Where can I find detailed logs?

YAMBAS startup setups with error message "license server not available"

This commonly occurs when the installation hosts traffic is can not connect to the license server. Please ask support for a offline license key and provide the hardware ID printed out during startup of YAMBAS in tomcat logs.

Dashboard login does not work, no incoming request is logged on YAMBAS

Please check your hostname settings in yambas.conf and try to run a curl command against the hostname, as shown

• cURL

Images are not properly displayed in Dashboard, what should I do?

Please see "Dashboard login does not work, no incoming request is logged on YAMBAS"

The error "AH02018: request body exceeds maximum size (xxxxx) for SSL buffer" appears

Go to your SSL configuration and adjust <Location /dashboard>:

• dashboard

SSL certificate problem: unable to get local issuer certificate' in /opt/aom-dashboard/site/apiomat/protected/extensions/EActiveResource/EActiveResourceRequest.php:542

Please check your certificates. The error "unable to get local issuer certificate" indicates that the CA-certificate (or one of the certs in the chain) couldn't be verified. Try to investigate the error with the command:

• Command

With this command you can take a closer look for the problem. The problem should be that the CA-certificate is missing on the server system. Download the correct CA-certificate file (the output of the command should tell you which one you'll need) from the homepage of your CA and add it to /usr/local/share/ca-certificates and then run

• Command

error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

Please check your yambas.host configuration in the yambas.conf. Can you reach the specified server with curl on the command line? The error indicates that you're trying to connect to a wrong port (most common: you're trying to establish a HTTPS connection on the HTTP-Port)

• cURL

SSL certificate problem: unable to upload/download native module via ANT because of "javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name"

The server alias in your apache conf has a different value than your ssl certificate.

Please change the "ServerAlias" value in your apache conf to the name that is set in the ssl certificate.

403 during yum or apt update

Please check your package manager. Are the packages sources mirrored? Have our installation packages have been added? You can ask the admin or the data center.

Internal Server Error SSL received a record that exceeded the maximum permissible length.

Try the following: Disable useSsl in yambas.conf (useSsl=false)

All users can read the data of other users. Is this a security hole?

No. 1) This only applies to the basics.User class with the default module configuration. 2) You can either create a subclass and modify the access rules, or change the configuration of the module "Basics" accordingly (see Basics Module).

I forgot the SuperAdmin password, but cannot use the password reset function (e.g. no E-Mail-Host is configured). How can I reset the password?

It is possible to hash a new password and set it directly to database. Follow these instructions to reset SuperAdmin password on database layer:

1. Ensure YAMBAS is running

2. Extract the configEncryptionKey from your apiomat.yaml and use it as pepper (e.g.: pepper=4FhnGPU6WfwP9rJ1X1htuTyj2dRNuaQ8)

3. Open a connection to your MongoDb apiomat database

   • Bash

   mongo apiomat

4. Navigate to the collection apiomat.Customer and select the SuperAdmin

   • MongoDB Shell

   db.Customer.find({_id:"SuperAdmin"}).pretty()

5. Extract the value of the json key 'salt' from response (e.g. salt=75b1620333c34606623a9b6789589c98fff268c966591310072ad1503401a0ba)

   • MongoDB Shell

   db.Customer.find({_id:"SuperAdmin"}, {salt:1})

6. Select a new password by your own (e.g. password=123456)

7. Hash your password manually using the following settings: PBKDF2 With Hmac SHA512 , 4 iterations, key length 256, salt and peppered password
   You may use the following Java Tool:

   • Java

   import javax.crypto.SecretKey;

   import javax.crypto.SecretKeyFactory;

   import javax.crypto.spec.PBEKeySpec;

   import javax.xml.bind.DatatypeConverter;

   public class PasswordHasher

   {

   public static void main( String[ ] args ) throws Exception

   {

   /* values from example above */

   final String salt = "75b1620333c34606623a9b6789589c98fff268c966591310072ad1503401a0ba";

   final String pepper = "4FhnGPU6WfwP9rJ1X1htuTyj2dRNuaQ8";

   final String password = "123456";

    

   final String hashedPassword = createShaHash( pepper, salt, password ).toLowerCase( );

   System.out.println( hashedPassword );

   }

    

   private static String createShaHash( String pepper, String salt, String password ) throws Exception

   {

   final int iterations = 4;

   final int keyLength = 256;

   final String keyAlgorithm = "PBKDF2WithHmacSHA512";

    

   final SecretKeyFactory skf = SecretKeyFactory.getInstance( keyAlgorithm );

   final PBEKeySpec spec =

   new PBEKeySpec( ( pepper + password ).toCharArray( ), salt.getBytes( ), iterations, keyLength );

   final SecretKey key = skf.generateSecret( spec );

   final byte[ ] data = key.getEncoded( );

   return DatatypeConverter.printHexBinary( data );

   }

   }

8. Copy the generated lower case hash and paste it to apiomat.Customer.SuperAdmin.password, (e.g. password=801843d2b43936173f16ec6531adada9d0194719b938a260d6f25861a36f5068)

   • MongoDB Shell

   /* get your current hashed password to backup */

   db.Customer.find({_id:"SuperAdmin"}, {password:1})

    

   /* set your new generated hashed password */

   db.getCollection("Customer").update({ _id: "SuperAdmin" },

   {

   $set: { "password": "801843d2b43936173f16ec6531adada9d0194719b938a260d6f25861a36f5068" }

   })

9. Restart your yambas to clean the customer cache and login with your new password