i ran update today (did it last time about 2 months ago) and after updating, opnsense boots with an error message i cannot interprete (see attachment).
how can i fix that?
i actually have no more internet accesss...but i need it for working...
attachment
Hi
i think that fix is mentioned at https://forum.opnsense.org/index.php?topic=30269.msg146331#msg146331
opnsense-patch 67e4a1d
hi fright
thanx for the reply!
i'm probably not experienced enough to understand how i should fix this.
i cannot see anything in common in the issue you point to and my crashing router. do you think both issues have the same reason?
as my router is neither accessible from web gui nor from ssh terminal, do i just need to type
opnsense-patch 67e4a1d
to the console window?
and this is expected to fix the issue?
thank you very much for supporting me!
Yes, enter the patch info on the command line (console or ssh). Running it a second time will remove the patch...just so you're aware.
hm. does not really look successful (see attached picture).
i think at this state, opnsense cannot get internet access.
sorry for delay (time zones)
its actually a pretty small fix - you can do the same by manually editing /usr/local/etc/inc/certs.inc file like this patch do:
https://github.com/opnsense/core/commit/67e4a1dd99a39b09c2c1424b34d280901ca0483f
and then reboot OPN
i found the file, and i think i also found this section, but the content in this part looks quite different (no try / catch section).
i assume that is should find something looking like white+red section and edit it in a way it looks like white+green. right?
but this does not seem to exist.
Quotebut the content in this part looks quite different (no try / catch section).
hm. then this is the wrong place.
yep, you should find the "$ca_key = $ca_key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1);" at row #666 and replace it with
if (method_exists($ca_key, 'withPadding')) {
$ca_key = $ca_key->withPadding(RSA::ENCRYPTION_PKCS1 | RSA::SIGNATURE_PKCS1);
}
like the patch do..
sorry, may be i read your previous posts too fast.
The patch I specified does not apply to your problem
let's start over. to what version you upgraded?
i'm quite sure that there's no such entry. at least grep can't find it too.
i'm really not sure which version this was.
as far as i remember, maybe 1-2 month ago, there was a mayor update, and after updating, there were again a few patches that had to be installed. so then i was on the latest version.
then last time i checked (might be 2-3 weeks ago), there were no updates available.
yesterday then, i've seen that there were updates (i remember the number 34, but i'm not sure if this was the number of patches to be installed) and i accepted to update...
and this crashed my system.
is there somewhere a log where i can see the details?
it looks strange for me (upgrade went wrong?):
certs.inc(34): require_once() is from "phpseclib2"-version of certs.inc (22.7.2?). and your screenshot with grep results prove it
but "Uncaught Error: Class "phpseclib3\.." message says that the phpseclib version has already been updated
so its 22.7.3 OPN with certs.inc from 22.7.2?
yes, i assume that something went wrong while installing the updates.
i've seen before that the ramdisk with the log files was almost full. i assumed that updates are done using the ssd. so if they use the ramdisk instead, this could be the reason for failing.
so the question is now how to get out of this situation...
is there a way to revert to the old version, i.e. to 22.7.2?
sorry, maybe someone with a deeper understanding can suggest a solution.
for me it looks like an unpredictably broken installation and that infrequent case when I would just save the config and install the system from scratch
thanx for your support!
in the mean time, i reinstalled an old image and run update for several times.
so far, it looks like opnsense is working fine again.
so this topic can be closed.