[Pki-users] CA Cloning : Failed to setup the replication for cloning
Patrick.Raspante at gdc4s.com
Patrick.Raspante at gdc4s.com
Thu Sep 29 15:12:19 UTC 2011
I've been working through the steps in this document:
http://docs.redhat.com/docs/en-US/Red_Hat_Certificate_System/8.0/html/In
stall_Guide/cloning-a-ca.html
Made it through step 11. Stuck on the step where the wizard connects to
my new directory server instance. CA hangs and spins forever, eventually
erroring with "Failed to setup the replication for cloning".
I think I'm running into similar issues found in these bug-zillas:
https://bugzilla.redhat.com/show_bug.cgi?id=487739
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=486191
http://www.redhat.com/archives/fedora-directory-users/2009-May/msg00128.
html -- (I'm not using local host for the fqdn though)
I mentioned before that I'm using CS 8.0 GA.
pki-ca-8.0.3-1.el5pki
pki-common-8.0.3-3.el5pki
I've been told that the above issues have been already resolved in the
8.0 GA release.
Looking through my GDd directory server access and debug logs, I see the
new GD CA sets up the new CA backend in the directory server, and then
does the indexing, but the subsequent replication agreement setup never
begins.
Master = GD-CA-1
Clone = GD-CA-2
## Log snippits from=m the GD-CA-2 directory server:
==> errors <==
[28/Sep/2011:18:53:28 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:18:53:28 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Finished
indexing.
[28/Sep/2011:19:07:54 +0000] - slapd shutting down - signaling operation
threads
[28/Sep/2011:19:07:54 +0000] - slapd shutting down - waiting for 22
threads to terminate
[28/Sep/2011:19:07:54 +0000] - slapd shutting down - closing down
internal subsystems and plugins
[28/Sep/2011:19:07:54 +0000] - Waiting for 4 database threads to stop
[28/Sep/2011:19:07:54 +0000] - All database threads now stopped
[28/Sep/2011:19:07:54 +0000] - slapd stopped.
[28/Sep/2011:19:07:59 +0000] - Red Hat-Directory/8.1.0 B2009.111.1832
starting up
[28/Sep/2011:19:07:59 +0000] - slapd started. Listening on All
Interfaces port 3389 for LDAP requests
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allExpiredCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allInvalidCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allInValidCertsNotBefore-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allNonRevokedCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allRevokedCaCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allRevokedCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allRevokedCertsNotAfter-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allRevokedExpiredCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allRevokedOrRevokedExpiredCaCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allRevokedOrRevokedExpiredCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allValidCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allValidCertsNotAfter-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(allValidOrRevokedCerts-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caAll-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCanceled-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCanceledEnrollment-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCanceledRenewal-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCanceledRevocation-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caComplete-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCompleteEnrollment-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCompleteRenewal-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caCompleteRevocation-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caEnrollment-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caPending-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caPendingEnrollment-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caPendingRenewal-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caPendingRevocation-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caRejected-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caRejectedEnrollment-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caRejectedRenewal-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caRejectedRevocation-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caRenewal-GD-CA-2).
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Index.
[28/Sep/2011:19:11:36 +0000] - Deleted Virtual List View Search
(caRevocation-GD-CA-2).
[28/Sep/2011:19:11:37 +0000] - ldbm: Bringing
GD-ca-1.mydomain.com-GD-CA-1 offline...
[28/Sep/2011:19:11:37 +0000] - ldbm: removing
'GD-ca-1.mydomain.com-GD-CA-1'.
[28/Sep/2011:19:11:37 +0000] - Destructor for instance
GD-ca-1.mydomain.com-GD-CA-1 called
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allExpiredCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allInvalidCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allInValidCertsNotBefore-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allNonRevokedCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allRevokedCaCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allRevokedCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allRevokedCertsNotAfter-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allRevokedExpiredCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allRevokedOrRevokedExpiredCaCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allRevokedOrRevokedExpiredCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allValidCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allValidCertsNotAfter-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: allValidOrRevokedCerts-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caAll-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCanceled-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCanceledEnrollment-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCanceledRenewal-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCanceledRevocation-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caComplete-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCompleteEnrollment-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCompleteRenewal-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caCompleteRevocation-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caEnrollment-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caPending-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caPendingEnrollment-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caPendingRenewal-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caPendingRevocation-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caRejected-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caRejectedEnrollment-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caRejectedRenewal-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caRejectedRevocation-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caRenewal-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Indexing
VLV: caRevocation-GD-CA-2Index
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=certificaterepository,ou=ca,dc=GD-ca-1.mydomain.com-GD-ca-1 may not
be added to the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - info: entrydn not indexed on
'ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1'; entry
ou=ca,ou=requests,dc=GD-ca-1.mydomain.com-GD-ca-1 may not be added to
the database yet.
[28/Sep/2011:19:11:39 +0000] - GD-ca-1.mydomain.com-GD-CA-1: Finished
indexing.
...
==> access <==
.....
[28/Sep/2011:19:11:39 +0000] conn=24 op=85 ADD
dn="cn=caRejected-GD-CA-2Index, cn=caRejected-GD-CA-2,
cn=GD-ca-1.mydomain.com-GD-CA-1, cn=ldbm database, cn=plugins,
cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=85 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:39 +0000] conn=24 op=86 ADD
dn="cn=caRejectedEnrollment-GD-CA-2Index,
cn=caRejectedEnrollment-GD-CA-2, cn=GD-ca-1.mydomain.com-GD-CA-1,
cn=ldbm database, cn=plugins, cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=86 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:39 +0000] conn=24 op=87 ADD
dn="cn=caRejectedRenewal-GD-CA-2Index, cn=caRejectedRenewal-GD-CA-2,
cn=GD-ca-1.mydomain.com-GD-CA-1, cn=ldbm database, cn=plugins,
cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=87 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:39 +0000] conn=24 op=88 ADD
dn="cn=caRejectedRevocation-GD-CA-2Index,
cn=caRejectedRevocation-GD-CA-2, cn=GD-ca-1.mydomain.com-GD-CA-1,
cn=ldbm database, cn=plugins, cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=88 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:39 +0000] conn=24 op=89 ADD
dn="cn=caRenewal-GD-CA-2Index, cn=caRenewal-GD-CA-2,
cn=GD-ca-1.mydomain.com-GD-CA-1, cn=ldbm database, cn=plugins,
cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=89 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:39 +0000] conn=24 op=90 ADD
dn="cn=caRevocation-GD-CA-2Index, cn=caRevocation-GD-CA-2,
cn=GD-ca-1.mydomain.com-GD-CA-1, cn=ldbm database, cn=plugins,
cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=90 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:39 +0000] conn=24 op=91 ADD dn="cn=index1160589769,
cn=index, cn=tasks, cn=config"
[28/Sep/2011:19:11:39 +0000] conn=24 op=91 RESULT err=0 tag=105
nentries=0 etime=0
[28/Sep/2011:19:11:40 +0000] conn=24 op=92 SRCH
base="cn=index1160589769, cn=index, cn=tasks, cn=config" scope=0
filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs=ALL
[28/Sep/2011:19:11:40 +0000] conn=24 op=92 RESULT err=0 tag=101
nentries=1 etime=0
[28/Sep/2011:19:11:40 +0000] conn=24 op=93 UNBIND
[28/Sep/2011:19:11:40 +0000] conn=24 op=93 fd=80 closed - U1
## And that's it.
## I never get to this stage ( this is from making clones of brand new
CA and DS instances - not an existing master CA):
[24/Sep/2011:16:46:28 +0000] NSMMReplicationPlugin -
agmt="cn=cloneAgreement1-mydomain.com-GD-CA-3" (GD-ds-1:3389): Replica
has a different generation ID than the local data.
[24/Sep/2011:16:46:29 +0000] NSMMReplicationPlugin -
multimaster_be_state_change: replica dc=mydomain.com-GD-ca-2 is going
offline; disabling replication
[24/Sep/2011:16:46:29 +0000] - WARNING: Import is running with
nsslapd-db-private-import-mem on; No other process is allowed to access
the database
[24/Sep/2011:16:46:33 +0000] - import mydomain.com-GD-CA-2: Workers
finished; cleaning up...
[24/Sep/2011:16:46:34 +0000] - import mydomain.com-GD-CA-2: Workers
cleaned up.
[24/Sep/2011:16:46:34 +0000] - import mydomain.com-GD-CA-2: Indexing
complete. Post-processing...
[24/Sep/2011:16:46:34 +0000] - import mydomain.com-GD-CA-2: Flushing
caches...
[24/Sep/2011:16:46:34 +0000] - import mydomain.com-GD-CA-2: Closing
files...
[24/Sep/2011:16:46:34 +0000] - import mydomain.com-GD-CA-2: Import
complete. Processed 57 entries in 4 seconds. (14.25 entries/sec)
[24/Sep/2011:16:46:34 +0000] NSMMReplicationPlugin -
multimaster_be_state_change: replica dc=mydomain.com-GD-ca-2 is coming
online; enabling replication
Thanks,
Patrick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20110929/2f69f208/attachment.htm>
More information about the Pki-users
mailing list