[Pki-devel] [Pki-users] CS Server error
Fraser Tweedale
ftweedal at redhat.com
Thu Dec 8 04:07:53 UTC 2016
(Sorry, I sent this to the wrong list.)
On Thu, Dec 08, 2016 at 01:59:45PM +1000, Fraser Tweedale wrote:
> On Wed, Dec 07, 2016 at 05:29:41PM -0800, Rafael Leiva-Ochoa wrote:
> > Here you go....I hope you can help. I am already starting to use it in
> > production testing...I would hate to start all over...: (
> >
> The error in your log is:
>
> [06/Dec/2016:23:28:45][localhost-startStop-1]: AuthSubsystem: initializing authentication manager flatFileAuth
> Property auths.instance.flatFileAuth.pluginName missing value
> at com.netscape.cmscore.base.PropConfigStore.getString(PropConfigStore.java:258)
> at com.netscape.cmscore.authentication.AuthSubsystem.init(AuthSubsystem.java:200)
> at com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1169)
> at com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1075)
> at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:582)
> at com.netscape.certsrv.apps.CMS.init(CMS.java:187)
> at com.netscape.certsrv.apps.CMS.start(CMS.java:1616)
> ... lots more traceback
>
> This causes a shutdown of the Dogtag application (but not Tomcat
> itself, hence it is still able to respond to HTTP requests).
>
> Have you modified anything in /etc/pki/pki-tomcat/ca/CS.cfg
> yourself? If not, perhaps it was an update gone awry, or some other
> corruption of CS.cfg.
>
> The `flatFileAuth' properties in CS.cfg should be something like:
>
> auths.instance.flatFileAuth.authAttributes=PWD
> auths.instance.flatFileAuth.deferOnFailure=true
> auths.instance.flatFileAuth.fileName=/var/lib/pki/pki-tomcat/conf/ca/flatfile.txt
> auths.instance.flatFileAuth.keyAttributes=UID
> auths.instance.flatFileAuth.pluginName=FlatFileAuth
>
> Try fixing that up and seeing if Dogtag starts. If it does not,
> please attach debug log (latter portions thereof) and the CS.cfg.
>
> Thanks,
> Fraser
>
>
> > On Wed, Dec 7, 2016 at 4:25 PM, Fraser Tweedale <ftweedal at redhat.com> wrote:
> >
> > > On Wed, Dec 07, 2016 at 02:11:53PM -0800, Rafael Leiva-Ochoa wrote:
> > > > Hi Team,
> > > >
> > > > I have installed Dogtag on one of my Raspberry PI 3 devices for
> > > > testing. At first it was working great. Then, I noticed that it took a
> > > very
> > > > long time for the DogTag Start Page to startup when I rebooted my Pi. In
> > > > some cases, it took 10min's, but I attributed this to the fact that it
> > > was
> > > > running on a ARM processor, and it takes a while to start up. Now, for
> > > some
> > > > reason, I am getting this error:
> > > >
> > > > HTTP Status 500 - CS server is not ready to serve.
> > > >
> > > > *type* Exception report
> > > >
> > > > *message* *CS server is not ready to serve.*
> > > >
> > > > *description* *The server encountered an internal error that prevented it
> > > > from fulfilling this request.*
> > > >
> > > > *exception*
> > > >
> > > > java.io.IOException: CS server is not ready to serve.
> > > > com.netscape.cms.servlet.base.CMSServlet.service(CMSServlet.
> > > java:445)
> > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > > > sun.reflect.NativeMethodAccessorImpl.invoke(
> > > NativeMethodAccessorImpl.java:62)
> > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(
> > > DelegatingMethodAccessorImpl.java:43)
> > > > java.lang.reflect.Method.invoke(Method.java:498)
> > > > org.apache.catalina.security.SecurityUtil$1.run(
> > > SecurityUtil.java:293)
> > > > org.apache.catalina.security.SecurityUtil$1.run(
> > > SecurityUtil.java:290)
> > > > java.security.AccessController.doPrivileged(Native Method)
> > > > javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
> > > > org.apache.catalina.security.SecurityUtil.execute(
> > > SecurityUtil.java:325)
> > > > org.apache.catalina.security.SecurityUtil.doAsPrivilege(
> > > SecurityUtil.java:176)
> > > > java.security.AccessController.doPrivileged(Native Method)
> > > > org.apache.tomcat.websocket.server.WsFilter.doFilter(
> > > WsFilter.java:52)
> > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > > > sun.reflect.NativeMethodAccessorImpl.invoke(
> > > NativeMethodAccessorImpl.java:62)
> > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(
> > > DelegatingMethodAccessorImpl.java:43)
> > > > java.lang.reflect.Method.invoke(Method.java:498)
> > > > org.apache.catalina.security.SecurityUtil$1.run(
> > > SecurityUtil.java:293)
> > > > org.apache.catalina.security.SecurityUtil$1.run(
> > > SecurityUtil.java:290)
> > > > java.security.AccessController.doPrivileged(Native Method)
> > > > javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
> > > > org.apache.catalina.security.SecurityUtil.execute(
> > > SecurityUtil.java:325)
> > > > org.apache.catalina.security.SecurityUtil.doAsPrivilege(
> > > SecurityUtil.java:264)
> > > >
> > > > *note* *The full stack trace of the root cause is available in the Apache
> > > > Tomcat/8.0.38 logs.*
> > > > ------------------------------
> > > > Apache Tomcat/8.0.38
> > > >
> > > > I have tried rebooting the PI many times, and looking at the logs, but no
> > > > luck. Any ideas?
> > > >
> > > > Thanks,
> > > >
> > > > Rafael
> > >
> > > Thank you for testing Dogtag an ARM / RPi :)
> > >
> > > Could you please provide the /var/log/pki/pki-tomcat/ca/debug log
> > > file? Probably best to upload the file somewhere and point us to
> > > it, or send it to me off-list; it can be quite large.
> > >
> > > I will take a look at it and try and work out what's causing the
> > > failure.
> > >
> > > Thanks,
> > > Fraser
> > >
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list