[Pki-devel] PKI-Silent can't tell if this is success or failure

Adam Young ayoung at redhat.com
Wed Nov 30 16:25:11 UTC 2011 

OK,  that was it.  When I switched to :

  -save_p12 false \

it worked.

On 11/30/2011 09:29 AM, Ade Lee wrote:
> This is failure.
>
> Looks like you got a success response from the backup panel, but then
> failed some processing of the response.  Maybe you do not have the
> required directory in which to backup the keys?
>
> Ade
>
> On Tue, 2011-11-29 at 22:43 -0500, Adam Young wrote:
>> I've been crafting a PKI Silent call from the command line,  and reading
>> the various responses to see what I got wrong.  Below is the end of the
>> output from my last call.  Is this "Success"?
>>
>>
>> #############################################
>> Attempting to connect to: ayoung.boston.devel.redhat.com:8443
>> Connected.
>> Posting Query =
>> https://ayoung.boston.devel.redhat.com:8443//ca/admin/console/config/wizard?p=13&op=next&xml=true&choice=backupkey&__pwd=freeipa4all&__pwdagain=freeipa4all
>> RESPONSE STATUS:  HTTP/1.1 200 OK
>> RESPONSE HEADER:  Server: Apache-Coyote/1.1
>> RESPONSE HEADER:  Content-Type: application/xml;charset=UTF-8
>> RESPONSE HEADER:  Date: Wed, 30 Nov 2011 03:41:18 GMT
>> RESPONSE HEADER:  Connection: close
>> <?xml version="1.0" encoding="UTF-8"?>
>> <!-- BEGIN COPYRIGHT BLOCK
>>        This program is free software; you can redistribute it and/or modify
>>        it under the terms of the GNU General Public License as published by
>>        the Free Software Foundation; version 2 of the License.
>>
>>        This program is distributed in the hope that it will be useful,
>>        but WITHOUT ANY WARRANTY; without even the implied warranty of
>>        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
>>        GNU General Public License for more details.
>>
>>        You should have received a copy of the GNU General Public License
>> along
>>        with this program; if not, write to the Free Software Foundation,
>> Inc.,
>>        51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
>>
>>        Copyright (C) 2007 Red Hat, Inc.
>>        All rights reserved.
>>        END COPYRIGHT BLOCK -->
>> <response>
>> <panel>admin/console/config/savepkcs12panel.vm</panel>
>> <res/>
>> <subsystemtype>ca</subsystemtype>
>> <showApplyButton/>
>> <updateStatus>success</updateStatus>
>> <errorString/>
>> <size>19</size>
>> <title>Save Keys and Certificates</title>
>> <panels>
>> <Vector>
>> <Panel>
>> <Id>welcome</Id>
>> <Name>Welcome</Name>
>> </Panel>
>> <Panel>
>> <Id>module</Id>
>> <Name>Key Store</Name>
>> </Panel>
>> <Panel>
>> <Id>confighsmlogin</Id>
>> <Name>ConfigHSMLogin</Name>
>> </Panel>
>> <Panel>
>> <Id>securitydomain</Id>
>> <Name>Security Domain</Name>
>> </Panel>
>> <Panel>
>> <Id>securitydomain</Id>
>> <Name>Display Certificate Chain</Name>
>> </Panel>
>> <Panel>
>> <Id>subsystem</Id>
>> <Name>Subsystem Type</Name>
>> </Panel>
>> <Panel>
>> <Id>clone</Id>
>> <Name>Display Certificate Chain</Name>
>> </Panel>
>> <Panel>
>> <Id>restorekeys</Id>
>> <Name>Import Keys and Certificates</Name>
>> </Panel>
>> <Panel>
>> <Id>cahierarchy</Id>
>> <Name>PKI Hierarchy</Name>
>> </Panel>
>> <Panel>
>> <Id>database</Id>
>> <Name>Internal Database</Name>
>> </Panel>
>> <Panel>
>> <Id>size</Id>
>> <Name>Key Pairs</Name>
>> </Panel>
>> <Panel>
>> <Id>subjectname</Id>
>> <Name>Subject Names</Name>
>> </Panel>
>> <Panel>
>> <Id>certrequest</Id>
>> <Name>Requests and Certificates</Name>
>> </Panel>
>> <Panel>
>> <Id>backupkeys</Id>
>> <Name>Export Keys and Certificates</Name>
>> </Panel>
>> <Panel>
>> <Id>savepk12</Id>
>> <Name>Save Keys and Certificates</Name>
>> </Panel>
>> <Panel>
>> <Id>importcachain</Id>
>> <Name>Import CA's Certificate Chain</Name>
>> </Panel>
>> <Panel>
>> <Id>admin</Id>
>> <Name>Administrator</Name>
>> </Panel>
>> <Panel>
>> <Id>importadmincert</Id>
>> <Name>Import Administrator's Certificate</Name>
>> </Panel>
>> <Panel>
>> <Id>done</Id>
>> <Name>Done</Name>
>> </Panel>
>> </Vector>
>> </panels>
>> <name>CA Setup Wizard</name>
>> <p>14</p>
>> <req/>
>> <panelname>savepk12</panelname>
>> </response>
>> #############################################
>> Attempting to connect to: ayoung.boston.devel.redhat.com:8443
>> Connected.
>> Posting Query =
>> https://ayoung.boston.devel.redhat.com:8443//ca/admin/console/config/savepkcs12?
>> RESPONSE STATUS:  HTTP/1.1 200 OK
>> RESPONSE HEADER:  Server: Apache-Coyote/1.1
>> RESPONSE HEADER:  Content-Type: application/x-pkcs12
>> RESPONSE HEADER:  Date: Wed, 30 Nov 2011 03:41:19 GMT
>> RESPONSE HEADER:  Connection: close
>> ERROR: ConfigureCA: BackupPanel() failure
>> ERROR: unable to create CA
>>
>> #######################################################################
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
>

More information about the Pki-devel mailing list