Try the fastest and simplest way to install ONLYOFFICE

[Community Server] core.machinekey key

Tech support for Enterprise Version

[Community Server] core.machinekey key

Postby dsi-lille » Thu May 31, 2018 1:07 pm

Hello,

core.machinekey key in the web.appsettings.config is used to generate the authentication cookie.
It is safe to let the default value ? Or it's better to change it ?

Thanks for your answer,
Yoann
dsi-lille
 
Posts: 200
Joined: Mon Jul 11, 2016 1:47 pm

Re: [Community Server] core.machinekey key

Postby Carl » Tue Jun 05, 2018 11:04 am

Hello Yoann,

We wouldn't recommend changing the default core.machinekey value as it may cause some issues. For example, it may revert back to default during updates which may lead to incorrect functioning of the portal. Moreover, if you change the core.machinekey parameter in web.appsettings.config, you have to change it in configs of other services as well.

We are currently testing the possibility to change this parameter.
Carl
 
Posts: 27
Joined: Thu Apr 12, 2018 10:00 am

Re: [Community Server] core.machinekey key

Postby dsi-lille » Tue Jun 05, 2018 11:53 am

Hello Carl,

thanks for your answer !

Yoann.
dsi-lille
 
Posts: 200
Joined: Mon Jul 11, 2016 1:47 pm

Re: [Community Server] core.machinekey key

Postby dsi-lille » Thu Jun 28, 2018 2:17 pm

Hello Carl,

i succesfully manage to change the value of core.machinekey :)
And i strongly recommend to change this value !

Below, what i did on the Docker version :

1) add ONLYOFFICE_CORE_MACHINEKEY environment variable for both Community Server and Control Panel.
The value of this environment variable will be the value of core.machinekey (use a strong key).

2) Unfortunately, 2 parameter files don't use this environment variable.
You will need to replace the values, below, by yourself in the container... (or use an entrypoint script to do it)

Community Server : /var/www/onlyoffice/ApiSystem/Web.config ---> <add key="core.machinekey" value="Vskoproizvolny Salt par Chivreski" />
Control Panel : /var/www/onlyoffice/controlpanel/services/sso.auth/config/production.json: ---> "machinekey": "Vskoproizvolny Salt par Chivreski"

restart ApiSystem : docker exec onlyoffice-community-server service monoserveApiSystem restart
restart SSO service : docker exec onlyoffice-control-panel service pm2 restart sso-auth

3) If you use LDAP authentication, at this point you will not be able to authenticate anymore with an LDAP user.
To solve this : connect to OnlyOffice with the administrator account (local accounts works), go to control panel and open the LDAP page.
Fill out again the Login and Passwords fields in the LDAP Settings.
Save and press OK to start importing users.

Et voilà ! You should be able to authenticate again with an LDAP account :)

Yoann.

edit : typo
dsi-lille
 
Posts: 200
Joined: Mon Jul 11, 2016 1:47 pm


Return to Enterprise Version

Who is online

Users browsing this forum: No registered users and 1 guest

cron