[Pki-users] Use Dogtag with external Root CA - CS.cfg is missing

[Moritz Wirth]

Hello,

 

I installed Dogtag and tried to create a new PKI Instance for the intermediate CA. I used this tutorial (http://pki.fedoraproject.org/wiki/Installing_CA_with_Externaly-Signed_CA_Certificate)

with the same configuration file (I changed the passwords and the ldap/ds configuration). The Root CA is stored offline and not managed through Dogtag. 

 

I ran pkispawn which failed with the following error: 

 

[root at ca ~]# pkispawn -f flanga-ssl-g1.conf

Subsystem (CA/KRA/OCSP/TKS/TPS) [CA]: CA

 

Begin installation (Yes/No/Quit)? yes

 

Log file: /var/log/pki/pki-ca-spawn.20170507183908.log

Loading deployment configuration from flanga-ssl-g1.conf.

pkispawn    : ERROR    ....... File '/etc/pki/pki-tomcat/ca/CS.cfg' is either missing or is NOT a regular file!

Traceback (most recent call last):

  File "/usr/sbin/pkispawn", line 817, in <module>

    main(sys.argv)

  File "/usr/sbin/pkispawn", line 501, in main

    create_master_dictionary(parser)

  File "/usr/sbin/pkispawn", line 641, in create_master_dictionary

    parser.compose_pki_master_dictionary()

  File "/usr/lib/python2.7/site-packages/pki/server/deployment/pkiparser.py", line 690, in compose_pki_master_dictionary

    raise Exception(log.PKI_FILE_MISSING_OR_NOT_A_FILE_1)

Exception: File '%s' is either missing or is NOT a regular file!

 

I did not create another Dogtag instance before.

 

Thank you for the help!

 

Best regards,

 

Moritz

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20170507/a1746068/attachment.htm>