Resolving LibreNMS error "RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths"
In late May of 2018, the LibreNMS project released version 1.40. This update brought the Laravel framework to LibreNMS, and with it came some interesting new errors. Most of them are covered in the community announcement titled New Requirements for 1.4.0. I've encountered some errata that I wanted to cover here.
Command changes for FreeBSD
FreeBSD users will need to make a couple of modifications to the release guidance:
FreeBSD doesn't have a standalone
usermodcommand. Instead of the
usermodcommand suggested by LibreNMS, run
pw usermodinstead, such that the user that runs Apache on your system is added to the
librenmsgroup. In my case, Apache runs as
daemon, so I ran:
[root@host librenms]# pw usermod daemon -G librenms
setfaclcommand lacks a recursive
-Roption. Disregard the
setfaclcommands suggested by LibreNMS and run the following
chmodinstead, from within the main LibreNMS directory:
[root@host librenms]# chmod -R ug+rwx bootstrap storage logs
Because group membership doesn't take effect until the next login, you'll need to restart Apache at the very least, and you may need to reboot the system. After doing so, the permissions errors had cleared for me, but I was getting a new one...
RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths
This presented itself as a generic "Exception" page (with a cute mascot), which wasn't very helpful. I had to look in the LibreNMS
logs/librenms.log file to find the actual error:
[2018-06-04 18:16:17] production.ERROR: RuntimeException: The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths. in /path/to/librenms/vendor/laravel/framework/src/Illuminate/Encryption/Encrypter.php:43 [full stack trace]
The solution to this RuntimeException is to cd to your main LibreNMS directory (the equivalent of
/path/to/librenms in the error message above) and run:
[root@host librenms]# php artisan key:generate
Upon success, you'll see output like this:
Application key [base64:IZKYh1.......] set successfully.
Now load the LibreNMS web interface again and you should see the login page.