[Pki-devel] "PKI Subsystem Configuration" help (RD at WoSign)

Kashyap Chamarthy kchamart at redhat.com
Tue Jul 13 10:07:48 UTC 2010 

On 07/13/2010 08:06 AM, RD at WoSign wrote:
> Hi, all,
>     I am trying to install Dogtag Certificate System, but at the "PKI
> Subsystem Configuration", we have the problem at step: "Creat e a New
> Securit y Domain", whatever we enter, it display error "$errorString",
> and if we choose the "*Join an Existing Security Domain *", it display
> error "org.xml.sax.SAXParseException: The   string "--" is not permitted
> within comments.
> Maybe some components or configure is error, but I setup and configure
> pki subsystem(include Requirements and runtime tool) by the
> site:http://pki.fedoraproject.org/wiki/PKI_Install_Guide ,
>
> the infomation of my configure and environment:
>
> hostname: wotestca.com <http://wotestca.com>
> step 1:
> ============================================================
> Starting pki-ca:                                           [OK]
> pki-ca (pid 2817) is running ...
> 'pki-ca' must still be CONFIGURED!
>      (see /var/log/pki-ca-install.log)
> Before proceeding with the configuration, make sure
> the firewall settings of this machine permit proper
> access to this subsystem.
> Please start the configuration by accessing:
> https://wotestca.com:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYkSpJg6Qz
> After configuration, the server can be operated by the command:
>      /sbin/service pki-cad restart pki-ca
> ------------------------------------------------------------------------------------------------------------------------
>
> step 2:
> open :
> "https://wotestca.com:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYkSpJg6Qz"
> to CA Setup Wizard
>
> step 3:
>       choose "Create a New Security Domain",  enter " testwosecdomain"
> and click "NEXT>" button,

I tried same value you used above (_without_ the double quotes) on Fedora-12 for a 'New 
Security domain' and I was able to proceed perfectly fine.

> return errror"Invalid characters found in Security Domain Name
> testwosecdomain. Valid characters are A-Z, a-z, 0-9, dash and space"

This clearly mentions what characters are 'valid'. Maybe you want to double-check that 
you're not inadvertently entering invalid characters(like "").

hope that helps,

/kashyap



>
>      choose "Join an Existing Security Domain " ,
> if enter "https://wotestca.com:9445 <https://wotestca.com:9445/>"
> return error "org.xml.sax.SAXParseException: The string "--" is not
> permitted within comments"
>
> if enter" https://wotestca.com:9443 <https://wotestca.com:9443/>" or "
> https://wotestca.com:9446 <https://wotestca.com:9446/>"
> return error "Illegal SSL Admin HTTPS url value for the security domain "
>
>
> check the directory server:
> #service dirsrv status
> #dirsrv  testca (pid 3342) is running......
>
> So, we can't go on, please tell me what's the problem, and how to   do?
> thanks a lot.
>
> --
> Best Regards,
> jeff
>
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel

More information about the Pki-devel mailing list