[cups.general] Q. Is https required for remote administration?

wtautz wtautz at cs.uwaterloo.ca
Wed May 17 12:05:14 PDT 2006 

Michael Sweet wrote:


>> wtautz wrote:
>>
>  
>
>>>> Hello,
>>>>
>>>> Is it true that Remote administration (via web interface) requires
>>>> https?
>>    
>>
>>
>>
>> Only if CUPS is compiled with SSL support.
>>
>  
>
>>>> Seems to be the case. I'm using Ubuntu/Dapper and those folks have no
>>>> ssl linked into cupsd binary so I suspect this breaks remote
>>>> administration?
>>    
>>
>>
>>
>> No, if they didn't compile with SSL support, then you should never
>> get a 426 (upgrade required) error.
>>
>  
>
>>>> I get the Upgrade 426 message  and it tells me I have to connect to
>>>> https:443. It's interesting to note that this occurs even if I put in
>>>> Port 443 in the cupsd.conf file and cupsd is listening to 443.
>>    
>>
>>
>>
>> What does "ldd /usr/sbin/cupsd" show?
>  
>


>>         linux-gate.so.1 =>  (0xffffe000)
>>         libz.so.1 => /usr/lib/libz.so.1 (0xb7f6e000)
>>         libgnutls.so.12 => /usr/lib/libgnutls.so.12 (0xb7f05000)
>>         libslp.so.1 => /usr/lib/libslp.so.1 (0xb7ef6000)
>>         libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7ec2000)
>>         libpam.so.0 => /lib/libpam.so.0 (0xb7eba000)
>>         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7eb6000)
>>         libpaper.so.1 => /usr/lib/libpaper.so.1 (0xb7eb3000)
>>         libcups.so.2 => /usr/lib/libcups.so.2 (0xb7e86000)
>>         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7e74000)
>>         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0xb7e47000)
>>         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7d18000)
>>         libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d07000)
>>         libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7cbb000)
>>         libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7cb7000)
>>         libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7ca2000)
>>         libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7c8f000)
>>         liblber.so.2 => /usr/lib/liblber.so.2 (0xb7c83000)
>>         libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7c6e000)
>>         /lib/ld-linux.so.2 (0xb7f8a000)
>>
>  
>
So it looks like gnutls is being used. I guess to get around the
licensing issue
the Debian doesn't like . So encryption is being used.



>> Also, are you using "https://servername" or "http://servername:443"
>> to access the web interface?
>>
>  
>
I get the problem if I start with http://servername:443 I can't even
connect.
On the server I see a CLOSE_WAIT if I use lsof -i. This may be a local
issue.

More information about the cups mailing list