[Pki-users] Problems with Dogtag and CA cert signed by External CA

Dwayne MacKinnon dmk at ncf.ca
Wed Oct 17 19:52:11 UTC 2012


Hi all,

A helpful fellow called alee on #dogtag-pki suggested I write the list. I've 
been playing with dogtag-pki-9.0.0-10 on 64-bit Fedora 17. 

I'm looking to use dogtag to run a subordinate CA that does all our everyday 
PKI stuff. So when I used pki-create and went into the webform, I went the 
"create a csr" route and signed it using a root CA I'd set up using openssl. 

Everything seemed to work out fine, until I got to the point where I was 
restarting pki-cad (using systemctl restart pki-cad at pki-ca.service). It 
wouldn't start.

With alee's help I tracked it down to a failure of SystemCertsVerification 
during the selftests. 

He asked me to submit my debug log to the list, so here it is.

Cheers,
DMK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: debug.log
Type: text/x-log
Size: 1382429 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-users/attachments/20121017/ab7c1a89/attachment.bin>


More information about the Pki-users mailing list