From alee at redhat.com Mon Jun 3 14:10:45 2013 From: alee at redhat.com (Ade Lee) Date: Mon, 03 Jun 2013 10:10:45 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> Message-ID: <1370268645.18609.4.camel@aleeredhat.laptop> Can you attach the logs under /var/log/pki-tps ? Also, check /var/log/messages to see if there are any messages there. Another thing you can try is to set selinux in permissive mode, and see if the server starts. Ade On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: > This is the only error i see in the TPS install log [2013-05-29 > 03:37:20] [error] FAILED run_command("/bin/systemctl restart > pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See > system journal and 'systemctl status' for details." and the same > error(minus service name on the other service) > > > On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: > On 05/31/2013 07:53 AM, Brian Henson wrote: > > > I don't mean to sound dumb but where is the logfiles? I am > > using the wiki install page as a guide. > > > Installation logs are under /var/log with names referring to > subsystems like: pki-ca-install.log, pki-kra-install.log, > pki-tks-install.log, pki-tks-install.log, . . . > > Each subsystem has its logs located under subsystem directory. > For example > * CA logs by default are located in /var/log/pki-ca > * TPS logs by default are located in /var/log/pki-tps > * . . . > > > > > > > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk > > wrote: > > > > Is there anything in the log files pointing to your > > failure? > > If yes, could you provide these log entries? > > > > On 05/30/2013 11:34 AM, Brian Henson wrote: > > > > > Any Ideas on this? I need the TPS for the > > > smartcard support. > > > > > > > > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson > > > wrote: > > > Fedora 17 and dogtag 9 via yum > > > > > > On May 29, 2013 12:01 PM, "Andrew Wnuk" > > > wrote: > > > > > > On 05/28/2013 09:46 PM, Brian > > > Henson wrote: > > > > > > > Hello all, > > > > > > > > > > > > When I try to configure the RA > > > > subsystem after installing it I > > > > get this error. > > > > > > > > > > > > Installation information > > > > recorded > > > > in /var/log/pki-ra-install.log. > > > > [debug] > > > > run_command(/bin/systemctl > > > > restart pki-rad at pki-ra.service) > > > > [error] FAILED > > > > run_command("/bin/systemctl > > > > restart > > > > pki-rad at pki-ra.service"), exit > > > > status=1 output="Job failed. See > > > > system journal and 'systemctl > > > > status' for details." > > > > Before proceeding with the > > > > configuration, make sure > > > > the firewall settings of this > > > > machine permit proper > > > > access to this subsystem. > > > > > > > > > > > > Please start the configuration > > > > by accessing: > > > > > > > > > > > > https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr > > > > > > > > > > > > After configuration, the server > > > > can be operated by the command: > > > > > > > > > > > > /bin/systemctl restart > > > > pki-rad at pki-ra.service > > > > > > > > > > > > > > > > > > > > Anyone know how to fix this? I > > > > get it for the TPS module as > > > > well. > > > > > > > > > > > > Thanks > > > > > > > > > > > > Brian Henson > > > > > > > > > > > > > > Brian, > > > > > > Could you provide OS and server > > > versions? > > > > > > Thank you, > > > Andrew > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users From awnuk at redhat.com Tue Jun 4 21:57:53 2013 From: awnuk at redhat.com (Andrew Wnuk) Date: Tue, 04 Jun 2013 14:57:53 -0700 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <1370268645.18609.4.camel@aleeredhat.laptop> References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> Message-ID: <51AE62E1.10902@redhat.com> On 06/03/2013 07:10 AM, Ade Lee wrote: > Can you attach the logs under /var/log/pki-tps ? > Also, check /var/log/messages to see if there are any messages there. > > Another thing you can try is to set selinux in permissive mode, and see > if the server starts. > > Ade You could also try to disable syntax checking in your directory server. > > On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >> This is the only error i see in the TPS install log [2013-05-29 >> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >> system journal and 'systemctl status' for details." and the same >> error(minus service name on the other service) >> >> >> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: >> On 05/31/2013 07:53 AM, Brian Henson wrote: >> >> > I don't mean to sound dumb but where is the logfiles? I am >> > using the wiki install page as a guide. >> >> >> Installation logs are under /var/log with names referring to >> subsystems like: pki-ca-install.log, pki-kra-install.log, >> pki-tks-install.log, pki-tks-install.log, . . . >> >> Each subsystem has its logs located under subsystem directory. >> For example >> * CA logs by default are located in /var/log/pki-ca >> * TPS logs by default are located in /var/log/pki-tps >> * . . . >> >> > >> > >> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >> > wrote: >> > >> > Is there anything in the log files pointing to your >> > failure? >> > If yes, could you provide these log entries? >> > >> > On 05/30/2013 11:34 AM, Brian Henson wrote: >> > >> > > Any Ideas on this? I need the TPS for the >> > > smartcard support. >> > > >> > > >> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >> > > wrote: >> > > Fedora 17 and dogtag 9 via yum >> > > >> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >> > > wrote: >> > > >> > > On 05/28/2013 09:46 PM, Brian >> > > Henson wrote: >> > > >> > > > Hello all, >> > > > >> > > > >> > > > When I try to configure the RA >> > > > subsystem after installing it I >> > > > get this error. >> > > > >> > > > >> > > > Installation information >> > > > recorded >> > > > in /var/log/pki-ra-install.log. >> > > > [debug] >> > > > run_command(/bin/systemctl >> > > > restart pki-rad at pki-ra.service) >> > > > [error] FAILED >> > > > run_command("/bin/systemctl >> > > > restart >> > > > pki-rad at pki-ra.service"), exit >> > > > status=1 output="Job failed. See >> > > > system journal and 'systemctl >> > > > status' for details." >> > > > Before proceeding with the >> > > > configuration, make sure >> > > > the firewall settings of this >> > > > machine permit proper >> > > > access to this subsystem. >> > > > >> > > > >> > > > Please start the configuration >> > > > by accessing: >> > > > >> > > > >> > > > https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr >> > > > >> > > > >> > > > After configuration, the server >> > > > can be operated by the command: >> > > > >> > > > >> > > > /bin/systemctl restart >> > > > pki-rad at pki-ra.service >> > > > >> > > > >> > > > >> > > > >> > > > Anyone know how to fix this? I >> > > > get it for the TPS module as >> > > > well. >> > > > >> > > > >> > > > Thanks >> > > > >> > > > >> > > > Brian Henson >> > > > >> > > > >> > > >> > > Brian, >> > > >> > > Could you provide OS and server >> > > versions? >> > > >> > > Thank you, >> > > Andrew >> > > >> > > >> > > >> > >> > >> > >> > >> >> >> >> >> _______________________________________________ >> Pki-users mailing list >> Pki-users at redhat.com >> https://www.redhat.com/mailman/listinfo/pki-users > From marine64 at gmail.com Tue Jun 4 22:45:11 2013 From: marine64 at gmail.com (Brian Henson) Date: Tue, 4 Jun 2013 18:45:11 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <51AE62E1.10902@redhat.com> References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> Message-ID: I am using 389 server for my Directory server. I will attache the longs when i get home tonight On Tue, Jun 4, 2013 at 5:57 PM, Andrew Wnuk wrote: > On 06/03/2013 07:10 AM, Ade Lee wrote: > >> Can you attach the logs under /var/log/pki-tps ? >> Also, check /var/log/messages to see if there are any messages there. >> >> Another thing you can try is to set selinux in permissive mode, and see >> if the server starts. >> >> Ade >> > You could also try to disable syntax checking in your directory server. > > >> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >> >>> This is the only error i see in the TPS install log [2013-05-29 >>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>> system journal and 'systemctl status' for details." and the same >>> error(minus service name on the other service) >>> >>> >>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: >>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>> > I don't mean to sound dumb but where is the >>> logfiles? I am >>> > using the wiki install page as a guide. >>> Installation logs are under /var/log with >>> names referring to >>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>> pki-tks-install.log, pki-tks-install.log, . . . >>> Each subsystem has its logs located under subsystem >>> directory. >>> For example >>> * CA logs by default are located in /var/log/pki-ca >>> * TPS logs by default are located in /var/log/pki-tps >>> * . . . >>> > >>> > >>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>> > wrote: >>> > >>> > Is there anything in the log files pointing to your >>> > failure? >>> > If yes, could you provide these log entries? >>> > >>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>> > >>> > > Any Ideas on this? I need the TPS for the >>> > > smartcard support. >>> > > >>> > > >>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>> > > wrote: >>> > > Fedora 17 and dogtag 9 via yum >>> > > >>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>> > > wrote: >>> > > >>> > > On 05/28/2013 09:46 PM, Brian >>> > > Henson wrote: >>> > > >>> > > > Hello all, >>> > > > >>> > > > >>> > > > When I try to configure the RA >>> > > > subsystem after installing it I >>> > > > get this error. >>> > > > >>> > > > >>> > > > Installation information >>> > > > recorded >>> > > > in /var/log/pki-ra-install.log. >>> > > > [debug] >>> > > > run_command(/bin/systemctl >>> > > > restart pki-rad at pki-ra.service) >>> > > > [error] FAILED >>> > > > run_command("/bin/systemctl >>> > > > restart >>> > > > pki-rad at pki-ra.service"), exit >>> > > > status=1 output="Job failed. See >>> > > > system journal and 'systemctl >>> > > > status' for details." >>> > > > Before proceeding with the >>> > > > configuration, make sure >>> > > > the firewall settings of this >>> > > > machine permit proper >>> > > > access to this subsystem. >>> > > > >>> > > > >>> > > > Please start the configuration >>> > > > by accessing: >>> > > > >>> > > > >>> > > > https://(someaddress):12890/** >>> ra/admin/console/config/login?**pin=XWdsV1oDtx9qQFcybzAr >>> > > > >>> > > > >>> > > > After configuration, the server >>> > > > can be operated by the command: >>> > > > >>> > > > >>> > > > /bin/systemctl restart >>> > > > pki-rad at pki-ra.service >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > Anyone know how to fix this? I >>> > > > get it for the TPS module as >>> > > > well. >>> > > > >>> > > > >>> > > > Thanks >>> > > > >>> > > > >>> > > > Brian Henson >>> > > > >>> > > > >>> > > >>> > > Brian, >>> > > >>> > > Could you provide OS and server >>> > > versions? >>> > > >>> > > Thank you, >>> > > Andrew >>> > > >>> > > >>> > > >>> > >>> > >>> > >>> > >>> >>> >>> ______________________________**_________________ >>> Pki-users mailing list >>> Pki-users at redhat.com >>> https://www.redhat.com/**mailman/listinfo/pki-users >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marine64 at gmail.com Wed Jun 5 03:05:18 2013 From: marine64 at gmail.com (Brian Henson) Date: Tue, 4 Jun 2013 23:05:18 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> Message-ID: Logs attached. On Tue, Jun 4, 2013 at 6:45 PM, Brian Henson wrote: > I am using 389 server for my Directory server. I will attache the longs > when i get home tonight > > > On Tue, Jun 4, 2013 at 5:57 PM, Andrew Wnuk wrote: > >> On 06/03/2013 07:10 AM, Ade Lee wrote: >> >>> Can you attach the logs under /var/log/pki-tps ? >>> Also, check /var/log/messages to see if there are any messages there. >>> >>> Another thing you can try is to set selinux in permissive mode, and see >>> if the server starts. >>> >>> Ade >>> >> You could also try to disable syntax checking in your directory server. >> >> >>> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>> >>>> This is the only error i see in the TPS install log [2013-05-29 >>>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>>> system journal and 'systemctl status' for details." and the same >>>> error(minus service name on the other service) >>>> >>>> >>>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: >>>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>>> > I don't mean to sound dumb but where is the >>>> logfiles? I am >>>> > using the wiki install page as a guide. >>>> Installation logs are under /var/log with >>>> names referring to >>>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>>> pki-tks-install.log, pki-tks-install.log, . . . >>>> Each subsystem has its logs located under subsystem >>>> directory. >>>> For example >>>> * CA logs by default are located in /var/log/pki-ca >>>> * TPS logs by default are located in /var/log/pki-tps >>>> * . . . >>>> > >>>> > >>>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>>> > wrote: >>>> > >>>> > Is there anything in the log files pointing to your >>>> > failure? >>>> > If yes, could you provide these log entries? >>>> > >>>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>>> > >>>> > > Any Ideas on this? I need the TPS for the >>>> > > smartcard support. >>>> > > >>>> > > >>>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>>> > > wrote: >>>> > > Fedora 17 and dogtag 9 via yum >>>> > > >>>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>>> > > wrote: >>>> > > >>>> > > On 05/28/2013 09:46 PM, Brian >>>> > > Henson wrote: >>>> > > >>>> > > > Hello all, >>>> > > > >>>> > > > >>>> > > > When I try to configure the RA >>>> > > > subsystem after installing it I >>>> > > > get this error. >>>> > > > >>>> > > > >>>> > > > Installation information >>>> > > > recorded >>>> > > > in /var/log/pki-ra-install.log. >>>> > > > [debug] >>>> > > > run_command(/bin/systemctl >>>> > > > restart pki-rad at pki-ra.service) >>>> > > > [error] FAILED >>>> > > > run_command("/bin/systemctl >>>> > > > restart >>>> > > > pki-rad at pki-ra.service"), exit >>>> > > > status=1 output="Job failed. See >>>> > > > system journal and 'systemctl >>>> > > > status' for details." >>>> > > > Before proceeding with the >>>> > > > configuration, make sure >>>> > > > the firewall settings of this >>>> > > > machine permit proper >>>> > > > access to this subsystem. >>>> > > > >>>> > > > >>>> > > > Please start the configuration >>>> > > > by accessing: >>>> > > > >>>> > > > >>>> > > > https://(someaddress):12890/** >>>> ra/admin/console/config/login?**pin=XWdsV1oDtx9qQFcybzAr >>>> > > > >>>> > > > >>>> > > > After configuration, the server >>>> > > > can be operated by the command: >>>> > > > >>>> > > > >>>> > > > /bin/systemctl restart >>>> > > > pki-rad at pki-ra.service >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > Anyone know how to fix this? I >>>> > > > get it for the TPS module as >>>> > > > well. >>>> > > > >>>> > > > >>>> > > > Thanks >>>> > > > >>>> > > > >>>> > > > Brian Henson >>>> > > > >>>> > > > >>>> > > >>>> > > Brian, >>>> > > >>>> > > Could you provide OS and server >>>> > > versions? >>>> > > >>>> > > Thank you, >>>> > > Andrew >>>> > > >>>> > > >>>> > > >>>> > >>>> > >>>> > >>>> > >>>> >>>> >>>> ______________________________**_________________ >>>> Pki-users mailing list >>>> Pki-users at redhat.com >>>> https://www.redhat.com/**mailman/listinfo/pki-users >>>> >>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: pki-tps-install.log Type: application/octet-stream Size: 172807 bytes Desc: not available URL: From awnuk at redhat.com Wed Jun 5 17:20:00 2013 From: awnuk at redhat.com (Andrew Wnuk) Date: Wed, 05 Jun 2013 10:20:00 -0700 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <51AE62E1.10902@redhat.com> References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> Message-ID: <51AF7340.9000300@redhat.com> On 06/04/2013 02:57 PM, Andrew Wnuk wrote: > On 06/03/2013 07:10 AM, Ade Lee wrote: >> Can you attach the logs under /var/log/pki-tps ? >> Also, check /var/log/messages to see if there are any messages there. >> >> Another thing you can try is to set selinux in permissive mode, and see >> if the server starts. >> >> Ade > You could also try to disable syntax checking in your directory server. https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic >> >> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>> This is the only error i see in the TPS install log [2013-05-29 >>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>> system journal and 'systemctl status' for details." and the same >>> error(minus service name on the other service) >>> >>> >>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: >>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>> > I don't mean to sound dumb but where is the >>> logfiles? I am >>> > using the wiki install page as a guide. >>> Installation logs are under /var/log with >>> names referring to >>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>> pki-tks-install.log, pki-tks-install.log, . . . >>> Each subsystem has its logs located under >>> subsystem directory. >>> For example >>> * CA logs by default are located in /var/log/pki-ca >>> * TPS logs by default are located in /var/log/pki-tps >>> * . . . >>> > >>> > >>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>> > wrote: >>> > >>> > Is there anything in the log files pointing to your >>> > failure? >>> > If yes, could you provide these log entries? >>> > >>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>> > >>> > > Any Ideas on this? I need the TPS for the >>> > > smartcard support. >>> > > >>> > > >>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>> > > wrote: >>> > > Fedora 17 and dogtag 9 via yum >>> > > >>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>> > > wrote: >>> > > >>> > > On 05/28/2013 09:46 PM, Brian >>> > > Henson wrote: >>> > > >>> > > > Hello all, >>> > > > >>> > > > >>> > > > When I try to configure the RA >>> > > > subsystem after installing it I >>> > > > get this error. >>> > > > >>> > > > >>> > > > Installation information >>> > > > recorded >>> > > > in /var/log/pki-ra-install.log. >>> > > > [debug] >>> > > > run_command(/bin/systemctl >>> > > > restart pki-rad at pki-ra.service) >>> > > > [error] FAILED >>> > > > run_command("/bin/systemctl >>> > > > restart >>> > > > pki-rad at pki-ra.service"), exit >>> > > > status=1 output="Job failed. See >>> > > > system journal and 'systemctl >>> > > > status' for details." >>> > > > Before proceeding with the >>> > > > configuration, make sure >>> > > > the firewall settings of this >>> > > > machine permit proper >>> > > > access to this subsystem. >>> > > > >>> > > > >>> > > > Please start the configuration >>> > > > by accessing: >>> > > > >>> > > > >>> > > > >>> https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr >>> > > > >>> > > > >>> > > > After configuration, the server >>> > > > can be operated by the command: >>> > > > >>> > > > >>> > > > /bin/systemctl restart >>> > > > pki-rad at pki-ra.service >>> > > > >>> > > > >>> > > > >>> > > > >>> > > > Anyone know how to fix this? I >>> > > > get it for the TPS module as >>> > > > well. >>> > > > >>> > > > >>> > > > Thanks >>> > > > >>> > > > >>> > > > Brian Henson >>> > > > >>> > > > >>> > > >>> > > Brian, >>> > > >>> > > Could you provide OS and server >>> > > versions? >>> > > >>> > > Thank you, >>> > > Andrew >>> > > >>> > > >>> > > >>> > >>> > >>> > >>> > >>> >>> >>> _______________________________________________ >>> Pki-users mailing list >>> Pki-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/pki-users >> > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users From alee at redhat.com Fri Jun 7 16:05:27 2013 From: alee at redhat.com (Ade Lee) Date: Fri, 07 Jun 2013 12:05:27 -0400 Subject: [Pki-users] Announcing the release of Dogtag 10.0.3 Message-ID: <1370621127.5909.1.camel@aleeredhat.laptop> The Dogtag team is proud to announce the third errata build for Dogtag v10.0.0. Builds are available for Fedora 18 and Fedora 19 in the updates-testing repositories. Please try them out and provide karma to move them to the F18 and F19 stable repositories. == Build Versions == pki-core-10.0.3-1 pki-ra-10.0.3-1 pki-tps-10.0.3-1 dogtag-pki-10.0.3-1 dogtag-pki-theme-10.0.3-1 pki-console-10.0.3-1 == Highlights since Dogtag v. 10.0.2 == * Fixes for security flaws in the TPS as described in CVE-2013-1885 and CVE-2013-1886 * Added checking for sane lengths of the fields in subject DNs in the TPS, to prevent a TPS crash. * Previously the server certificate name was partially hard-coded. Now in Tomcat-based subsystems, it can be fully configured using pki_ssl_server_nickname parameter. * Corrections and additions to man pages and other documentation. == Detailed Changes since Dogtag v. 10.0.2 == akoneru (1): #599 Improve pkispawn "Installation Summary" block alee (1): #486 Document migration steps for dogtag 9 -> dogtag 10 instances awnuk (4): #607 Port plug-in randomizing validity #571 Port patch allowing to include in CRLs NextUpdate calculated base on ThisUpdate BZ 951501 - correcting JavaScript inability to handle big numbers BZ 966189 - fix various TPS flaws cfu (1): BZ 952500 - small patch to remove eclipse warning in fix to BZ 952500 edewata (1) #631 Hard-coded server certificate nickname. jmagne (1): BZ 963073 - rhcs81 tps crash for CN over than 64 bytes mharmsen (3): #606 add restart/start at boot info to pkispawn man page #610 Document limitation in using GUI install #629 Package ownership of '/usr/share/pki/etc/' directory From marine64 at gmail.com Mon Jun 10 01:47:23 2013 From: marine64 at gmail.com (Brian Henson) Date: Sun, 9 Jun 2013 21:47:23 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <51AF7340.9000300@redhat.com> References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> Message-ID: Changed the syntax checking now i get this when starting Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link `pkiuser/logs': No such file or directory Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create 'pkiuser/logs' -> '/var/log/pki-tps'! Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link 'pkiuser/run' does NOT exist! Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create 'pkiuser/run' -> '/var/run/pki/tps' . . . Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link `pkiuser/run': No such file or directory Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create 'pkiuser/run' -> '/var/run/pki/tps'! Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link 'pkiuser/conf' does NOT exist! Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create 'pkiuser/conf' -> '/etc/pki-tps' . . . Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link `pkiuser/conf': No such file or directory Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create 'pkiuser/conf' -> '/etc/pki-tps'! On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk wrote: > On 06/04/2013 02:57 PM, Andrew Wnuk wrote: > >> On 06/03/2013 07:10 AM, Ade Lee wrote: >> >>> Can you attach the logs under /var/log/pki-tps ? >>> Also, check /var/log/messages to see if there are any messages there. >>> >>> Another thing you can try is to set selinux in permissive mode, and see >>> if the server starts. >>> >>> Ade >>> >> You could also try to disable syntax checking in your directory server. >> > https://access.redhat.com/**site/documentation/en-US/Red_** > Hat_Directory_Server/8.2/html/**Administration_Guide/syntax-** > validation.html#syntax-**validation-basic > > >>> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>> >>>> This is the only error i see in the TPS install log [2013-05-29 >>>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>>> system journal and 'systemctl status' for details." and the same >>>> error(minus service name on the other service) >>>> >>>> >>>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: >>>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>>> > I don't mean to sound dumb but where is the >>>> logfiles? I am >>>> > using the wiki install page as a guide. >>>> Installation logs are under /var/log with >>>> names referring to >>>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>>> pki-tks-install.log, pki-tks-install.log, . . . >>>> Each subsystem has its logs located under subsystem >>>> directory. >>>> For example >>>> * CA logs by default are located in /var/log/pki-ca >>>> * TPS logs by default are located in /var/log/pki-tps >>>> * . . . >>>> > >>>> > >>>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>>> > wrote: >>>> > >>>> > Is there anything in the log files pointing to your >>>> > failure? >>>> > If yes, could you provide these log entries? >>>> > >>>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>>> > >>>> > > Any Ideas on this? I need the TPS for the >>>> > > smartcard support. >>>> > > >>>> > > >>>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>>> > > wrote: >>>> > > Fedora 17 and dogtag 9 via yum >>>> > > >>>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>>> > > wrote: >>>> > > >>>> > > On 05/28/2013 09:46 PM, Brian >>>> > > Henson wrote: >>>> > > >>>> > > > Hello all, >>>> > > > >>>> > > > >>>> > > > When I try to configure the RA >>>> > > > subsystem after installing it I >>>> > > > get this error. >>>> > > > >>>> > > > >>>> > > > Installation information >>>> > > > recorded >>>> > > > in /var/log/pki-ra-install.log. >>>> > > > [debug] >>>> > > > run_command(/bin/systemctl >>>> > > > restart pki-rad at pki-ra.service) >>>> > > > [error] FAILED >>>> > > > run_command("/bin/systemctl >>>> > > > restart >>>> > > > pki-rad at pki-ra.service"), exit >>>> > > > status=1 output="Job failed. See >>>> > > > system journal and 'systemctl >>>> > > > status' for details." >>>> > > > Before proceeding with the >>>> > > > configuration, make sure >>>> > > > the firewall settings of this >>>> > > > machine permit proper >>>> > > > access to this subsystem. >>>> > > > >>>> > > > >>>> > > > Please start the configuration >>>> > > > by accessing: >>>> > > > >>>> > > > >>>> > > > https://(someaddress):12890/** >>>> ra/admin/console/config/login?**pin=XWdsV1oDtx9qQFcybzAr >>>> > > > >>>> > > > >>>> > > > After configuration, the server >>>> > > > can be operated by the command: >>>> > > > >>>> > > > >>>> > > > /bin/systemctl restart >>>> > > > pki-rad at pki-ra.service >>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> > > > Anyone know how to fix this? I >>>> > > > get it for the TPS module as >>>> > > > well. >>>> > > > >>>> > > > >>>> > > > Thanks >>>> > > > >>>> > > > >>>> > > > Brian Henson >>>> > > > >>>> > > > >>>> > > >>>> > > Brian, >>>> > > >>>> > > Could you provide OS and server >>>> > > versions? >>>> > > >>>> > > Thank you, >>>> > > Andrew >>>> > > >>>> > > >>>> > > >>>> > >>>> > >>>> > >>>> > >>>> >>>> >>>> ______________________________**_________________ >>>> Pki-users mailing list >>>> Pki-users at redhat.com >>>> https://www.redhat.com/**mailman/listinfo/pki-users >>>> >>> >>> >> ______________________________**_________________ >> Pki-users mailing list >> Pki-users at redhat.com >> https://www.redhat.com/**mailman/listinfo/pki-users >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marine64 at gmail.com Mon Jun 10 01:48:49 2013 From: marine64 at gmail.com (Brian Henson) Date: Sun, 9 Jun 2013 21:48:49 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> Message-ID: Log file On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson wrote: > Changed the syntax checking now i get this when starting > > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic > link `pkiuser/logs': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/logs' -> '/var/log/pki-tps'! > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > 'pkiuser/run' does NOT exist! > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create > 'pkiuser/run' -> '/var/run/pki/tps' . . . > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic > link `pkiuser/run': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/run' -> '/var/run/pki/tps'! > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > 'pkiuser/conf' does NOT exist! > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create > 'pkiuser/conf' -> '/etc/pki-tps' . . . > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic > link `pkiuser/conf': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/conf' -> '/etc/pki-tps'! > > > > On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk wrote: > >> On 06/04/2013 02:57 PM, Andrew Wnuk wrote: >> >>> On 06/03/2013 07:10 AM, Ade Lee wrote: >>> >>>> Can you attach the logs under /var/log/pki-tps ? >>>> Also, check /var/log/messages to see if there are any messages there. >>>> >>>> Another thing you can try is to set selinux in permissive mode, and see >>>> if the server starts. >>>> >>>> Ade >>>> >>> You could also try to disable syntax checking in your directory server. >>> >> https://access.redhat.com/**site/documentation/en-US/Red_** >> Hat_Directory_Server/8.2/html/**Administration_Guide/syntax-** >> validation.html#syntax-**validation-basic >> >> >>>> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>>> >>>>> This is the only error i see in the TPS install log [2013-05-29 >>>>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>>>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>>>> system journal and 'systemctl status' for details." and the same >>>>> error(minus service name on the other service) >>>>> >>>>> >>>>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk wrote: >>>>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>>>> > I don't mean to sound dumb but where is the >>>>> logfiles? I am >>>>> > using the wiki install page as a guide. >>>>> Installation logs are under /var/log with >>>>> names referring to >>>>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>>>> pki-tks-install.log, pki-tks-install.log, . . . >>>>> Each subsystem has its logs located under subsystem >>>>> directory. >>>>> For example >>>>> * CA logs by default are located in /var/log/pki-ca >>>>> * TPS logs by default are located in /var/log/pki-tps >>>>> * . . . >>>>> > >>>>> > >>>>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>>>> > wrote: >>>>> > >>>>> > Is there anything in the log files pointing to your >>>>> > failure? >>>>> > If yes, could you provide these log entries? >>>>> > >>>>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>>>> > >>>>> > > Any Ideas on this? I need the TPS for the >>>>> > > smartcard support. >>>>> > > >>>>> > > >>>>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>>>> > > wrote: >>>>> > > Fedora 17 and dogtag 9 via yum >>>>> > > >>>>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>>>> > > wrote: >>>>> > > >>>>> > > On 05/28/2013 09:46 PM, Brian >>>>> > > Henson wrote: >>>>> > > >>>>> > > > Hello all, >>>>> > > > >>>>> > > > >>>>> > > > When I try to configure the RA >>>>> > > > subsystem after installing it I >>>>> > > > get this error. >>>>> > > > >>>>> > > > >>>>> > > > Installation information >>>>> > > > recorded >>>>> > > > in /var/log/pki-ra-install.log. >>>>> > > > [debug] >>>>> > > > run_command(/bin/systemctl >>>>> > > > restart pki-rad at pki-ra.service) >>>>> > > > [error] FAILED >>>>> > > > run_command("/bin/systemctl >>>>> > > > restart >>>>> > > > pki-rad at pki-ra.service"), exit >>>>> > > > status=1 output="Job failed. See >>>>> > > > system journal and 'systemctl >>>>> > > > status' for details." >>>>> > > > Before proceeding with the >>>>> > > > configuration, make sure >>>>> > > > the firewall settings of this >>>>> > > > machine permit proper >>>>> > > > access to this subsystem. >>>>> > > > >>>>> > > > >>>>> > > > Please start the configuration >>>>> > > > by accessing: >>>>> > > > >>>>> > > > >>>>> > > > https://(someaddress):12890/** >>>>> ra/admin/console/config/login?**pin=XWdsV1oDtx9qQFcybzAr >>>>> > > > >>>>> > > > >>>>> > > > After configuration, the server >>>>> > > > can be operated by the command: >>>>> > > > >>>>> > > > >>>>> > > > /bin/systemctl restart >>>>> > > > pki-rad at pki-ra.service >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > > > Anyone know how to fix this? I >>>>> > > > get it for the TPS module as >>>>> > > > well. >>>>> > > > >>>>> > > > >>>>> > > > Thanks >>>>> > > > >>>>> > > > >>>>> > > > Brian Henson >>>>> > > > >>>>> > > > >>>>> > > >>>>> > > Brian, >>>>> > > >>>>> > > Could you provide OS and server >>>>> > > versions? >>>>> > > >>>>> > > Thank you, >>>>> > > Andrew >>>>> > > >>>>> > > >>>>> > > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> >>>>> >>>>> ______________________________**_________________ >>>>> Pki-users mailing list >>>>> Pki-users at redhat.com >>>>> https://www.redhat.com/**mailman/listinfo/pki-users >>>>> >>>> >>>> >>> ______________________________**_________________ >>> Pki-users mailing list >>> Pki-users at redhat.com >>> https://www.redhat.com/**mailman/listinfo/pki-users >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: pki-tps-install.log Type: application/octet-stream Size: 172807 bytes Desc: not available URL: From awnuk at redhat.com Mon Jun 10 16:26:14 2013 From: awnuk at redhat.com (Andrew Wnuk) Date: Mon, 10 Jun 2013 09:26:14 -0700 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> Message-ID: <51B5FE26.5010600@redhat.com> Hi Brian, it looks like you may have similar issue to https://bugzilla.redhat.com/show_bug.cgi?id=971031 Could you try solution provided in 971031? Thank you, Andrew On 06/09/2013 06:48 PM, Brian Henson wrote: > Log file > > > On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson > wrote: > > Changed the syntax checking now i get this when starting > > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create > symbolic link `pkiuser/logs': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/logs' -> '/var/log/pki-tps'! > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > 'pkiuser/run' does NOT exist! > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to > create 'pkiuser/run' -> '/var/run/pki/tps' . . . > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create > symbolic link `pkiuser/run': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/run' -> '/var/run/pki/tps'! > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > 'pkiuser/conf' does NOT exist! > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to > create 'pkiuser/conf' -> '/etc/pki-tps' . . . > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create > symbolic link `pkiuser/conf': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/conf' -> '/etc/pki-tps'! > > > > On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk > wrote: > > On 06/04/2013 02:57 PM, Andrew Wnuk wrote: > > On 06/03/2013 07:10 AM, Ade Lee wrote: > > Can you attach the logs under /var/log/pki-tps ? > Also, check /var/log/messages to see if there are any > messages there. > > Another thing you can try is to set selinux in > permissive mode, and see > if the server starts. > > Ade > > You could also try to disable syntax checking in your > directory server. > > https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic > > > > On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: > > This is the only error i see in the TPS install > log [2013-05-29 > 03:37:20] [error] FAILED > run_command("/bin/systemctl restart > pki-tpsd at pki-tps.service"), exit status=1 > output="Job failed. See > system journal and 'systemctl status' for > details." and the same > error(minus service name on the other service) > > > On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk > > wrote: > On 05/31/2013 07:53 AM, Brian Henson wrote: > > I don't mean to sound dumb but > where is the logfiles? I am > > using the wiki install page as a guide. > Installation logs are > under /var/log with names referring to > subsystems like: pki-ca-install.log, > pki-kra-install.log, > pki-tks-install.log, pki-tks-install.log, > . . . > Each subsystem has its logs > located under subsystem directory. > For example > * CA logs by default are located > in /var/log/pki-ca > * TPS logs by default are located > in /var/log/pki-tps > * . . . > > > > > > On Thu, May 30, 2013 at 4:01 PM, Andrew > Wnuk > > > wrote: > > > > Is there anything in the log > files pointing to your > > failure? > > If yes, could you provide these > log entries? > > > > On 05/30/2013 11:34 AM, Brian > Henson wrote: > > > > > Any Ideas on this? I need the > TPS for the > > > smartcard support. > > > > > > > > > On Wed, May 29, 2013 at 1:24 > PM, Brian Henson > > > > wrote: > > > Fedora 17 and dogtag 9 via yum > > > > > > On May 29, 2013 12:01 > PM, "Andrew Wnuk" > > > > wrote: > > > > > > On 05/28/2013 09:46 PM, Brian > > > Henson wrote: > > > > > > > Hello all, > > > > > > > > > > > > When I try to configure > the RA > > > > subsystem after > installing it I > > > > get this error. > > > > > > > > > > > > Installation information > > > > recorded > > > > in > /var/log/pki-ra-install.log. > > > > [debug] > > > > run_command(/bin/systemctl > > > > restart > pki-rad at pki-ra.service) > > > > [error] FAILED > > > > run_command("/bin/systemctl > > > > restart > > > > pki-rad at pki-ra.service"), > exit > > > > status=1 output="Job > failed. See > > > > system journal and 'systemctl > > > > status' for details." > > > > Before proceeding with the > > > > configuration, make sure > > > > the firewall settings of this > > > > machine permit proper > > > > access to this subsystem. > > > > > > > > > > > > Please start the > configuration > > > > by accessing: > > > > > > > > > > > > > https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr > > > > > > > > > > > > After configuration, the > server > > > > can be operated by the > command: > > > > > > > > > > > > /bin/systemctl restart > > > > pki-rad at pki-ra.service > > > > > > > > > > > > > > > > > > > > Anyone know how to fix > this? I > > > > get it for the TPS module as > > > > well. > > > > > > > > > > > > Thanks > > > > > > > > > > > > Brian Henson > > > > > > > > > > > > > > Brian, > > > > > > Could you provide OS and server > > > versions? > > > > > > Thank you, > > > Andrew > > > > > > > > > > > > > > > > > > > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users > > > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marine64 at gmail.com Mon Jun 10 19:56:35 2013 From: marine64 at gmail.com (Brian Henson) Date: Mon, 10 Jun 2013 15:56:35 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <51B5FE26.5010600@redhat.com> References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> <51B5FE26.5010600@redhat.com> Message-ID: I have SELinux completely disabled. SHould I skip the semanage part? On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk wrote: > Hi Brian, > > it looks like you may have similar issue to > https://bugzilla.redhat.com/show_bug.cgi?id=971031 > Could you try solution provided in 971031? > > Thank you, > Andrew > > > On 06/09/2013 06:48 PM, Brian Henson wrote: > > Log file > > > On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson wrote: > >> Changed the syntax checking now i get this when starting >> >> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >> link `pkiuser/logs': No such file or directory >> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >> 'pkiuser/logs' -> '/var/log/pki-tps'! >> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link >> 'pkiuser/run' does NOT exist! >> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create >> 'pkiuser/run' -> '/var/run/pki/tps' . . . >> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >> link `pkiuser/run': No such file or directory >> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >> 'pkiuser/run' -> '/var/run/pki/tps'! >> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link >> 'pkiuser/conf' does NOT exist! >> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create >> 'pkiuser/conf' -> '/etc/pki-tps' . . . >> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >> link `pkiuser/conf': No such file or directory >> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >> 'pkiuser/conf' -> '/etc/pki-tps'! >> >> >> >> On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk wrote: >> >>> On 06/04/2013 02:57 PM, Andrew Wnuk wrote: >>> >>>> On 06/03/2013 07:10 AM, Ade Lee wrote: >>>> >>>>> Can you attach the logs under /var/log/pki-tps ? >>>>> Also, check /var/log/messages to see if there are any messages there. >>>>> >>>>> Another thing you can try is to set selinux in permissive mode, and see >>>>> if the server starts. >>>>> >>>>> Ade >>>>> >>>> You could also try to disable syntax checking in your directory server. >>>> >>> >>> https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic >>> >>> >>>>> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>>>> >>>>>> This is the only error i see in the TPS install log [2013-05-29 >>>>>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>>>>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>>>>> system journal and 'systemctl status' for details." and the same >>>>>> error(minus service name on the other service) >>>>>> >>>>>> >>>>>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk >>>>>> wrote: >>>>>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>>>>> > I don't mean to sound dumb but where is the >>>>>> logfiles? I am >>>>>> > using the wiki install page as a guide. >>>>>> Installation logs are under /var/log with >>>>>> names referring to >>>>>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>>>>> pki-tks-install.log, pki-tks-install.log, . . . >>>>>> Each subsystem has its logs located under subsystem >>>>>> directory. >>>>>> For example >>>>>> * CA logs by default are located in /var/log/pki-ca >>>>>> * TPS logs by default are located in /var/log/pki-tps >>>>>> * . . . >>>>>> > >>>>>> > >>>>>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>>>>> > wrote: >>>>>> > >>>>>> > Is there anything in the log files pointing to your >>>>>> > failure? >>>>>> > If yes, could you provide these log entries? >>>>>> > >>>>>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>>>>> > >>>>>> > > Any Ideas on this? I need the TPS for the >>>>>> > > smartcard support. >>>>>> > > >>>>>> > > >>>>>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>>>>> > > wrote: >>>>>> > > Fedora 17 and dogtag 9 via yum >>>>>> > > >>>>>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>>>>> > > wrote: >>>>>> > > >>>>>> > > On 05/28/2013 09:46 PM, Brian >>>>>> > > Henson wrote: >>>>>> > > >>>>>> > > > Hello all, >>>>>> > > > >>>>>> > > > >>>>>> > > > When I try to configure the RA >>>>>> > > > subsystem after installing it I >>>>>> > > > get this error. >>>>>> > > > >>>>>> > > > >>>>>> > > > Installation information >>>>>> > > > recorded >>>>>> > > > in /var/log/pki-ra-install.log. >>>>>> > > > [debug] >>>>>> > > > run_command(/bin/systemctl >>>>>> > > > restart pki-rad at pki-ra.service >>>>>> ) >>>>>> > > > [error] FAILED >>>>>> > > > run_command("/bin/systemctl >>>>>> > > > restart >>>>>> > > > pki-rad at pki-ra.service"), exit >>>>>> > > > status=1 output="Job failed. >>>>>> See >>>>>> > > > system journal and 'systemctl >>>>>> > > > status' for details." >>>>>> > > > Before proceeding with the >>>>>> > > > configuration, make sure >>>>>> > > > the firewall settings of this >>>>>> > > > machine permit proper >>>>>> > > > access to this subsystem. >>>>>> > > > >>>>>> > > > >>>>>> > > > Please start the configuration >>>>>> > > > by accessing: >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr >>>>>> > > > >>>>>> > > > >>>>>> > > > After configuration, the server >>>>>> > > > can be operated by the command: >>>>>> > > > >>>>>> > > > >>>>>> > > > /bin/systemctl restart >>>>>> > > > pki-rad at pki-ra.service >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > >>>>>> > > > Anyone know how to fix this? I >>>>>> > > > get it for the TPS module as >>>>>> > > > well. >>>>>> > > > >>>>>> > > > >>>>>> > > > Thanks >>>>>> > > > >>>>>> > > > >>>>>> > > > Brian Henson >>>>>> > > > >>>>>> > > > >>>>>> > > >>>>>> > > Brian, >>>>>> > > >>>>>> > > Could you provide OS and server >>>>>> > > versions? >>>>>> > > >>>>>> > > Thank you, >>>>>> > > Andrew >>>>>> > > >>>>>> > > >>>>>> > > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Pki-users mailing list >>>>>> Pki-users at redhat.com >>>>>> https://www.redhat.com/mailman/listinfo/pki-users >>>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> Pki-users mailing list >>>> Pki-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/pki-users >>>> >>> >>> >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From awnuk at redhat.com Tue Jun 11 00:39:17 2013 From: awnuk at redhat.com (Andrew Wnuk) Date: Mon, 10 Jun 2013 17:39:17 -0700 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> <51B5FE26.5010600@redhat.com> Message-ID: <51B671B5.8090009@redhat.com> On 06/10/2013 12:56 PM, Brian Henson wrote: > I have SELinux completely disabled. SHould I skip the semanage part? Yes, check the earlier comments. > > > On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk > wrote: > > Hi Brian, > > it looks like you may have similar issue to > https://bugzilla.redhat.com/show_bug.cgi?id=971031 > Could you try solution provided in 971031? > > Thank you, > Andrew > > > On 06/09/2013 06:48 PM, Brian Henson wrote: >> Log file >> >> >> On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson > > wrote: >> >> Changed the syntax checking now i get this when starting >> >> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create >> symbolic link `pkiuser/logs': No such file or directory >> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to >> create 'pkiuser/logs' -> '/var/log/pki-tps'! >> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic >> link 'pkiuser/run' does NOT exist! >> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to >> create 'pkiuser/run' -> '/var/run/pki/tps' . . . >> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create >> symbolic link `pkiuser/run': No such file or directory >> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to >> create 'pkiuser/run' -> '/var/run/pki/tps'! >> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic >> link 'pkiuser/conf' does NOT exist! >> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to >> create 'pkiuser/conf' -> '/etc/pki-tps' . . . >> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create >> symbolic link `pkiuser/conf': No such file or directory >> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to >> create 'pkiuser/conf' -> '/etc/pki-tps'! >> >> >> >> On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk > > wrote: >> >> On 06/04/2013 02:57 PM, Andrew Wnuk wrote: >> >> On 06/03/2013 07:10 AM, Ade Lee wrote: >> >> Can you attach the logs under /var/log/pki-tps ? >> Also, check /var/log/messages to see if there are >> any messages there. >> >> Another thing you can try is to set selinux in >> permissive mode, and see >> if the server starts. >> >> Ade >> >> You could also try to disable syntax checking in your >> directory server. >> >> https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic >> >> >> >> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson >> wrote: >> >> This is the only error i see in the TPS >> install log [2013-05-29 >> 03:37:20] [error] FAILED >> run_command("/bin/systemctl restart >> pki-tpsd at pki-tps.service >> "), exit >> status=1 output="Job failed. See >> system journal and 'systemctl status' for >> details." and the same >> error(minus service name on the other service) >> >> >> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk >> > >> wrote: >> On 05/31/2013 07:53 AM, Brian Henson >> wrote: >> > I don't mean to sound >> dumb but where is the logfiles? I am >> > using the wiki install page as a >> guide. >> Installation logs are under /var/log with >> names referring to >> subsystems like: pki-ca-install.log, >> pki-kra-install.log, >> pki-tks-install.log, pki-tks-install.log, . . . >> Each subsystem has its logs >> located under subsystem directory. >> For example >> * CA logs by default are >> located in /var/log/pki-ca >> * TPS logs by default are >> located in /var/log/pki-tps >> * . . . >> > >> > >> > On Thu, May 30, 2013 at 4:01 PM, >> Andrew Wnuk >> > > > wrote: >> > >> > Is there anything in the >> log files pointing to your >> > failure? >> > If yes, could you provide >> these log entries? >> > >> > On 05/30/2013 11:34 AM, >> Brian Henson wrote: >> > >> > > Any Ideas on this? I >> need the TPS for the >> > > smartcard support. >> > > >> > > >> > > On Wed, May 29, 2013 at >> 1:24 PM, Brian Henson >> > > > > wrote: >> > > Fedora 17 and >> dogtag 9 via yum >> > > >> > > On May 29, 2013 >> 12:01 PM, "Andrew Wnuk" >> > > >> > >> wrote: >> > > >> > > On >> 05/28/2013 09:46 PM, Brian >> > > Henson >> wrote: >> > > >> > > > Hello all, >> > > > >> > > > >> > > > When I >> try to configure the RA >> > > > >> subsystem after installing it I >> > > > get >> this error. >> > > > >> > > > >> > > > >> Installation information >> > > > recorded >> > > > in >> /var/log/pki-ra-install.log. >> > > > [debug] >> > > > >> run_command(/bin/systemctl >> > > > >> restart pki-rad at pki-ra.service >> ) >> > > > >> [error] FAILED >> > > > >> run_command("/bin/systemctl >> > > > restart >> > > > >> pki-rad at pki-ra.service >> "), exit >> > > > >> status=1 output="Job failed. See >> > > > system >> journal and 'systemctl >> > > > >> status' for details." >> > > > Before >> proceeding with the >> > > > >> configuration, make sure >> > > > the >> firewall settings of this >> > > > >> machine permit proper >> > > > access >> to this subsystem. >> > > > >> > > > >> > > > Please >> start the configuration >> > > > by >> accessing: >> > > > >> > > > >> > > > >> https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr >> >> > > > >> > > > >> > > > After >> configuration, the server >> > > > can be >> operated by the command: >> > > > >> > > > >> > > > >> /bin/systemctl restart >> > > > >> pki-rad at pki-ra.service >> >> > > > >> > > > >> > > > >> > > > >> > > > Anyone >> know how to fix this? I >> > > > get it >> for the TPS module as >> > > > well. >> > > > >> > > > >> > > > Thanks >> > > > >> > > > >> > > > Brian >> Henson >> > > > >> > > > >> > > >> > > Brian, >> > > >> > > Could >> you provide OS and server >> > > versions? >> > > >> > > Thank you, >> > > Andrew >> > > >> > > >> > > >> > >> > >> > >> > >> >> >> _______________________________________________ >> Pki-users mailing list >> Pki-users at redhat.com >> >> https://www.redhat.com/mailman/listinfo/pki-users >> >> >> >> _______________________________________________ >> Pki-users mailing list >> Pki-users at redhat.com >> https://www.redhat.com/mailman/listinfo/pki-users >> >> >> >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marine64 at gmail.com Tue Jun 11 01:55:40 2013 From: marine64 at gmail.com (Brian Henson) Date: Mon, 10 Jun 2013 21:55:40 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <51B671B5.8090009@redhat.com> References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> <51B5FE26.5010600@redhat.com> <51B671B5.8090009@redhat.com> Message-ID: Perfect. Changed the two files and it installed perfectly. Thank you for your help. On Mon, Jun 10, 2013 at 8:39 PM, Andrew Wnuk wrote: > On 06/10/2013 12:56 PM, Brian Henson wrote: > > I have SELinux completely disabled. SHould I skip the semanage part? > > Yes, check the earlier comments. > > > > On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk wrote: > >> Hi Brian, >> >> it looks like you may have similar issue to >> https://bugzilla.redhat.com/show_bug.cgi?id=971031 >> Could you try solution provided in 971031? >> >> Thank you, >> Andrew >> >> >> On 06/09/2013 06:48 PM, Brian Henson wrote: >> >> Log file >> >> >> On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson wrote: >> >>> Changed the syntax checking now i get this when starting >>> >>> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >>> link `pkiuser/logs': No such file or directory >>> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >>> 'pkiuser/logs' -> '/var/log/pki-tps'! >>> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link >>> 'pkiuser/run' does NOT exist! >>> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create >>> 'pkiuser/run' -> '/var/run/pki/tps' . . . >>> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >>> link `pkiuser/run': No such file or directory >>> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >>> 'pkiuser/run' -> '/var/run/pki/tps'! >>> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link >>> 'pkiuser/conf' does NOT exist! >>> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create >>> 'pkiuser/conf' -> '/etc/pki-tps' . . . >>> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >>> link `pkiuser/conf': No such file or directory >>> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >>> 'pkiuser/conf' -> '/etc/pki-tps'! >>> >>> >>> >>> On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk wrote: >>> >>>> On 06/04/2013 02:57 PM, Andrew Wnuk wrote: >>>> >>>>> On 06/03/2013 07:10 AM, Ade Lee wrote: >>>>> >>>>>> Can you attach the logs under /var/log/pki-tps ? >>>>>> Also, check /var/log/messages to see if there are any messages there. >>>>>> >>>>>> Another thing you can try is to set selinux in permissive mode, and >>>>>> see >>>>>> if the server starts. >>>>>> >>>>>> Ade >>>>>> >>>>> You could also try to disable syntax checking in your directory server. >>>>> >>>> >>>> https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic >>>> >>>> >>>>>> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>>>>> >>>>>>> This is the only error i see in the TPS install log [2013-05-29 >>>>>>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>>>>>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>>>>>> system journal and 'systemctl status' for details." and the same >>>>>>> error(minus service name on the other service) >>>>>>> >>>>>>> >>>>>>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk >>>>>>> wrote: >>>>>>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>>>>>> > I don't mean to sound dumb but where is the >>>>>>> logfiles? I am >>>>>>> > using the wiki install page as a guide. >>>>>>> Installation logs are under /var/log with >>>>>>> names referring to >>>>>>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>>>>>> pki-tks-install.log, pki-tks-install.log, . . . >>>>>>> Each subsystem has its logs located under >>>>>>> subsystem directory. >>>>>>> For example >>>>>>> * CA logs by default are located in /var/log/pki-ca >>>>>>> * TPS logs by default are located in /var/log/pki-tps >>>>>>> * . . . >>>>>>> > >>>>>>> > >>>>>>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>>>>>> > wrote: >>>>>>> > >>>>>>> > Is there anything in the log files pointing to >>>>>>> your >>>>>>> > failure? >>>>>>> > If yes, could you provide these log entries? >>>>>>> > >>>>>>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>>>>>> > >>>>>>> > > Any Ideas on this? I need the TPS for the >>>>>>> > > smartcard support. >>>>>>> > > >>>>>>> > > >>>>>>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>>>>>> > > wrote: >>>>>>> > > Fedora 17 and dogtag 9 via yum >>>>>>> > > >>>>>>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>>>>>> > > wrote: >>>>>>> > > >>>>>>> > > On 05/28/2013 09:46 PM, Brian >>>>>>> > > Henson wrote: >>>>>>> > > >>>>>>> > > > Hello all, >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > When I try to configure the RA >>>>>>> > > > subsystem after installing it >>>>>>> I >>>>>>> > > > get this error. >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > Installation information >>>>>>> > > > recorded >>>>>>> > > > in >>>>>>> /var/log/pki-ra-install.log. >>>>>>> > > > [debug] >>>>>>> > > > run_command(/bin/systemctl >>>>>>> > > > restart >>>>>>> pki-rad at pki-ra.service) >>>>>>> > > > [error] FAILED >>>>>>> > > > run_command("/bin/systemctl >>>>>>> > > > restart >>>>>>> > > > pki-rad at pki-ra.service"), >>>>>>> exit >>>>>>> > > > status=1 output="Job failed. >>>>>>> See >>>>>>> > > > system journal and 'systemctl >>>>>>> > > > status' for details." >>>>>>> > > > Before proceeding with the >>>>>>> > > > configuration, make sure >>>>>>> > > > the firewall settings of this >>>>>>> > > > machine permit proper >>>>>>> > > > access to this subsystem. >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > Please start the configuration >>>>>>> > > > by accessing: >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > After configuration, the >>>>>>> server >>>>>>> > > > can be operated by the >>>>>>> command: >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > /bin/systemctl restart >>>>>>> > > > pki-rad at pki-ra.service >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > Anyone know how to fix this? I >>>>>>> > > > get it for the TPS module as >>>>>>> > > > well. >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > Thanks >>>>>>> > > > >>>>>>> > > > >>>>>>> > > > Brian Henson >>>>>>> > > > >>>>>>> > > > >>>>>>> > > >>>>>>> > > Brian, >>>>>>> > > >>>>>>> > > Could you provide OS and server >>>>>>> > > versions? >>>>>>> > > >>>>>>> > > Thank you, >>>>>>> > > Andrew >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Pki-users mailing list >>>>>>> Pki-users at redhat.com >>>>>>> https://www.redhat.com/mailman/listinfo/pki-users >>>>>>> >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> Pki-users mailing list >>>>> Pki-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/pki-users >>>>> >>>> >>>> >>> >> >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marine64 at gmail.com Tue Jun 11 02:10:04 2013 From: marine64 at gmail.com (Brian Henson) Date: Mon, 10 Jun 2013 22:10:04 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51A62623.8020309@redhat.com> <51A7B018.6050206@redhat.com> <51A9129E.1020809@redhat.com> <1370268645.18609.4.camel@aleeredhat.laptop> <51AE62E1.10902@redhat.com> <51AF7340.9000300@redhat.com> <51B5FE26.5010600@redhat.com> <51B671B5.8090009@redhat.com> Message-ID: Only error I am working with now is my test smart card (expresso pro 64k -fips) shows error 28 when I try to format it using the smart card manager. Anyone know how to fix that? On Mon, Jun 10, 2013 at 9:55 PM, Brian Henson wrote: > Perfect. Changed the two files and it installed perfectly. Thank you for > your help. > > > On Mon, Jun 10, 2013 at 8:39 PM, Andrew Wnuk wrote: > >> On 06/10/2013 12:56 PM, Brian Henson wrote: >> >> I have SELinux completely disabled. SHould I skip the semanage part? >> >> Yes, check the earlier comments. >> >> >> >> On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk wrote: >> >>> Hi Brian, >>> >>> it looks like you may have similar issue to >>> https://bugzilla.redhat.com/show_bug.cgi?id=971031 >>> Could you try solution provided in 971031? >>> >>> Thank you, >>> Andrew >>> >>> >>> On 06/09/2013 06:48 PM, Brian Henson wrote: >>> >>> Log file >>> >>> >>> On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson wrote: >>> >>>> Changed the syntax checking now i get this when starting >>>> >>>> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create >>>> symbolic link `pkiuser/logs': No such file or directory >>>> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >>>> 'pkiuser/logs' -> '/var/log/pki-tps'! >>>> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link >>>> 'pkiuser/run' does NOT exist! >>>> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create >>>> 'pkiuser/run' -> '/var/run/pki/tps' . . . >>>> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >>>> link `pkiuser/run': No such file or directory >>>> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >>>> 'pkiuser/run' -> '/var/run/pki/tps'! >>>> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link >>>> 'pkiuser/conf' does NOT exist! >>>> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create >>>> 'pkiuser/conf' -> '/etc/pki-tps' . . . >>>> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic >>>> link `pkiuser/conf': No such file or directory >>>> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create >>>> 'pkiuser/conf' -> '/etc/pki-tps'! >>>> >>>> >>>> >>>> On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk wrote: >>>> >>>>> On 06/04/2013 02:57 PM, Andrew Wnuk wrote: >>>>> >>>>>> On 06/03/2013 07:10 AM, Ade Lee wrote: >>>>>> >>>>>>> Can you attach the logs under /var/log/pki-tps ? >>>>>>> Also, check /var/log/messages to see if there are any messages there. >>>>>>> >>>>>>> Another thing you can try is to set selinux in permissive mode, and >>>>>>> see >>>>>>> if the server starts. >>>>>>> >>>>>>> Ade >>>>>>> >>>>>> You could also try to disable syntax checking in your directory >>>>>> server. >>>>>> >>>>> >>>>> https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic >>>>> >>>>> >>>>>>> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: >>>>>>> >>>>>>>> This is the only error i see in the TPS install log [2013-05-29 >>>>>>>> 03:37:20] [error] FAILED run_command("/bin/systemctl restart >>>>>>>> pki-tpsd at pki-tps.service"), exit status=1 output="Job failed. See >>>>>>>> system journal and 'systemctl status' for details." and the same >>>>>>>> error(minus service name on the other service) >>>>>>>> >>>>>>>> >>>>>>>> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk >>>>>>>> wrote: >>>>>>>> On 05/31/2013 07:53 AM, Brian Henson wrote: >>>>>>>> > I don't mean to sound dumb but where is the >>>>>>>> logfiles? I am >>>>>>>> > using the wiki install page as a guide. >>>>>>>> Installation logs are under /var/log >>>>>>>> with names referring to >>>>>>>> subsystems like: pki-ca-install.log, pki-kra-install.log, >>>>>>>> pki-tks-install.log, pki-tks-install.log, . . . >>>>>>>> Each subsystem has its logs located under >>>>>>>> subsystem directory. >>>>>>>> For example >>>>>>>> * CA logs by default are located in /var/log/pki-ca >>>>>>>> * TPS logs by default are located in >>>>>>>> /var/log/pki-tps >>>>>>>> * . . . >>>>>>>> > >>>>>>>> > >>>>>>>> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk >>>>>>>> > wrote: >>>>>>>> > >>>>>>>> > Is there anything in the log files pointing to >>>>>>>> your >>>>>>>> > failure? >>>>>>>> > If yes, could you provide these log entries? >>>>>>>> > >>>>>>>> > On 05/30/2013 11:34 AM, Brian Henson wrote: >>>>>>>> > >>>>>>>> > > Any Ideas on this? I need the TPS for the >>>>>>>> > > smartcard support. >>>>>>>> > > >>>>>>>> > > >>>>>>>> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson >>>>>>>> > > wrote: >>>>>>>> > > Fedora 17 and dogtag 9 via yum >>>>>>>> > > >>>>>>>> > > On May 29, 2013 12:01 PM, "Andrew Wnuk" >>>>>>>> > > wrote: >>>>>>>> > > >>>>>>>> > > On 05/28/2013 09:46 PM, Brian >>>>>>>> > > Henson wrote: >>>>>>>> > > >>>>>>>> > > > Hello all, >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > When I try to configure the >>>>>>>> RA >>>>>>>> > > > subsystem after installing >>>>>>>> it I >>>>>>>> > > > get this error. >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > Installation information >>>>>>>> > > > recorded >>>>>>>> > > > in >>>>>>>> /var/log/pki-ra-install.log. >>>>>>>> > > > [debug] >>>>>>>> > > > run_command(/bin/systemctl >>>>>>>> > > > restart >>>>>>>> pki-rad at pki-ra.service) >>>>>>>> > > > [error] FAILED >>>>>>>> > > > run_command("/bin/systemctl >>>>>>>> > > > restart >>>>>>>> > > > pki-rad at pki-ra.service"), >>>>>>>> exit >>>>>>>> > > > status=1 output="Job failed. >>>>>>>> See >>>>>>>> > > > system journal and 'systemctl >>>>>>>> > > > status' for details." >>>>>>>> > > > Before proceeding with the >>>>>>>> > > > configuration, make sure >>>>>>>> > > > the firewall settings of this >>>>>>>> > > > machine permit proper >>>>>>>> > > > access to this subsystem. >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > Please start the >>>>>>>> configuration >>>>>>>> > > > by accessing: >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > After configuration, the >>>>>>>> server >>>>>>>> > > > can be operated by the >>>>>>>> command: >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > /bin/systemctl restart >>>>>>>> > > > pki-rad at pki-ra.service >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > Anyone know how to fix this? >>>>>>>> I >>>>>>>> > > > get it for the TPS module as >>>>>>>> > > > well. >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > Thanks >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > > Brian Henson >>>>>>>> > > > >>>>>>>> > > > >>>>>>>> > > >>>>>>>> > > Brian, >>>>>>>> > > >>>>>>>> > > Could you provide OS and server >>>>>>>> > > versions? >>>>>>>> > > >>>>>>>> > > Thank you, >>>>>>>> > > Andrew >>>>>>>> > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Pki-users mailing list >>>>>>>> Pki-users at redhat.com >>>>>>>> https://www.redhat.com/mailman/listinfo/pki-users >>>>>>>> >>>>>>> >>>>>>> >>>>>> _______________________________________________ >>>>>> Pki-users mailing list >>>>>> Pki-users at redhat.com >>>>>> https://www.redhat.com/mailman/listinfo/pki-users >>>>>> >>>>> >>>>> >>>> >>> >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jmagne at redhat.com Tue Jun 11 16:52:54 2013 From: jmagne at redhat.com (John Magne) Date: Tue, 11 Jun 2013 12:52:54 -0400 (EDT) Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: References: <51B5FE26.5010600@redhat.com> <51B671B5.8090009@redhat.com> Message-ID: <1512116132.17752056.1370969574575.JavaMail.root@redhat.com> First of all, that doesn't sound like it's one of the supported smart cards. That is no sure bet that it won't work though. Second, a look at the tps-debug.log for TPS would help. ----- Original Message ----- > From: "Brian Henson" > To: "Andrew Wnuk" > Cc: pki-users at redhat.com > Sent: Monday, June 10, 2013 7:10:04 PM > Subject: Re: [Pki-users] (Fedora 17) PKI-RA fails to start after install > > Only error I am working with now is my test smart card (expresso pro 64k > -fips) shows error 28 when I try to format it using the smart card manager. > Anyone know how to fix that? > > > On Mon, Jun 10, 2013 at 9:55 PM, Brian Henson < marine64 at gmail.com > wrote: > > > > Perfect. Changed the two files and it installed perfectly. Thank you for your > help. > > > On Mon, Jun 10, 2013 at 8:39 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > > > > On 06/10/2013 12:56 PM, Brian Henson wrote: > > > > I have SELinux completely disabled. SHould I skip the semanage part? > Yes, check the earlier comments. > > > > > > > On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > > > > Hi Brian, > > it looks like you may have similar issue to > https://bugzilla.redhat.com/show_bug.cgi?id=971031 > Could you try solution provided in 971031? > > Thank you, > Andrew > > > On 06/09/2013 06:48 PM, Brian Henson wrote: > > > > Log file > > > On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson < marine64 at gmail.com > wrote: > > > > Changed the syntax checking now i get this when starting > > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link > `pkiuser/logs': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/logs' -> '/var/log/pki-tps'! > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link 'pkiuser/run' > does NOT exist! > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create > 'pkiuser/run' -> '/var/run/pki/tps' . . . > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link > `pkiuser/run': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/run' -> '/var/run/pki/tps'! > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > 'pkiuser/conf' does NOT exist! > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create > 'pkiuser/conf' -> '/etc/pki-tps' . . . > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link > `pkiuser/conf': No such file or directory > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > 'pkiuser/conf' -> '/etc/pki-tps'! > > > > On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > > > > On 06/04/2013 02:57 PM, Andrew Wnuk wrote: > > > On 06/03/2013 07:10 AM, Ade Lee wrote: > > > Can you attach the logs under /var/log/pki-tps ? > Also, check /var/log/messages to see if there are any messages there. > > Another thing you can try is to set selinux in permissive mode, and see > if the server starts. > > Ade > You could also try to disable syntax checking in your directory server. > https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic > > > > > > > On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: > > > This is the only error i see in the TPS install log [2013-05-29 > 03:37:20] [error] FAILED run_command("/bin/systemctl restart > pki-tpsd at pki-tps.service "), exit status=1 output="Job failed. See > system journal and 'systemctl status' for details." and the same > error(minus service name on the other service) > > > On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > On 05/31/2013 07:53 AM, Brian Henson wrote: > > I don't mean to sound dumb but where is the logfiles? I am > > using the wiki install page as a guide. > Installation logs are under /var/log with names referring to > subsystems like: pki-ca-install.log, pki-kra-install.log, > pki-tks-install.log, pki-tks-install.log, . . . > Each subsystem has its logs located under subsystem directory. > For example > * CA logs by default are located in /var/log/pki-ca > * TPS logs by default are located in /var/log/pki-tps > * . . . > > > > > > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk > > < awnuk at redhat.com > wrote: > > > > Is there anything in the log files pointing to your > > failure? > > If yes, could you provide these log entries? > > > > On 05/30/2013 11:34 AM, Brian Henson wrote: > > > > > Any Ideas on this? I need the TPS for the > > > smartcard support. > > > > > > > > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson > > > < marine64 at gmail.com > wrote: > > > Fedora 17 and dogtag 9 via yum > > > > > > On May 29, 2013 12:01 PM, "Andrew Wnuk" > > > < awnuk at redhat.com > wrote: > > > > > > On 05/28/2013 09:46 PM, Brian > > > Henson wrote: > > > > > > > Hello all, > > > > > > > > > > > > When I try to configure the RA > > > > subsystem after installing it I > > > > get this error. > > > > > > > > > > > > Installation information > > > > recorded > > > > in /var/log/pki-ra-install.log. > > > > [debug] > > > > run_command(/bin/systemctl > > > > restart pki-rad at pki-ra.service ) > > > > [error] FAILED > > > > run_command("/bin/systemctl > > > > restart > > > > pki-rad at pki-ra.service "), exit > > > > status=1 output="Job failed. See > > > > system journal and 'systemctl > > > > status' for details." > > > > Before proceeding with the > > > > configuration, make sure > > > > the firewall settings of this > > > > machine permit proper > > > > access to this subsystem. > > > > > > > > > > > > Please start the configuration > > > > by accessing: > > > > > > > > > > > > https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr > > > > > > > > > > > > After configuration, the server > > > > can be operated by the command: > > > > > > > > > > > > /bin/systemctl restart > > > > pki-rad at pki-ra.service > > > > > > > > > > > > > > > > > > > > Anyone know how to fix this? I > > > > get it for the TPS module as > > > > well. > > > > > > > > > > > > Thanks > > > > > > > > > > > > Brian Henson > > > > > > > > > > > > > > Brian, > > > > > > Could you provide OS and server > > > versions? > > > > > > Thank you, > > > Andrew > > > > > > > > > > > > > > > > > > > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users > > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users > > > > > > > > > > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users From marine64 at gmail.com Tue Jun 11 19:54:59 2013 From: marine64 at gmail.com (Brian Henson) Date: Tue, 11 Jun 2013 15:54:59 -0400 Subject: [Pki-users] (Fedora 17) PKI-RA fails to start after install In-Reply-To: <1512116132.17752056.1370969574575.JavaMail.root@redhat.com> References: <51B5FE26.5010600@redhat.com> <51B671B5.8090009@redhat.com> <1512116132.17752056.1370969574575.JavaMail.root@redhat.com> Message-ID: It shows up as a coolkey supported card. I will look at the logs and see if I can find anything. On Tue, Jun 11, 2013 at 12:52 PM, John Magne wrote: > First of all, that doesn't sound like it's one of the supported smart > cards. > That is no sure bet that it won't work though. > > Second, a look at the tps-debug.log for TPS would help. > > > > ----- Original Message ----- > > From: "Brian Henson" > > To: "Andrew Wnuk" > > Cc: pki-users at redhat.com > > Sent: Monday, June 10, 2013 7:10:04 PM > > Subject: Re: [Pki-users] (Fedora 17) PKI-RA fails to start after install > > > > Only error I am working with now is my test smart card (expresso pro 64k > > -fips) shows error 28 when I try to format it using the smart card > manager. > > Anyone know how to fix that? > > > > > > On Mon, Jun 10, 2013 at 9:55 PM, Brian Henson < marine64 at gmail.com > > wrote: > > > > > > > > Perfect. Changed the two files and it installed perfectly. Thank you for > your > > help. > > > > > > On Mon, Jun 10, 2013 at 8:39 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > > > > > > > > On 06/10/2013 12:56 PM, Brian Henson wrote: > > > > > > > > I have SELinux completely disabled. SHould I skip the semanage part? > > Yes, check the earlier comments. > > > > > > > > > > > > > > On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk < awnuk at redhat.com > > wrote: > > > > > > > > Hi Brian, > > > > it looks like you may have similar issue to > > https://bugzilla.redhat.com/show_bug.cgi?id=971031 > > Could you try solution provided in 971031? > > > > Thank you, > > Andrew > > > > > > On 06/09/2013 06:48 PM, Brian Henson wrote: > > > > > > > > Log file > > > > > > On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson < marine64 at gmail.com > > wrote: > > > > > > > > Changed the syntax checking now i get this when starting > > > > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic > link > > `pkiuser/logs': No such file or directory > > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > > 'pkiuser/logs' -> '/var/log/pki-tps'! > > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > 'pkiuser/run' > > does NOT exist! > > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create > > 'pkiuser/run' -> '/var/run/pki/tps' . . . > > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic > link > > `pkiuser/run': No such file or directory > > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > > 'pkiuser/run' -> '/var/run/pki/tps'! > > Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link > > 'pkiuser/conf' does NOT exist! > > Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create > > 'pkiuser/conf' -> '/etc/pki-tps' . . . > > Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic > link > > `pkiuser/conf': No such file or directory > > Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create > > 'pkiuser/conf' -> '/etc/pki-tps'! > > > > > > > > On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > > > > > > > > On 06/04/2013 02:57 PM, Andrew Wnuk wrote: > > > > > > On 06/03/2013 07:10 AM, Ade Lee wrote: > > > > > > Can you attach the logs under /var/log/pki-tps ? > > Also, check /var/log/messages to see if there are any messages there. > > > > Another thing you can try is to set selinux in permissive mode, and see > > if the server starts. > > > > Ade > > You could also try to disable syntax checking in your directory server. > > > https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic > > > > > > > > > > > > > > On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote: > > > > > > This is the only error i see in the TPS install log [2013-05-29 > > 03:37:20] [error] FAILED run_command("/bin/systemctl restart > > pki-tpsd at pki-tps.service "), exit status=1 output="Job failed. See > > system journal and 'systemctl status' for details." and the same > > error(minus service name on the other service) > > > > > > On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk < awnuk at redhat.com > wrote: > > On 05/31/2013 07:53 AM, Brian Henson wrote: > > > I don't mean to sound dumb but where is the logfiles? I am > > > using the wiki install page as a guide. > > Installation logs are under /var/log with names referring to > > subsystems like: pki-ca-install.log, pki-kra-install.log, > > pki-tks-install.log, pki-tks-install.log, . . . > > Each subsystem has its logs located under subsystem directory. > > For example > > * CA logs by default are located in /var/log/pki-ca > > * TPS logs by default are located in /var/log/pki-tps > > * . . . > > > > > > > > > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk > > > < awnuk at redhat.com > wrote: > > > > > > Is there anything in the log files pointing to your > > > failure? > > > If yes, could you provide these log entries? > > > > > > On 05/30/2013 11:34 AM, Brian Henson wrote: > > > > > > > Any Ideas on this? I need the TPS for the > > > > smartcard support. > > > > > > > > > > > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson > > > > < marine64 at gmail.com > wrote: > > > > Fedora 17 and dogtag 9 via yum > > > > > > > > On May 29, 2013 12:01 PM, "Andrew Wnuk" > > > > < awnuk at redhat.com > wrote: > > > > > > > > On 05/28/2013 09:46 PM, Brian > > > > Henson wrote: > > > > > > > > > Hello all, > > > > > > > > > > > > > > > When I try to configure the RA > > > > > subsystem after installing it I > > > > > get this error. > > > > > > > > > > > > > > > Installation information > > > > > recorded > > > > > in /var/log/pki-ra-install.log. > > > > > [debug] > > > > > run_command(/bin/systemctl > > > > > restart pki-rad at pki-ra.service ) > > > > > [error] FAILED > > > > > run_command("/bin/systemctl > > > > > restart > > > > > pki-rad at pki-ra.service "), exit > > > > > status=1 output="Job failed. See > > > > > system journal and 'systemctl > > > > > status' for details." > > > > > Before proceeding with the > > > > > configuration, make sure > > > > > the firewall settings of this > > > > > machine permit proper > > > > > access to this subsystem. > > > > > > > > > > > > > > > Please start the configuration > > > > > by accessing: > > > > > > > > > > > > > > > https:// > (someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr > > > > > > > > > > > > > > > After configuration, the server > > > > > can be operated by the command: > > > > > > > > > > > > > > > /bin/systemctl restart > > > > > pki-rad at pki-ra.service > > > > > > > > > > > > > > > > > > > > > > > > > Anyone know how to fix this? I > > > > > get it for the TPS module as > > > > > well. > > > > > > > > > > > > > > > Thanks > > > > > > > > > > > > > > > Brian Henson > > > > > > > > > > > > > > > > > > Brian, > > > > > > > > Could you provide OS and server > > > > versions? > > > > > > > > Thank you, > > > > Andrew > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > Pki-users mailing list > > Pki-users at redhat.com > > https://www.redhat.com/mailman/listinfo/pki-users > > > > > > _______________________________________________ > > Pki-users mailing list > > Pki-users at redhat.com > > https://www.redhat.com/mailman/listinfo/pki-users > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > Pki-users mailing list > > Pki-users at redhat.com > > https://www.redhat.com/mailman/listinfo/pki-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From relst at relst.nl Wed Jun 12 08:06:11 2013 From: relst at relst.nl (Remy van Elst) Date: Wed, 12 Jun 2013 10:06:11 +0200 Subject: [Pki-users] Recover Dogtag PKIConsole PIN Message-ID: Hello, I've got a testing setup with Dogtag 1.3 running, but it has been doing nothing for about half a year now. I wanted to continue experimenting with it, but found out I forgot the PIN for the admin user of PKI Console. Can I recover this? I can enter the web services because my P12 is still valid, and I can also directly search the LDAP. A few queries for PIN and password to the LDAP did not help. Any tips?