[Freeipa-users] Delete host: Unable to communicate with CMS (Not Found)
John Dennis
jdennis at redhat.com
Thu Nov 17 18:25:28 UTC 2011
On 11/17/2011 11:46 AM, Dan Scott wrote:
> On Thu, Nov 17, 2011 at 11:35, John Dennis<jdennis at redhat.com> wrote:
>> On 11/17/2011 11:25 AM, Adam Young wrote:
>>>>
>>>> To summarise, the errors are:
>>>> SEVERE: Error initializing socket factory
>>>> java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
>>>> SEVERE: Failed to initialize connector [Connector[HTTP/1.1-9443]]
>>>> java.io.IOException: Failed to access resource /WEB-INF/lib/osutil.jar
>>>>
>>>> I'd guess that this means I'm missing a package? I'm having trouble
>>>> figuring out which one contains the code I'm missing. Maybe I need to
>>>> reinstall one?
>>
>>> Is this on F16? It might be that the package is there but not being
>>> picked up.
>>>
>>> JSS and osutils are a JNI packages, and you should find them in
>>> /usr/lib64/java/jss4.jar and osutil.jar, but they might end up in
>>> /usr/lib/java/jss4.jar and osutil,jar
>>
>> My guess is this is due to the fact these jars changed their location. The
>> symlinks to the jars are established by pkicreate. We have a bug open to
>> enchance pkicreate (or add a new tool) which will adjust the links after an
>> upgrade (sorry don't recall the bz number off the top of my head, could did
>> it up if necessary).
>>
>> You can cd to /var/lib/pki-ca
>>
>> and do an ls -l on
>>
>> common/lib
>>
>> and
>>
>> webapps/ca/WEB-INF/lib/
>>
>> and inspect the symbolic links to see if any are dangling. If so adjust the
>> link to point to it's new location.
>
> Success!
>
> Thanks so much.
>
> /var/lib/pki-ca/common/lib/jss4.jar
> /var/lib/pki-ca/webapps/ca/WEB-INF/lib/osutil.jar
> /var/lib/pki-ca/webapps/ca/WEB-INF/lib/symkey.jar
>
> Were all broken, pointing into /usr/lib/. Changing them to link to
> /usr/lib64 allowed pki to start properly and I can make changes to the
> host entry.
>
> It sounds like you have a fix for this in progress, or do I need to file a bug?
Found the bugzilla, it's
https://bugzilla.redhat.com/show_bug.cgi?id=728598
It's filed against Red Hat Certificate System in RHEL, not dogtag in
Fedora. Adam do you want to clone it into Fedora?
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list