PS.. I know what causes the problem with scp for OCI. its the command you added into the bash profile. this apparently mucks it up.. and errors.. once you comment this out.. it works as normal
Interesting! Yes you’re right. Apparently the echo during the sourcing causes the issue. Now I want to understand why Ubuntu doesn’t seem to have that particular problem. Thanks for pointing that out!
The Oracle Linux certainly has its points of difference
Thanks for sharing these specific details.. I was not 100% sure about how to set this up..
I also remembered that I did not explain what i did to fix the command and how the zitiLogin was breaking. In my original post to @markamind I had neglected to use one special field which I thought I transcribed. All the certs, the client certs and the server certs need to use the same key. In the original command I forgot to pass the --key-file parameter. I fixed that error above with the highlighted line:
This was the missing step. During the process I also discovered that I only gave him one of two needed commands (the controller pki) and forgot about the edge pki.
Slowly working through all of this… I have most things worked out now… and are working on rebuilding the server and router certificates
This has been a really valuable learning exercise.
I am not sure I follow this step. Is this one command? What does HERE mean?
Is this step making the chain.pem file foe each of the certificates.. if so.. how does it make the file name
My bash skills still needs more work
just copy and paste the whole block and it’ll execute. Alternatively, just execute these commands:
# find the CONTROLLER server cert use:
$(find $ZITI_HOME -name "*${new_ctrl_cert_name}*chain.pem")
# find EDGE CONTROLLER server cert use:
$(find $ZITI_HOME -name "*${new_edge_ctrl_cert_name}*chain.pem")
Then if you’re interested to learn more, lookup and read about heredocs . It was an attempt to make it easier than harder - which seems to have failed!
No.. no failure.. and in fact.. very helpful.. as it helps me learn more.
What is the meaning of the _server_cert
identity property on a web bind point?
it’s an easy way to backup an entry in yaml or in json… just prepend it with an underscore so that the parser just kinda ignores it.
i often prepend the underscore like that so it’s easy to ‘undo’ if i need to.