Failed to install LinkedDataHub (static net::ERR_CONNECTION_REFUSED error)

[givemetarte]

Hi, I got an error while installing LinkedDataHub.
I can access LinkedDataHub through http://localhost:4443/, but the problem is that static files are not loaded.

Machine info

• Ubuntu v20.04.6
• Docker v24.0.2
• Docker Compose v2.27.0

Installation info

1. add .env file

COMPOSE_CONVERT_WINDOWS_PATHS=1
COMPOSE_PROJECT_NAME=linkeddatahub

PROTOCOL=https
HTTP_PORT=81
HTTPS_PORT=4443
HOST=localhost
ABS_PATH=/

OWNER_MBOX=****@gmail.com
OWNER_GIVEN_NAME=****
OWNER_FAMILY_NAME=****
OWNER_ORG_UNIT=****
OWNER_ORGANIZATION=****
OWNER_LOCALITY=****
OWNER_STATE_OR_PROVINCE=****
OWNER_COUNTRY_NAME=**

2. run ./scripts/setup.sh .env ssl password password 3650
3. run docker-compose up --build
4. localhost:4443 in the browser

I don't know what the problem is..🥲

Also, HTTPS is not authenticated, and as shown in the above image, an error saying 'Access not authorized for require URI' appears.'

[namedgraph]

@givemetarte it looks like you're not accessing LDH on localhost? Reset the environment (see README) and try to specify the actual host (or IP address) in the .env config.

[givemetarte]

Thanks for your help! Your directions worked, but another error comes up...
I thinks the issue is related to certificates. I followed "get an account" direction and copy keystore.p12 to my local(using SCP).

But, as below image, the popup (an error has occurred) comes out and said "invalid password." (I double-checked my password..🥲)

I've tried installing both cert.pem and public.pem locally, but only public.pem was successfully installed. However, even after relaunching Chrome, I still receive the "Accessed not authorized" error. How can I do?

[namedgraph]

@givemetarte did you solve this? What was the problem?

[givemetarte]

The error is not completely solved. My chrome browser still comes up the error in my Mac. However, in Window, I can access LinkedDataHub with no error.

The guides in README setup worked well in Window, not Mac.

5. Install ssl/owner/keystore.p12 into a web browser of your choice (password is the $owner_cert_pwd value supplied to setup.sh)
   Google Chrome: Settings > Advanced > Manage Certificates > Import...
   Mozilla Firefox: Options > Privacy > Security > View Certificates... > Import...
   Apple Safari: The file is installed directly into the operating system. Open the file and import it using the Keychain Access tool (drag it to the local section).
   Microsoft Edge: Does not support certificate management, you need to install the file into Windows. Read more here.

The public.pem certificate is in my local, but nothing happens when I access to LinkedDataHub.

[namedgraph]

@givemetarte you have to import the .p12 keystore file (ssl/owner/keystore.p12), not the .pem certificate file.

[namedgraph]

@givemetarte can you provide more info?

[givemetarte]

The keystore.p12 does not work well in MacOS. I copied keystore.p12 in my MacOS laptop and Window desktop. The settings below in README.md worked well in Window chrome browser.

Install ssl/owner/keystore.p12 into a web browser of your choice (password is the $owner_cert_pwd value supplied to setup.sh)
Google Chrome: Settings > Advanced > Manage Certificates > Import...
Mozilla Firefox: Options > Privacy > Security > View Certificates... > Import...
Apple Safari: The file is installed directly into the operating system. Open the file and import it using the Keychain Access tool (drag it to the local section).
Microsoft Edge: Does not support certificate management, you need to install the file into Windows. Read more here.

However, when I clicked the keystore.p12 file in MacOS, the popup said the password is invalid.
I set up the certificate well with the changed password in Window, and I don't know why the certificate is not recognized in macos.

[gaetanmuck]

Having the exact same problem here, on MacOS, seems to be related to

• https://discussions.apple.com/thread/255082743?sortBy=best
• https://discussions.apple.com/thread/254518218?sortBy=best

In shorts, from what I understood, there is a non compatibility between openssl used in the script and LibreSSL used by Apple Keychain, resulting in the error "wrong password".

Workaround: use Firefox (does not use keychain for certificates)

But still have the 403 issue (like here) on /sparql?query=...

---

EDIT:
Making a clean reset solve the pb (sudo rm -rf data uploads && docker-compose down -v as mentioned here)

[namedgraph]

@gaetanmuck thanks for a detailed report.

I need to do more testing on MacOS... Do you see an easy fix for this? Because I don't 😅

[gaetanmuck]

Well, except telling Google to not use KeyChain, or to tell Apple to not use LibreSSL, or to ask OpenSSL devs to make it compatible, my only solution is to use Firefox, which works normally, so may be easier than the other solutions :)

Btw when I was researching the problem, I saw that the -legacy tag on openssl calls should have had solved the problem in your setup.sh, but was not able to make it work. Do not know why