[Freeipa-users] FreeIPA 3.3.* bug with external-ca?
Andrea Bontempi
abontempi at dbmsrl.com
Fri Nov 8 14:31:52 UTC 2013
Here the log /var/log/pki/pki-tomcat/ca/debug
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: according to ccMode, authorization for servlet: caProfileSubmit is LDAP based, not XML {1}, use default authz mgr: {2}.
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: according to ccMode, authorization for servlet: caProfileSubmit is LDAP based, not XML {1}, use default authz mgr: {2}.
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet:service() uri = /ca/ee/ca/profileSubmit
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet::service() param name='xmlOutput' value='true'
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet::service() param name='requestor_name' value='IPA Installer'
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet::service() param name='profileId' value='caServerCert'
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet::service() param name='cert_request_type' value='pkcs10'
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet::service() param name='cert_request' value='MIICazCCAVMCAQ...[omissis]'
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet: caProfileSubmit start to service.
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: xmlOutput true
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: ProfileSubmitServlet: isRenewal false
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: according to ccMode, authorization for servlet: caProfileSubmit is LDAP based, not XML {1}, use default authz mgr: {2}.
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: Profile caServerCert Not Found
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: ProfileSubmitServlet: bad data provided in processing request: Profile caServerCert Not Found
[08/nov/2013:13:40:43][http-bio-8080-exec-2]: CMSServlet: curDate=Fri Nov 08 13:40:43 CET 2013 id=caProfileSubmit time=100
Log /var/log/pki/pki-tomcat/ca/system:
1434.http-bio-8443-exec-3 - [08/nov/2013:13:37:38 CET] [3] [3] Cannot build CA chain. Error java.security.cert.CertificateException: Certificate is not a PKCS #11 certificate
1434.http-bio-8443-exec-7 - [08/nov/2013:13:40:19 CET] [3] [3] CASigningUnit: Object certificate not found. Error org.mozilla.jss.crypto.ObjectNotFoundException
Thank you
More information about the Freeipa-users
mailing list