ALCON, I am working my way through setting up a CentOS 6 64-bit workstation with 389 Directory Services and Dog Tag CS 9.0 for a test environment. I have the DS service up and running and have installed the "pki-core" RPMs and additonal Fedora Core 15 RPM files for pki-console and pki-ra. I successfully configured the CA and created the appropriate certificates. I can see the CA elements in the 389console so I know that CS <-> LDAP communications are successful. I can also use the pki-console to see that a CA certificate and its related key pair are available. My problems are related to the web side of the CA service. I cannot access the web-based services: FQDN:9444/ca/ee/ca (SSL End User Services) or FQDN:9443/ca/agent/ca/ (Agent Services (does prompt for a certifiate)) which are display as hyperlinks from CA Services page FQDN:45/ca/services. When I click these links I get a blank page. Also, the CA Services page shows "XXXXXX" and "XXXXXX® Certificate System" in the page heading. I assume something about Dog Tag should be there. To add some additional content I went ahead and installed the pki-ra RPM and attempted to configure the instance. When accessing the pki-ra administrative configuration page (this works) the RA cannot contact the existing Security Domain at FQDN:9445. This is confusing as the pkiconsole can connect at FQDN:9445/ca, so something must be working. :-) Any assistance would be most grateful. Thank you for your time and efforts. [root@FQDN ~]# service pki-cad status pki-ca (pid 1857) is running... [ OK ] Unsecure Port = <a href="http://FQDN:9180/ca/ee/ca">http://FQDN:9180/ca/ee/ca</a> Secure Agent Port = <a href="https://FQDN:9443/ca/agent/ca">https://FQDN:9443/ca/agent/ca</a> Secure EE Port = <a href="https://FQDN:9444/ca/ee/ca">https://FQDN:9444/ca/ee/ca</a> Secure Admin Port = <a href="https://FQDN:9445/ca/services">https://FQDN:9445/ca/services</a> EE Client Auth Port = <a href="https://FQDN:9446/ca/eeca/ca">https://FQDN:9446/ca/eeca/ca</a> PKI Console Port = pkiconsole <a href="https://FQDN:9445/ca">https://FQDN:9445/ca</a> Tomcat Port = 9701 (for shutdown) PKI Instance Name: pki-ca PKI Subsystem Type: Root CA (Security Domain) Registered PKI Security Domain Information: ========================================================================== Name: FQDN Domain URL: <a href="https://FQDN:9445">https://FQDN:9445</a> ========================================================================== [root@FQDN ~]# getenforce Permissive [root@FQDN ~]# service iptables status iptables: Firewall is not running. root@FQDN ~]# netstat -an|more Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 <a href="http://0.0.0.0:9830">0.0.0.0:9830</a> 0.0.0.0:* LISTEN tcp 0 0 <a href="http://0.0.0.0:5672">0.0.0.0:5672</a> 0.0.0.0:* LISTEN tcp 0 0 <a href="http://0.0.0.0:22">0.0.0.0:22</a> 0.0.0.0:* LISTEN tcp 0 0 <a href="http://127.0.0.1:25">127.0.0.1:25</a> 0.0.0.0:* LISTEN tcp 0 0 <a href="http://192.168.1.94:22">192.168.1.94:22</a> <a href="http://192.168.1.109:56448">192.168.1.109:56448</a> ESTABLISHED tcp 0 0 ::ffff:<a href="http://127.0.0.1:9701">127.0.0.1:9701</a> :::* LISTEN tcp 0 0 :::9445 :::* LISTEN tcp 0 0 :::389 :::* LISTEN tcp 0 0 :::9446 :::* LISTEN tcp 0 0 :::5672 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 ::1:25 :::* LISTEN tcp 0 0 :::9180 :::* LISTEN tcp 0 0 :::9443 :::* LISTEN tcp 0 0 :::9444 :::* LISTEN [root@FQDN ~]# more /var/log/pki-ca/system 2310.main - [28/Dec/2012:07:47:08 EST] [3] [3] Cannot build CA chain. Error java.security.cert.CertificateException: Certificate is not a PKCS #11 certificate 2310.main - [28/Dec/2012:07:47:09 EST] [13] [3] authz instance DirAclAuthz initialization failed and skipped, error=Property internaldb.ldapconn.port missing value 2310.http-9445-7 - [28/Dec/2012:07:51:37 EST] [3] [3] Cannot build CA chain. Error java.security.cert.CertificateException: Certificate is not a PKCS #11 certificate 2310.http-9445-7 - [28/Dec/2012:07:53:26 EST] [3] [3] CASigningUnit: Object certificate not found. Error org.mozilla.jss.crypto.ObjectNotFoundException 3256.http-9445-7 - [28/Dec/2012:09:05:06 EST] [20] [3] JSS Import certificate org.mozilla.jss.CryptoManager$NicknameConflictException [root@ca-l pki-ca]# more /var/log/pki-ca/localhost.2012-12-28.log Dec 28, 2012 7:47:27 AM org.apache.catalina.core.ApplicationContext log INFO: Use of the properties initialization parameter 'properties' has been deprecated by 'org.apache.velocity.properties' Dec 28, 2012 7:47:28 AM org.apache.catalina.core.ApplicationContext log INFO: Use of the properties initialization parameter 'properties' has been deprecated by 'org.apache.velocity.properties' Dec 28, 2012 7:56:07 AM org.apache.catalina.core.ApplicationContext log SEVERE: Servlet castart threw unload() exception javax.servlet.ServletException: Servlet.destroy() for servlet castart threw exception at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1413) at org.apache.catalina.core.StandardWrapper.stop(StandardWrapper.java:1739) at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4601) at org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:924) at org.apache.catalina.startup.HostConfig.undeployApps(HostConfig.java:1319) at org.apache.catalina.startup.HostConfig.stop(HostConfig.java:1290) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:323) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1086) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1098) at org.apache.catalina.core.StandardEngine.stop(StandardEngine.java:448) at org.apache.catalina.core.StandardService.stop(StandardService.java:584) at org.apache.catalina.core.StandardServer.stop(StandardServer.java:744) at org.apache.catalina.startup.Catalina.stop(Catalina.java:643) at org.apache.catalina.startup.Catalina.start(Catalina.java:618) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: java.lang.NullPointerException at com.netscape.ca.CertificateAuthority.shutdown(CertificateAuthority.java:496) at com.netscape.cmscore.apps.CMSEngine.shutdownSubsystems(CMSEngine.java:1609) at com.netscape.cmscore.apps.CMSEngine.shutdown(CMSEngine.java:1552) at com.netscape.certsrv.apps.CMS.shutdown(CMS.java:199) at com.netscape.cms.servlet.base.CMSStartServlet.destroy(CMSStartServlet.java:108) at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1394) ... 20 more Dec 28, 2012 9:43:03 AM org.apache.catalina.core.ApplicationContext log SEVERE: Servlet castart threw unload() exception javax.servlet.ServletException: Servlet.destroy() for servlet castart threw exception at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1413) at org.apache.catalina.core.StandardWrapper.stop(StandardWrapper.java:1739) at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4601) at org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:924) at org.apache.catalina.startup.HostConfig.undeployApps(HostConfig.java:1319) at org.apache.catalina.startup.HostConfig.stop(HostConfig.java:1290) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:323) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1086) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1098) at org.apache.catalina.core.StandardEngine.stop(StandardEngine.java:448) at org.apache.catalina.core.StandardService.stop(StandardService.java:584) at org.apache.catalina.core.StandardServer.stop(StandardServer.java:744) at org.apache.catalina.startup.Catalina.stop(Catalina.java:643) at org.apache.catalina.startup.Catalina.start(Catalina.java:618) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: java.lang.NoSuchMethodError at java.lang.Thread.destroy(Thread.java:979) at com.netscape.cmscore.jobs.JobsScheduler.shutdown(JobsScheduler.java:448) at com.netscape.cmscore.apps.CMSEngine.shutdownSubsystems(CMSEngine.java:1609) at com.netscape.cmscore.apps.CMSEngine.shutdown(CMSEngine.java:1551) at com.netscape.certsrv.apps.CMS.shutdown(CMS.java:199) at com.netscape.cms.servlet.base.CMSStartServlet.destroy(CMSStartServlet.java:108) at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1394) ... 20 more Dec 28, 2012 11:06:53 AM org.apache.catalina.core.ApplicationContext log SEVERE: Servlet castart threw unload() exception javax.servlet.ServletException: Servlet.destroy() for servlet castart threw exception at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1413) at org.apache.catalina.core.StandardWrapper.stop(StandardWrapper.java:1739) at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4601) at org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:924) at org.apache.catalina.startup.HostConfig.undeployApps(HostConfig.java:1319) at org.apache.catalina.startup.HostConfig.stop(HostConfig.java:1290) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:323) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1086) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1098) at org.apache.catalina.core.StandardEngine.stop(StandardEngine.java:448) at org.apache.catalina.core.StandardService.stop(StandardService.java:584) at org.apache.catalina.core.StandardServer.stop(StandardServer.java:744) at org.apache.catalina.startup.Catalina.stop(Catalina.java:643) at org.apache.catalina.startup.Catalina.start(Catalina.java:618) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: java.lang.NoSuchMethodError at java.lang.Thread.destroy(Thread.java:979) at com.netscape.cmscore.jobs.JobsScheduler.shutdown(JobsScheduler.java:448) at com.netscape.cmscore.apps.CMSEngine.shutdownSubsystems(CMSEngine.java:1609) at com.netscape.cmscore.apps.CMSEngine.shutdown(CMSEngine.java:1551) at com.netscape.certsrv.apps.CMS.shutdown(CMS.java:199) at com.netscape.cms.servlet.base.CMSStartServlet.destroy(CMSStartServlet.java:108) at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1394) ... 20 more Dec 28, 2012 11:59:32 AM org.apache.catalina.core.ApplicationContext log SEVERE: Servlet castart threw unload() exception javax.servlet.ServletException: Servlet.destroy() for servlet castart threw exception at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1413) at org.apache.catalina.core.StandardWrapper.stop(StandardWrapper.java:1739) at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4601) at org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:924) at org.apache.catalina.startup.HostConfig.undeployApps(HostConfig.java:1319) at org.apache.catalina.startup.HostConfig.stop(HostConfig.java:1290) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:323) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1086) at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1098) at org.apache.catalina.core.StandardEngine.stop(StandardEngine.java:448) at org.apache.catalina.core.StandardService.stop(StandardService.java:584) at org.apache.catalina.core.StandardServer.stop(StandardServer.java:744) at org.apache.catalina.startup.Catalina.stop(Catalina.java:643) at org.apache.catalina.startup.Catalina.start(Catalina.java:618) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: java.lang.NoSuchMethodError at java.lang.Thread.destroy(Thread.java:979) at com.netscape.cmscore.jobs.JobsScheduler.shutdown(JobsScheduler.java:448) at com.netscape.cmscore.apps.CMSEngine.shutdownSubsystems(CMSEngine.java:1609) at com.netscape.cmscore.apps.CMSEngine.shutdown(CMSEngine.java:1551) at com.netscape.certsrv.apps.CMS.shutdown(CMS.java:199) at com.netscape.cms.servlet.base.CMSStartServlet.destroy(CMSStartServlet.java:108) at org.apache.catalina.core.StandardWrapper.unload(StandardWrapper.java:1394) ... 20 more