MindTouch Community Portal
Logged in: Logged in as: Log in
Register
Search:
Page last modified 12:01, 9 Jan 2009 by brianh
MindTouch Community Portal > MindTouch Community Portal > Knowledge Base > Debugging Prince issues
Page Notifications Off
1 of 1 found this page helpful

Debugging Prince issues

    I was getting PDF output with no images. So, I set Prince up to give me some logging output.  You can too!

    First, change your Prince path in mindtouch.deki.startup.xml

    <princexml-path>/usr/bin/prince</princexml-path>

    I created a script called /usr/local/bin/prince, which reads like this:

    #!/bin/sh
/usr/bin/prince -v --log /tmp/prince.log $*

    A similar batch file for Windows users could look like this:

    @echo off
C:\Program Files\Prince\Engine\bin\prince.exe -v --log C:\Temp\Prince.log %*

    Now, when you run Prince, you will get an output log:

    Mon Oct 20 12:32:52 2008: ---- begin
Mon Oct 20 12:32:55 2008: loading HTML input: -
Mon Oct 20 12:32:55 2008: -:2: error: Unexpected end tag : p
Mon Oct 20 12:32:55 2008: -:8: warning: Namespace prefix o is not defined
Mon Oct 20 12:32:55 2008: -:8: error: Namespace prefix xmlns of attribute o is not defined
Mon Oct 20 12:32:55 2008: -:8: error: Tag o:p invalid
Mon Oct 20 12:32:55 2008: loading style sheet: /tmp/tmp545c879.tmp
Mon Oct 20 12:32:55 2008: loading image: https://wiki.com/@api/deki/files/9/=1.png?size=bestfit&width=231&height=329&authtoken=3_633601171724498430_bef184986078955725943b9f22603055
Mon Oct 20 12:32:55 2008: https://wiki.com/@api/deki/files/9/=1.png?size=bestfit&width=231&height=329&authtoken=3_633601171724498430_bef184986078955725943b9f22603055: warning: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Mon Oct 20 12:32:55 2008: used font: Pigiarniq, Bold
Mon Oct 20 12:32:55 2008: used font: Gentium Book Basic, Regular
Mon Oct 20 12:32:55 2008: used font: Courier New, Regular
Mon Oct 20 12:32:55 2008: used font: Gentium Book Basic, Bold
Mon Oct 20 12:32:55 2008: ---- end

    Scroll over a little bit and you will see the problem: it's trying to fetch an image, but the CA isn't trusted.

    Prince SSL problems

    Prince can take an undocumented parameter of a SSL certificates file in CER (Base 64, aka BEGIN CERTIFICATE) format.  As Prince uses libCurl, you can use Curl's SSL certs help to help you get the CA that signed your cert, into a file that Prince can read.

    Test this manually with curl:

    root@dekiwiki:/tmp# curl --cacert curl-ca-bundle.crt "https://wiki.com/@api/deki/files/9/=1.png"

    It should download with no error.

    I have changed my script to look like this:

    #!/bin/sh
/usr/bin/prince -v --log /tmp/prince.log --ssl-ca-cert=/tmp/curl-ca-bundle.crt $*

    If you're using a self signed certificate, you can use the Apache .PEM directly.

    Now, Prince should be able to read the files directly, without SSL errors.

     

    Prince Timeout problems

    In deki 8.08.* prince had a hard-coded timeout of 60 seconds.  This can cause problems if a page contains many embedded images which must be downloaded.  (Bug Report, Forum post).  The timeout is now configurable in the trunk branch but hasn't been backported to the 8.08.2 branch.

    PeteE has compiled a custom mindtouch.deki.dll against the 8.08 branch with the patch in r12040.  You can apply this against a 8.08.2 wiki with the following steps:

    wget -O /var/www/dekiwiki/bin/mindtouch.deki.dll http://wiki.developer.mindtouch.com/@api/deki/files/3805/=mindtouch.deki.dll

    Then edit your /etc/dekiwiki/mindtouch.deki.startup.xml and add the <princexml-timeout>120000</princexml-timeout>

          <princexml-path>/usr/bin/prince</princexml-path>
      <princexml-timeout>120000</princexml-timeout> <!-- 120 seconds -->

    Then restart dekihost:

    /etc/init.d/dekiwiki restart

     

    Generating a Large PDF

    If you're attempting to convert a Deki page that contains a lot of images and data and you're still running into timeout problems after installing the custom DLL, you may be running into Apache timeout issues. To fix this, insert the following into your deki-apache.conf file:

            ProxyPass /@api http://localhost:8081 retry=1
            ProxyPassReverse /@api http://localhost:8081
            SetEnv force-proxy-request-1.0 1
            SetEnv proxy-nokeepalive 1
            ProxyTimeout 300

    Mod_proxy inherits the Timeout value from what is set in httpd.conf so this line overrides that value.

    Was this page helpful?
    Tag page
    What links here

    Files 1

    Attach file or image
    FileVersionSizeModified 
    Viewing 2 of 2 comments: view all
    #1
    bohappa says:
    Very nice article. Ty.
    Posted 06:29, 17 Jun 2009
    #2
    rdickerson says:
    Found another undocumented switch for prince...

    "There is an undocumented Prince option --ssl-blindly-trust-server which might workaround the need for certificate verification, but we strongly discourage people using this as it defeats the whole point of using SSL in the first place."

    The way I see it, prince runs on the local host, so why do I need to validate the cert to itself. Using this switch along with the script method above solved it for me. Thanks!
    Posted 14:17, 13 Jan 2010
    Viewing 2 of 2 comments: view all
    You must login to post a comment.
    MindTouch Social Knowledge Base

    Copyright © 2011 MindTouch, Inc. Powered by