(new Soapbox())->shout(array_map('strtoupper', $opinions)); //Shaun's blog


Me, elsewhere

GitHub
parseword
Miscellaneous public code

snuze
A PHP API client for Reddit

Twitter
@parseword
I don't tweet much

XMPP chat
xmpp@shaunc.com
(Pidgin, Miranda, Swift, etc.)


Perfect is the enemy of good enough.

Resolving LibreNMS error "RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths"

Posted June 04, 2018 by shaun

In late May of 2018, the LibreNMS project released version 1.40. This update brought the Laravel framework to LibreNMS, and with it came some interesting new errors. Most of them are covered in the community announcement titled New Requirements for 1.4.0. I've encountered some errata that I wanted to cover here.

Command changes for FreeBSD

FreeBSD users will need to make a couple of modifications to the release guidance:

  1. FreeBSD doesn't have a standalone usermod command. Instead of the usermod command suggested by LibreNMS, run pw usermod instead, such that the user running Apache on your system is added to the librenms group. In my case, Apache runs as daemon, so I ran:

    [root@host librenms]# pw usermod daemon -G librenms

  2. In FreeBSD versions prior to 12.0-RELEASE, FreeBSD's setfacl command lacks a recursive -R option. Disregard the setfacl commands suggested by LibreNMS and run the following chmod instead, from within the main LibreNMS directory:

    [root@host librenms]# chmod -R ug+rwx bootstrap storage logs

Because group membership doesn't take effect until the next login, you'll need to restart Apache at the very least, and you may need to reboot the system. After doing so, the permissions errors had cleared for me, but I was getting a new one...

RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths

This presented itself as a generic "Exception" page (with a cute mascot), which wasn't very helpful. I had to look in the LibreNMS logs/librenms.log file to find the actual error:

[2018-06-04 18:16:17] production.ERROR: RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths. in /path/to/librenms/vendor/laravel/framework/src/Illuminate/Encryption/Encrypter.php:43 [full stack trace]

The solution to this RuntimeException is to cd to your main LibreNMS directory (the equivalent of /path/to/librenms in the error message above) and run:

    [root@host librenms]# php artisan key:generate

Upon success, you'll see output like this:

    Application key [base64:IZKYh1.......] set successfully.

Now load the LibreNMS web interface again and you should see the login page.


LibreNMS logo via LibreNMS



Recent articles

📰 Compiling Doxygen on FreeBSD without LaTeX and Ghostscript

📰 Introducing Snuze, a PHP client for the Reddit API

📰 jisusaiche: Java's installer telemetry

📰 BIND client log error "query_find: query_getdb failed"

📰 Resolving "The lang/perl5.24 port has been deleted: Has expired" portmaster error

📰 Armagaddon2 interim fix for Firefox 56 and other old versions

📰 Strange DNS queries: qname "miep", qtype ANY

📰 Undeliverable as addressed: A massive broken spam campaign?

📰 Using WITH_META_MODE and ccache for FreeBSD build boosts

📰 Resolving subversion error E000013: Unable to create pristine install stream

📰 Enhancements to SmokePing's AnotherDNS probe

📰 Generating vanity DNSSEC key tags

📰 DDoS involving forged packets from 23.225.141.70

📰 Website integrity monitoring through version control

📰 SpamAssassin 3.4.2 fixes security problems, adds HashBL and phishing plugins

▲ Back to top | Permalink to this page