<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 12 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Georgia;
panose-1:2 4 5 2 5 4 5 2 3 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">I am trying to migrate from OS 6.x / IPA 3.0 to OS 7.x / IPA 4.x. After working through and solving a few issues, my current efforts fail when setting up the replica CA.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">If I set up a new, pristine master on OS 6.7, I am able to create an OS 7.x replica without any problem. However, if I try to create a replica from my two year old test lab instance (production will be another matter for the future) it
fails. The test lab master was created a couple of years ago on OS 6.3 / IPA 2.x and has been upgraded to the latest versions in the 6.x chain. It is old enough to have had all the certificates renewed, but I believe I have worked through all the issues related
to that.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Below is what I believe are the useful portions of the pertinent logs. I’ve not been able to find anything online that speaks to the errors I am seeing<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks for your help.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">/var/log/ipareplica-install.log<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG [1/23]: creating certificate server user<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG group pkiuser exists<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG user pkiuser exists<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG duration: 0 seconds<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG [2/23]: configuring certificate server instance<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG Contents of pkispawn configuration file (/tmp/tmpGQ59ZC):<o:p></o:p></p>
<p class="MsoNormal">[CA]<o:p></o:p></p>
<p class="MsoNormal">pki_security_domain_name = IPA<o:p></o:p></p>
<p class="MsoNormal">pki_enable_proxy = True<o:p></o:p></p>
<p class="MsoNormal">pki_restart_configured_instance = False<o:p></o:p></p>
<p class="MsoNormal">pki_backup_keys = True<o:p></o:p></p>
<p class="MsoNormal">pki_backup_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_profiles_in_ldap = True<o:p></o:p></p>
<p class="MsoNormal">pki_client_database_dir = /tmp/tmp-g0CKZ3<o:p></o:p></p>
<p class="MsoNormal">pki_client_database_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_client_database_purge = False<o:p></o:p></p>
<p class="MsoNormal">pki_client_pkcs12_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_admin_name = admin<o:p></o:p></p>
<p class="MsoNormal">pki_admin_uid = admin<o:p></o:p></p>
<p class="MsoNormal">pki_admin_email = root@localhost<o:p></o:p></p>
<p class="MsoNormal">pki_admin_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_admin_nickname = ipa-ca-agent<o:p></o:p></p>
<p class="MsoNormal">pki_admin_subject_dn = cn=ipa-ca-agent,O=EXAMPLE.COM<o:p></o:p></p>
<p class="MsoNormal">pki_client_admin_cert_p12 = /root/ca-agent.p12<o:p></o:p></p>
<p class="MsoNormal">pki_ds_ldap_port = 389<o:p></o:p></p>
<p class="MsoNormal">pki_ds_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_ds_base_dn = o=ipaca<o:p></o:p></p>
<p class="MsoNormal">pki_ds_database = ipaca<o:p></o:p></p>
<p class="MsoNormal">pki_subsystem_subject_dn = cn=CA Subsystem,O=EXAMPLE.COM<o:p></o:p></p>
<p class="MsoNormal">pki_ocsp_signing_subject_dn = cn=OCSP Subsystem,O=EXAMPLE.COM<o:p></o:p></p>
<p class="MsoNormal">pki_ssl_server_subject_dn = cn=pt-idm-vm01.example.com,O=EXAMPLE.COM<o:p></o:p></p>
<p class="MsoNormal">pki_audit_signing_subject_dn = cn=CA Audit,O=EXAMPLE.COM<o:p></o:p></p>
<p class="MsoNormal">pki_ca_signing_subject_dn = cn=Certificate Authority,O=EXAMPLE.COM<o:p></o:p></p>
<p class="MsoNormal">pki_subsystem_nickname = subsystemCert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">pki_ocsp_signing_nickname = ocspSigningCert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">pki_ssl_server_nickname = Server-Cert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">pki_audit_signing_nickname = auditSigningCert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">pki_ca_signing_nickname = caSigningCert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">pki_ca_signing_key_algorithm = SHA256withRSA<o:p></o:p></p>
<p class="MsoNormal">pki_security_domain_hostname = ptipa1.example.com<o:p></o:p></p>
<p class="MsoNormal">pki_security_domain_https_port = 443<o:p></o:p></p>
<p class="MsoNormal">pki_security_domain_user = admin<o:p></o:p></p>
<p class="MsoNormal">pki_security_domain_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_clone = True<o:p></o:p></p>
<p class="MsoNormal">pki_clone_pkcs12_path = /tmp/ca.p12<o:p></o:p></p>
<p class="MsoNormal">pki_clone_pkcs12_password = XXXXXXXX<o:p></o:p></p>
<p class="MsoNormal">pki_clone_replication_security = TLS<o:p></o:p></p>
<p class="MsoNormal">pki_clone_replication_master_port = 7389<o:p></o:p></p>
<p class="MsoNormal">pki_clone_replication_clone_port = 389<o:p></o:p></p>
<p class="MsoNormal">pki_clone_replicate_schema = False<o:p></o:p></p>
<p class="MsoNormal">pki_clone_uri = https://ptipa1.example.com:443<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG Starting external process<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:55:11Z DEBUG args='/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpGQ59ZC'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG Process finished, return code=1<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG stdout=Log file: /var/log/pki/pki-ca-spawn.20160323175511.log<o:p></o:p></p>
<p class="MsoNormal">Loading deployment configuration from /tmp/tmpGQ59ZC.<o:p></o:p></p>
<p class="MsoNormal">Installing CA into /var/lib/pki/pki-tomcat.<o:p></o:p></p>
<p class="MsoNormal">Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Installation failed.<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG stderr=/usr/lib/python2.7/site-packages/urllib3/connectionpool.py:769: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html<o:p></o:p></p>
<p class="MsoNormal"> InsecureRequestWarning)<o:p></o:p></p>
<p class="MsoNormal">pkispawn : WARNING ....... unable to validate security domain user/password through REST interface. Interface not available<o:p></o:p></p>
<p class="MsoNormal">pkispawn : ERROR ....... Exception from Java Configuration Servlet: 500 Server Error: Internal Server Error<o:p></o:p></p>
<p class="MsoNormal">pkispawn : ERROR ....... ParseError: not well-formed (invalid token): line 1, column 0: {"Attributes":{"Attribute":[]},"ClassName":"com.netscape.certsrv.base.PKIException","Code":500,"Message":"Error while updating security domain:
java.io.IOException: 2"}<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z CRITICAL Failed to configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpGQ59ZC'' returned non-zero exit status 1<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z CRITICAL See the installation logs and the following files/directories for more information:<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z CRITICAL /var/log/pki-ca-install.log<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z CRITICAL /var/log/pki/pki-tomcat<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG Traceback (most recent call last):<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 418, in start_creation<o:p></o:p></p>
<p class="MsoNormal"> run_step(full_msg, method)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 408, in run_step<o:p></o:p></p>
<p class="MsoNormal"> method()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 620, in __spawn_instance<o:p></o:p></p>
<p class="MsoNormal"> DogtagInstance.spawn_instance(self, cfg_file)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 201, in spawn_instance<o:p></o:p></p>
<p class="MsoNormal"> self.handle_setup_error(e)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 465, in handle_setup_error<o:p></o:p></p>
<p class="MsoNormal"> raise RuntimeError("%s configuration failed." % self.subsystem)<o:p></o:p></p>
<p class="MsoNormal">RuntimeError: CA configuration failed.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG [error] RuntimeError: CA configuration failed.<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute<o:p></o:p></p>
<p class="MsoNormal"> return_value = self.run()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 311, in run<o:p></o:p></p>
<p class="MsoNormal"> cfgr.run()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 281, in run<o:p></o:p></p>
<p class="MsoNormal"> self.execute()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 303, in execute<o:p></o:p></p>
<p class="MsoNormal"> for nothing in self._executor():<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 343, in __runner<o:p></o:p></p>
<p class="MsoNormal"> self._handle_exception(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 365, in _handle_exception<o:p></o:p></p>
<p class="MsoNormal"> util.raise_exc_info(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 333, in __runner<o:p></o:p></p>
<p class="MsoNormal"> step()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 87, in run_generator_with_yield_from<o:p></o:p></p>
<p class="MsoNormal"> raise_exc_info(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 65, in run_generator_with_yield_from<o:p></o:p></p>
<p class="MsoNormal"> value = gen.send(prev_value)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 524, in _configure<o:p></o:p></p>
<p class="MsoNormal"> executor.next()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 343, in __runner<o:p></o:p></p>
<p class="MsoNormal"> self._handle_exception(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421, in _handle_exception<o:p></o:p></p>
<p class="MsoNormal"> self.__parent._handle_exception(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 365, in _handle_exception<o:p></o:p></p>
<p class="MsoNormal"> util.raise_exc_info(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 418, in _handle_exception<o:p></o:p></p>
<p class="MsoNormal"> super(ComponentBase, self)._handle_exception(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 365, in _handle_exception<o:p></o:p></p>
<p class="MsoNormal"> util.raise_exc_info(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 333, in __runner<o:p></o:p></p>
<p class="MsoNormal"> step()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 87, in run_generator_with_yield_from<o:p></o:p></p>
<p class="MsoNormal"> raise_exc_info(exc_info)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 65, in run_generator_with_yield_from<o:p></o:p></p>
<p class="MsoNormal"> value = gen.send(prev_value)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install<o:p></o:p></p>
<p class="MsoNormal"> for nothing in self._installer(self.parent):<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 879, in main<o:p></o:p></p>
<p class="MsoNormal"> install(self)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 295, in decorated<o:p></o:p></p>
<p class="MsoNormal"> func(installer)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py", line 584, in install<o:p></o:p></p>
<p class="MsoNormal"> ca.install(False, config, options)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 106, in install<o:p></o:p></p>
<p class="MsoNormal"> install_step_0(standalone, replica_config, options)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 130, in install_step_0<o:p></o:p></p>
<p class="MsoNormal"> ra_p12=getattr(options, 'ra_p12', None))<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1543, in install_replica_ca<o:p></o:p></p>
<p class="MsoNormal"> subject_base=config.subject_base)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 486, in configure_instance<o:p></o:p></p>
<p class="MsoNormal"> self.start_creation(runtime=210)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 418, in start_creation<o:p></o:p></p>
<p class="MsoNormal"> run_step(full_msg, method)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 408, in run_step<o:p></o:p></p>
<p class="MsoNormal"> method()<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 620, in __spawn_instance<o:p></o:p></p>
<p class="MsoNormal"> DogtagInstance.spawn_instance(self, cfg_file)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 201, in spawn_instance<o:p></o:p></p>
<p class="MsoNormal"> self.handle_setup_error(e)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/ipaserver/install/dogtaginstance.py", line 465, in handle_setup_error<o:p></o:p></p>
<p class="MsoNormal"> raise RuntimeError("%s configuration failed." % self.subsystem)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: CA configuration failed.<o:p></o:p></p>
<p class="MsoNormal">2016-03-23T21:56:51Z ERROR CA configuration failed.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">/var/log/pki/pki-ca-spawn.<date>.log<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... rm -f /etc/pki/pki-tomcat/ca/noise<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... rm -f /etc/pki/pki-tomcat/pfile<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... ln -s /lib/systemd/system/pki-tomcatd@.service /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chown -h 17:17 /etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ... configuring 'pki.server.deployment.scriptlets.configuration'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... mkdir -p /root/.dogtag/pki-tomcat/ca<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chmod 755 /root/.dogtag/pki-tomcat/ca<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chown 0:0 /root/.dogtag/pki-tomcat/ca<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... generating '/root/.dogtag/pki-tomcat/ca/password.conf'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... modifying '/root/.dogtag/pki-tomcat/ca/password.conf'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chmod 660 /root/.dogtag/pki-tomcat/ca/password.conf<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chown 0:0 /root/.dogtag/pki-tomcat/ca/password.conf<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... generating '/root/.dogtag/pki-tomcat/ca/pkcs12_password.conf'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... modifying '/root/.dogtag/pki-tomcat/ca/pkcs12_password.conf'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chmod 660 /root/.dogtag/pki-tomcat/ca/pkcs12_password.conf<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... chown 17:17 /root/.dogtag/pki-tomcat/ca/pkcs12_password.conf<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... executing 'certutil -N -d /tmp/tmp-g0CKZ3 -f /root/.dogtag/pki-tomcat/ca/password.conf'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... executing 'systemctl daemon-reload'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : INFO ....... executing 'systemctl start pki-tomcatd@pki-tomcat.service'<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... No connection - server may still be down<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:12 pkispawn : DEBUG ........... No connection - exception thrown: ('Connection aborted.', error(111, 'Connection refused'))<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:13 pkispawn : DEBUG ........... No connection - server may still be down<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:13 pkispawn : DEBUG ........... No connection - exception thrown: ('Connection aborted.', error(111, 'Connection refused'))<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:24 pkispawn : DEBUG ........... <?xml version="1.0" encoding="UTF-8" standalone="no"?><XMLResponse><State>0</State><Type>CA</Type><Status>running</Status><Version>10.2.5-6.el7</Version></XMLResponse><o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:25 pkispawn : INFO ....... constructing PKI configuration data.<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:55:25 pkispawn : INFO ....... configuring PKI configuration data.<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:56:51 pkispawn : ERROR ....... Exception from Java Configuration Servlet: 500 Server Error: Internal Server Error<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:56:51 pkispawn : ERROR ....... ParseError: not well-formed (invalid token): line 1, column 0: {"Attributes":{"Attribute":[]},"ClassName":"com.netscape.certsrv.base.PKIException","Code":500,"Message":"Error while updating
security domain: java.io.IOException: 2"}<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:56:51 pkispawn : DEBUG ....... Error Type: ParseError<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:56:51 pkispawn : DEBUG ....... Error Message: not well-formed (invalid token): line 1, column 0<o:p></o:p></p>
<p class="MsoNormal">2016-03-23 17:56:51 pkispawn : DEBUG ....... File "/usr/sbin/pkispawn", line 597, in main<o:p></o:p></p>
<p class="MsoNormal"> rv = instance.spawn(deployer)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/configuration.py", line 116, in spawn<o:p></o:p></p>
<p class="MsoNormal"> json.dumps(data, cls=pki.encoder.CustomTypeEncoder))<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py", line 3906, in configure_pki_data<o:p></o:p></p>
<p class="MsoNormal"> root = ET.fromstring(e.response.text)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib64/python2.7/xml/etree/ElementTree.py", line 1300, in XML<o:p></o:p></p>
<p class="MsoNormal"> parser.feed(text)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib64/python2.7/xml/etree/ElementTree.py", line 1642, in feed<o:p></o:p></p>
<p class="MsoNormal"> self._raiseerror(v)<o:p></o:p></p>
<p class="MsoNormal"> File "/usr/lib64/python2.7/xml/etree/ElementTree.py", line 1506, in _raiseerror<o:p></o:p></p>
<p class="MsoNormal"> raise err<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">/var/log/pki/pki-tomcat/ca/debug<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: password ok: store in memory cache<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init ends<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is false<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: makeConnection: errorIfDown false<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: Established LDAP connection using basic authentication to host pt-idm-vm01.example.com port 389 as cn=Directory Manager<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: initializing with mininum 3 and maximum 15 connections to host pt-idm-vm01.example.com port 389, secure connection, false, authentication type 1<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: increasing minimum connections by 3<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: new total available connections 3<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: new number of connections 3<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: In LdapBoundConnFactory::getConn()<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: masterConn is connected: true<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: getConn: conn is connected true<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: getConn: mNumConns now 2<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS: param=preop.internaldb.manager_ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS(): ldif file = /usr/share/pki/server/conf/manager.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS(): ldif file copy to /var/lib/pki/pki-tomcat/ca/conf/manager.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS(): LDAP Errors in importing /var/lib/pki/pki-tomcat/ca/conf/manager.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LDAPUtil:importLDIF: exception in adding entry ou=csusers,cn=config:netscape.ldap.LDAPException: error result (68)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LDAPUtil:importLDIF: exception in modifying entry o=ipaca:netscape.ldap.LDAPException: error result (20)<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: populateVLVIndexes(): start<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: Creating LdapBoundConnFactor(ConfigurationUtils)<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapBoundConnFactory: init<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapBoundConnFactory:doCloning true<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init()<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init begins<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init: prompt is internaldb<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init: try getting from memory cache<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init: got password from memory<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init: password found for prompt.<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: password ok: store in memory cache<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: LdapAuthInfo: init ends<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is false<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: makeConnection: errorIfDown false<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: Established LDAP connection using basic authentication to host pt-idm-vm01.example.com port 389 as cn=Directory Manager<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: initializing with mininum 3 and maximum 15 connections to host pt-idm-vm01.example.com port 389, secure connection, false, authentication type 1<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: increasing minimum connections by 3<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: new total available connections 3<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: new number of connections 3<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: In LdapBoundConnFactory::getConn()<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: masterConn is connected: true<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: getConn: conn is connected true<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: getConn: mNumConns now 2<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS: param=preop.internaldb.post_ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS(): ldif file = /usr/share/pki/ca/conf/vlv.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:45][http-bio-8443-exec-3]: importLDIFS(): ldif file copy to /var/lib/pki/pki-tomcat/ca/conf/vlv.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:46][http-bio-8443-exec-3]: importLDIFS(): ldif file = /usr/share/pki/ca/conf/vlvtasks.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:46][http-bio-8443-exec-3]: importLDIFS(): ldif file copy to /var/lib/pki/pki-tomcat/ca/conf/vlvtasks.ldif<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:46][http-bio-8443-exec-3]: Checking wait_dn cn=index1160589769, cn=index, cn=tasks, cn=config<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: Found data for 'sslserver'<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: SystemConfigService:processCerts(): san_server_cert not found for tag sslserver<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: configCert: caType is local<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: configCert: caType is remote (revised)<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: NamePanel: updateConfig() for certTag sslserver<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: updateConfig() done<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: configCert: remote CA<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: CertRequestPanel: got public key<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: CertRequestPanel: got private key<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: NamePanel: For this Cloned CA, always use its Master CA to generate the 'sslserver' certificate to avoid any changes which may have been made to the X500Name directory string encoding order.<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: ConfigurationUtils: injectSAN=false<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:48][http-bio-8443-exec-3]: CertUtil createRemoteCert: content requestor_name=CA-pt-idm-vm01.example.com-8443&profileId=caInternalAuthServerCert&cert_request_type=pkcs10&cert_request=MIICmzCCAYxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxrD6JPIBR7AA%3D&xmlOutput=true&sessionID=-4495713718673639316<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: CertUtil createRemoteCert: status=0<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: CertUtil createRemoteCert: MIIDxTCCAq2gxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxTDuSAWm2v7<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: ConfigurationUtils: handleCertRequest() begins<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: handleCertRequest: tag=sslserver<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: privKeyID=29c021f3ccfafb1049bd33ce00e9b4ba35f2c1e7<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: handleCertRequest: created cert request<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: Processing 'sslserver' certificate:<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: handleCerts(): for cert tag 'sslserver' using cert type 'remote'<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: handleCerts(): process remote...import cert<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: deleteCert: nickname=Server-Cert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: deleteCert: cert deleted successfully<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: handleCerts(): certchains length=2<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: handleCerts(): import certificate successfully, certTag=sslserver<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: Processed 'sslserver' certificate.<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: === BackupKeyCert Panel/SavePKCS12 Panel ===<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: backupKeys(): start<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: === Admin Panel ===<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: === Done Panel ===<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: Updating existing security domain<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: isSDHostDomainMaster(): Getting domain.xml from CA...<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:50][http-bio-8443-exec-3]: getDomainXML start<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: getDomainXML: status=0<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: getDomainXML: domainInfo=<?xml version="1.0" encoding="UTF-8" standalone="no"?><DomainInfo><Name>IPA</Name><CAList><CA><Host>ptipa1.example.com</Host><SecurePort>443</SecurePort><SecureAgentPort>443</SecureAgentPort><SecureAdminPort>443</SecureAdminPort><SecureEEClientAuthPort>443</SecureEEClientAuthPort><UnSecurePort>80</UnSecurePort><Clone>FALSE</Clone><SubsystemName>pki-cad</SubsystemName><DomainManager>TRUE</DomainManager></CA><SubsystemCount>1</SubsystemCount></CAList><OCSPList><SubsystemCount>0</SubsystemCount></OCSPList><KRAList><SubsystemCount>0</SubsystemCount></KRAList><RAList><SubsystemCount>0</SubsystemCount></RAList><TKSList><SubsystemCount>0</SubsystemCount></TKSList><TPSList><SubsystemCount>0</SubsystemCount></TPSList></DomainInfo><o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: Cloning a domain master<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: WizardPanelBase updateDomainXML start hostname=ptipa1.example.com port=443<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: updateSecurityDomain: failed to update security domain using admin port 443: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 50; White spaces are required between publicId and systemId.<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: updateSecurityDomain: now trying agent port with client auth<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: WizardPanelBase updateDomainXML start hostname=ptipa1.example.com port=443<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: updateDomainXML() nickname=subsystemCert cert-pki-ca<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: WizardPanelBase updateDomainXML: status=1<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:17:56:51][http-bio-8443-exec-3]: Error while updating security domain: java.io.IOException: 2<o:p></o:p></p>
<p class="MsoNormal">[23/Mar/2016:23:44:52][http-bio-8080-exec-1]: according to ccMode, authorization for servlet: caProfileList is LDAP based, not XML {1}, use default authz mgr: {2}.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">/var/log/pki/pki-tomcat/ca/system<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">0.localhost-startStop-1 - [23/Mar/2016:17:55:24 EDT] [3] [3] Cannot build CA chain. Error java.security.cert.CertificateException: Certificate is not a PKCS #11 certificate<o:p></o:p></p>
<p class="MsoNormal">0.localhost-startStop-1 - [23/Mar/2016:17:55:24 EDT] [13] [3] authz instance DirAclAuthz initialization failed and skipped, error=Property internaldb.ldapconn.port missing value<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="line-height:10.5pt"><b><span style="font-size:10.5pt;font-family:"Georgia","serif";color:#005A8C">Dennis M Ott</span></b><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#666666"><br>
Infrastructure Administrator<br>
Infrastructure and Security Operations</span><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="mso-line-height-alt:10.5pt"><span style="color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#005A8C">McKesson Corporation<br>
McKesson Pharmacy Systems and Automation</span></b><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#666666"><br>
<a href="http://www.mckesson.com/"><span style="color:blue">www.mckesson.com</span></a></span><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>