations, key length 256, salt and peppered password

import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.xml.bind.DatatypeConverter;
public class PasswordHasher
{
public static void main( String[ ] args ) throws Exception
{
/* values from example above */
final String salt = "75b1620333c34606623a9b6789589c98fff268c966591310072ad1503401a0ba";
final String pepper = "4FhnGPU6WfwP9rJ1X1htuTyj2dRNuaQ8";
final String password = "secret";
 
final String hashedPassword = createShaHash( pepper, salt, password ).toLowerCase( );
System.out.println( hashedPassword );
}
 
private static String createShaHash( String pepper, String salt, String password ) throws Exception
{
final int iterations = 4;
final int keyLength = 256;
final String keyAlgorithm = "PBKDF2WithHmacSHA512";
 
final SecretKeyFactory skf = SecretKeyFactory.getInstance( keyAlgorithm );
final PBEKeySpec spec =
new PBEKeySpec( ( pepper + password ).toCharArray( ), salt.getBytes( ), iterations, keyLength );
final SecretKey key = skf.generateSecret( spec );
final byte[ ] data = key.getEncoded( );
return DatatypeConverter.printHexBinary( data );
}
}

8. Copy the generated lower case hash and paste it to apiomat.Customer.SuperAdmin.password, e.g. password=801843d2b43936173f16ec6531adada9d0194719b938a260d6f25861a36f5068 (backing up the old password is recommended!)
9. Restart your yambas to clean the customer cache and login with your new password

CentOS 7.5.X php70w-pear package error

How to solve following error:

Error: Package: apiomat-dashboard-3.2.1-0.x86_64 (apiomat)
Requires: php70w-pear
Available: 1:php70w-pear-1.10.4-1.w7.noarch (webtatic)
php70w-pear = 1:1.10.4-1.w7

First try to remove all php packages.

sudo yum remove php*

Try to install the package manually

curl -O https://centos.pkgs.org/7/webtatic-x86_64/php70w-pear-1.10.4-1.w7.noarch.rpm.html
sudo yum localinstall php70w-pear-1.10.4-1.w7.noarch.rpm

Finally the problem should be solved.