[Pki-users] getting NEED_TO_NOTIFY_ISSUED_SAVE_FAILED with dogtag-submit
Steve Neuharth
steve at sylvation.com
Sat Apr 4 18:53:04 UTC 2015
Hello,
I'm using the following configuration with certmonger:
*id=Dogtagca_aka=Dogtag (certmonger
0.76.8)ca_is_default=0ca_type=EXTERNALca_external_helper=/usr/libexec/certmonger/dogtag-submit
-E https://dogtag.test.org:8443/ca/ee/ca
<https://dogtag.test.org:8443/ca/ee/ca> -A
https://dogtag.test.org:8443/ca/agent/ca
<https://dogtag.test.org:8443/ca/agent/ca> -i /root/ca.crt*
I'm able to submit a request like this:
*getcert request -k /tmp/getcert.key -f /tmp/getcert.crt -c Dogtag -D
foo.bar.org <http://foo.bar.org>*
but after I refresh the cert requests, it's in
NEED_TO_NOTIFY_ISSUED_SAVE_FAILED status and occasionally shows
START_SAVING_CERT status.
*Request ID '20150403093236': status:
NEED_TO_NOTIFY_ISSUED_SAVE_FAILED stuck: no key pair storage:
type=FILE,location='/tmp/getcert.key' certificate:
type=FILE,location='/tmp/getcert.crt' CA: Dogtag
issuer: subject: expires: unknown pre-save
command: post-save command: track: yes auto-renew: yes*
selinux is set to 'permissive' and the perms on /tmp are 777. I cant thonk
of any other reason it would fail to save the cert.
--steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20150404/b0a4b33e/attachment.htm>
More information about the Pki-users
mailing list