adrianomsalgado
Veteran Member
Posts:72
 |
| 2010-03-17 10:56 AM |
|
I use IIS 7.5.7600 on windows 7 professional 64-bits
So, how can I make the port 8000 work? I just don´t get what´s happening!!! |
|
|
|
|
jchan
Senior Member
Posts:134
|
| 2010-03-17 11:09 AM |
|
adriano,
from what I can see, the first problem is not the certificate. Maybe the certificate is OK, maybe not, but the first problem is that the RIS Server is not running. You should try to focus your effort on understanding why the RIS server is not starting.
I suggest you post the log from the RIS server from a fresh restart. That means stop the RIS, clear the log, start the RIS, and see what it says.
Note that in order for the RIS server to start successfully, the certificate must be installed correctly through IIS, if it is not, the log will tell you that it cannot find the certificate.
john |
|
|
|
|
cipi
Basic Member
Posts:11
|
| 2010-03-17 11:12 AM |
|
Delete the certificate installed on IIS and restart the RIS service, if the installation was done properly RIS server must listen on port 8000. I recommend you try ClearCanvas PACS on Windows 2003 Server or 2008 Server if possible on a virtual machine. |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-17 11:44 AM |
|
How did you installed the certificate?
Did you generated de Certificate request at the IIS then use the "openssl ca -policy policy_anything -config openssl.conf -cert certs/ca.cer -in requests/certreq.txt -keyfile keys/ca.key -days 360 -out certs/iis.cer" and then "openssl x509 -in certs/iis.cer -out certs/iisx509.cer".
After that, go back to IIS and install the iisx509.cer with the "complete certificate request" button?
Don´t i need to do any binding?
thanx!!!! |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-17 02:35 PM |
|
Ok Jchan, thank you very much for your observations. The thing is that, if a Uninstall workstation and ris e reinstall with the option of local clients only, everything work just fine. So, I don´t believe the RIS server is not running. And if I remove all the certificates I´ve installed on IIS, I get the same TCP error. It is as if the RIS wasn´t seeing the certificate!!
I might be misunderstanding the way you must create a certificate request from the IIS and the way I complete the request. That´s the unique thing I can think about all this.
Could anyone discribe how to use openssl and create a valid certificate?
thank you guys very much for your patience. |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-17 02:36 PM |
|
Another thing, I don´t believe it has anything to do to the OS. I´m just missing some step between genegerating de certificate request and installing de validated/signed certificate.
I believe that if you help me with this We´ll solve the problem. |
|
|
|
|
jchan
Senior Member
Posts:134
|
| 2010-03-17 03:08 PM |
|
If your RIS Server is running, your netstat should have revealed a socket for it, but it didn't. So I suspect that your RIS server isn't running. I recommend you post the log from the RIS server after startup.
It may be true that you do not have the cert installed properly, but you won't know for sure unless you examine the RIS server log.
John |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-17 09:57 PM |
|
ok john,
i´ve already uninstalled the ris and the workstation, the same for any certificate that exists at the iis.
As soon as i reinstall it i´ll post the ris log in here, ok?
Another thing,once the ris server is running, how should that appear at the netstat?
thanx, |
|
|
|
|
jchan
Senior Member
Posts:134
|
| 2010-03-17 10:04 PM |
|
you should see the server ip and port 8000 listed. it should say something like:
TCP 192.168.1.3:8000 LISTENING
If you don't see :8000 anywhere, then it isn't running (or you've somehow configured the RIS to use a port other than 8000).
You will see in the log if it is running or if it stopped because of an error.
You can also check in the Windows Services Console if the shredhost is running or not. |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-18 06:51 AM |
|
Another thing, should i install the Certificate before or after I install the RIS Server? Becouse before the CCRis server Shred service was running at the services.msc.
thanx |
|
|
|
|
cipi
Basic Member
Posts:11
|
| 2010-03-18 07:03 AM |
|
In my case RIS service was running but not listening on port 8000 after installing the certificate and restart the IIS and RIS service then everything was ok, RIS service was listening on port 8000. |
|
|
|
|
jchan
Senior Member
Posts:134
|
| 2010-03-18 10:16 AM |
|
As specified in the getting started guide http://www.clearcanvas.ca/dnn/Portals/0/ClearCanvasFiles/Documentation/GettingStartedGuide/2_0_SP1/
the certificate is a prerequisite, so you must install it before installing the RIS. |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-18 04:32 PM |
|
Sorry guys,
dumbness from my part.
I´ve downloaded a self-certificate software form Abylon. The thing is that I´ve been installing the certificate after the installation of RIS. I thought, though, that if you could or could not install the certificate(remote client or local only, respectively) anytime i decided to convert to remote the thing was reinstall the RIS and then put the certificate. My mistake!!!
but i still can´t use the openssl solution. the guide from http://www.dylanbeattie.net/d...howto.html might have some inconsistency with IIS7. |
|
|
|
|
jchan
Senior Member
Posts:134
|
| 2010-03-18 04:57 PM |
|
Every time you install the RIS server, the service auto starts after the install is complete so that's why it is recommended to have the cert installed first, but even if you install the cert after the RIS, you can always just stop the RIS server service and then start it again to get it working. It always looks for the cert on startup and if it can't find it, it will stop.
If you are restarting/rebooting and the service still doesn't start up (i.e. nothing listening on 8000 and client can't connect) then you can start to suspect that the cert is probably not installed correctly or not valid. It says all this in the log so always check the log for info about what is going on when you can't connect with a client.
You can change from local client setup to remote client setup anytime without reinstalling as long as you have the necessary certificate and modify the endpoints in the app.config of the client and server to reflect the configuration. There are some details about the mechanics and requirements in the Getting Started Guide in the certificate section. However, it's questionable whether or not it is worth learning how to modify the app.config since the server install/uninstall process is so easy. |
|
|
|
|
adrianomsalgado
Veteran Member
Posts:72
|
| 2010-03-18 10:41 PM |
|
problem solved!
the openssl certificate as instructed in the address i´ve posted is not good for iis7 at least.
an alternative is to use abylon selfcertificate, much easier and it works!!!
now i´ve got a diferent trouble: i can´t import a study inside the explorer. receive an error message. I´ve created a new topic under Workstation.
hope you can help as you did.
thanx a lot!!! |
|
|
|
|
salsero
New Member
Posts:2
|
| 2010-04-21 03:27 AM |
|
cipi , i need a Certificate.
Tell me what can i must to do . |
|
|
|
|