Hello,
i updated my ST12.0.1FP1 environment to 12.0.2 on docker today.
After trying to login into meeting/chat i get an error and the user(s) cant login.
Checking logfiles i found a problem with the ltpa token; so i checked the ltpa.keys file within the auth container, but the file was missing.
Usually the the configuration for ltpa was added/changed within .ENV, the parameters are still in there and also the ltpa.keys is still in the LTPA_KEYS_FILE_PATH location
ENABLE_LTPA=true
LTPA_KEYS=/ltpa-config/ltpa.keys
LTPA_KEYS_PASSWORD=WebAS
LTPA_KEYS_FILE_PATH=/opt/ST12/stcustomparam/ltpa.keys
So i checked the docker-compose.yaml and there seams to be a change for the auth section.
ST 12.0.1
auth:
image: hclcr.io/st/meetings-auth.node:${BUILD_LEVEL}
....
volumes:
- ${LTPA_KEYS_FILE_PATH}:/ltpa-config/ltpa.keys:Z
ST 12.0.2
auth:
image: hclcr.io/st/meetings-auth.node:${BUILD_LEVEL}
.....
volumes:
- ./ltpa-config/ltpa.keys:/ltpa-config/ltpa.keys:Z
So the ltpa-config file is not taken anymore from the setting within .ENV
So if you want to upgrade to ST12.0.2 and have ltpa running, check the docker-compose.yaml setting for ltpa. In my case i changed this back to
volumes:
- ${LTPA_KEYS_FILE_PATH}:/ltpa-config/ltpa.keys:Z
and i could login again
HCL please correct this inside your script - because the documentation also uses the LTPA_KEYS_FILE_PATH variable within the .ENV file
https://opensource.hcltechsw.com/sametime-doc/v1202/admin/ltpa_configure_docker.html
Alexander -
that's one way to do it - but in 12.02, in an effort to simplify the ltpa configuration, we moved the ltpa.keys to the 'ltpa-config' folder. We are working on updating the configuration.
For an upgrade to 12.02 , simply copy the ltpa.keys to that folder. It may be necessary to update the ltpa_keys variable in .env to ./ltpa-config/ltpa,keys
On a new install - you will be prompted if you want to enable ltpa, and if so we will generate new keys for you or copy your existing keys to that same location.
Thank you @Anthony Payne
For me it is not easy to find this information within documentation if i am upgrading existing systems. I had also problem to configure/activate Admin UI after upgrade.
I found this new features/settings only after installing a new environment and then moving this settings to my upgraded environment.
It would be cool, if the ST12.0.2 migration documentation would be more detailed ?
Thank you for your help all the year. I wish you and HCL Team a wonderful Christmas and a happy New Year
I've run into the same issue on a fresh Sametime 12.0.2 setup with Docker. I think It would be necessary to update the documentation, remarking LTPA creation as an essential step. Otherwise there will be many other installations that will fail for this reason. An important detail is to change the permissions (chmod 644) in the "ltpa-config/ltpa.keys" file.
This is the extract of the .env file in my setup:
[root@sametimerhpro sametime]# cat .env | grep -i ltpa
ENABLE_LTPA=true
LTPA_KEYS_FILE_PATH=/opt/hcl/sametime/ltpa.keys
LTPA_KEYS=/ltpa-config/ltpa.keys
LTPA_KEYS_PASSWORD=WebAS
Web login working fine after copying the ltpa.keys file to the /ltpa-config folder.