From pr at postmet.com Fri Aug 9 09:17:49 2019 From: pr at postmet.com (Pavel Ryabikh) Date: Fri, 09 Aug 2019 12:17:49 +0300 Subject: [Pki-users] Notifications Message-ID: <9a5f93caf02d47bc439eb1c394e6031ad6298ca6.camel@postmet.com> Hello, dear DogTag users How can I manage system notifications, i.e. New request notifications etc. ? I cannot find any settings and documentation section is empty: https://www.dogtagpki.org/wiki/CA_Admin_Tasks#Using_Automated_Notifications -- Pavel Ryabih PostMet Corporation http://www.postmet.com Call to sip:pr at postmet.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6468 bytes Desc: not available URL: From tjaalton at ubuntu.com Fri Aug 9 09:39:59 2019 From: tjaalton at ubuntu.com (Timo Aaltonen) Date: Fri, 9 Aug 2019 12:39:59 +0300 Subject: [Pki-users] 10.7.x fails to run tests Message-ID: <28c2c7a2-54da-1120-2641-d246cfa6879f@ubuntu.com> building on Debian I get a failure on "Running JUnit test-pki-util" cd dogtag-pki.git/build/core/base/util/test && mkdir -p reports cd dogtag-pki.git/build/core/base/util/test && /usr/lib/jvm/java-8-openjdk-amd64/bin/java -Djunit.reports.dir=reports -classpath :/usr/share/java/slf4j-api.jar:/usr/share/java/slf4j-jdk14.jar:dogtag-pki.git/build/core/dist/pki-nsutil.jar:dogtag-pki.git/build/core/dist/pki-cmsutil.jar:/usr/share/java/jss4.jar:/usr/share/java/ldapjdk.jar:/usr/share/java/commons-codec.jar:/usr/share/java/hamcrest-core.jar:/usr/share/java/junit4.jar:/home/tjaalton/src/pkg-freeipa/dogtag-pki.git/build/core/test/classes com.netscape.test.TestRunner com.netscape.cmsutil.crypto.KeyIDCodecTest com.netscape.security.util.BMPStringTest com.netscape.security.util.IA5StringTest com.netscape.security.util.PrintableStringTest com.netscape.security.util.TeletexStringTest com.netscape.security.util.UniversalStringTest com.netscape.security.util.UTF8StringTest com.netscape.security.x509.GenericValueConverterTest com.netscape.security.x509.IA5StringConverterTest com.netscape.security.x509.PrintableConverterTest TestRunner: Test FAILED and then an example from the results: java.lang.NoSuchMethodError: java.nio.ByteBuffer.mark()Ljava/nio/ByteBuffer; at com.netscape.security.x509.PrintableConverterTest.testControlCharacters(PrintableConverterTest.java:73) how to fix that? -- t From dmoluguw at redhat.com Fri Aug 9 18:39:44 2019 From: dmoluguw at redhat.com (Dinesh Prasanth Moluguwan Krishnamoorthy) Date: Fri, 09 Aug 2019 14:39:44 -0400 Subject: [Pki-users] New Release: PKI 10.7.3 is available for testing Message-ID: <7e213b5e7d68849a4a6e6e4f449c635bf4030bbd.camel@redhat.com> Hello everyone! We, the PKI Team, are happy to announce a new release for Dogtag PKI (and its deps) and is ready for some testing. Fedora 30 builds: https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c32c4775a Fedora 29 builds: https://bodhi.fedoraproject.org/updates/FEDORA-2019-9a306c181a Fedora Rawhide builds are available in Koji stable repo. PKI 10.7.3 source is now available upstream: https://github.com/dogtagpki/pki/releases/tag/v10.7.3 We'd be glad to hear feedback on the new release and will help us to push it to stable, quicker. Regards, --Dinesh -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part URL: From cfu at redhat.com Mon Aug 12 15:59:03 2019 From: cfu at redhat.com (Christina Fu) Date: Mon, 12 Aug 2019 08:59:03 -0700 Subject: [Pki-users] Notifications In-Reply-To: <9a5f93caf02d47bc439eb1c394e6031ad6298ca6.camel@postmet.com> References: <9a5f93caf02d47bc439eb1c394e6031ad6298ca6.camel@postmet.com> Message-ID: Hi, Would this help? https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html-single/administration_guide/index#Automated_Notifications regards, Christina On Fri, Aug 9, 2019 at 2:18 AM Pavel Ryabikh wrote: > Hello, dear DogTag users > > How can I manage system notifications, i.e. New request notifications > etc. ? > > I cannot find any settings and documentation section is empty: > https://www.dogtagpki.org/wiki/CA_Admin_Tasks#Using_Automated_Notifications > > > > -- > Pavel Ryabih > > PostMet Corporation > http://www.postmet.com > > Call to sip:pr at postmet.com > _______________________________________________ > Pki-users mailing list > Pki-users at redhat.com > https://www.redhat.com/mailman/listinfo/pki-users -------------- next part -------------- An HTML attachment was scrubbed... URL: From pr at postmet.com Mon Aug 19 13:26:34 2019 From: pr at postmet.com (Pavel Ryabikh) Date: Mon, 19 Aug 2019 16:26:34 +0300 Subject: [Pki-users] Installation failed: import_pkcs7 Message-ID: <12090714d87513f7dd718e18ae10ca3e2a591f09.camel@postmet.com> Hello dear Dogtag PKI users! I am trying to install the system already for some days - it fails: There is a description: [root at ca ~]# pkispawn -f ca-external-step2.cfg -s CA Installation log: /var/log/pki/pki-ca-spawn.20190819144510.log Loading deployment configuration from ca-external-step2.cfg. Installing CA into /var/lib/pki/pki-tomcat. ParsingException: IOException: Sequence tag error 9 ERROR : pkispawn CalledProcessError: Command '['pki', '-d', '/var/lib/pki/pki-tomcat/alias', 'pkcs7-cert-export', '--pkcs7-file', '/tmp/tmpgx3puk6p/cert_chain.p7b', '--output-prefix', '/tmp/tmptc7rw5h0/cert', '--output-suffix', '.crt']' returned non-zero exit status 255. File "/usr/lib/python3.7/site-packages/pki/server/pkispawn.py", line 546, in main scriptlet.spawn(deployer) File "/usr/lib/python3.7/site- packages/pki/server/deployment/scriptlets/configuration.py", line 643, in spawn self.import_system_certs(deployer, nssdb, subsystem) File "/usr/lib/python3.7/site- packages/pki/server/deployment/scriptlets/configuration.py", line 199, in import_system_certs self.import_system_cert(deployer, nssdb, subsystem, 'signing', 'CT,C,C') File "/usr/lib/python3.7/site- packages/pki/server/deployment/scriptlets/configuration.py", line 144, in import_system_cert trust_attributes=trust_attributes) File "/usr/lib/python3.7/site-packages/pki/nssdb.py", line 1295, in import_cert_chain trust_attributes=trust_attributes) File "/usr/lib/python3.7/site-packages/pki/nssdb.py", line 1327, in import_pkcs7 subprocess.check_call(cmd) File "/usr/lib64/python3.7/subprocess.py", line 347, in check_call raise CalledProcessError(retcode, cmd) Installation failed: Command failed: pki -d /var/lib/pki/pki- tomcat/alias pkcs7-cert-export --pkcs7-file /tmp/tmpgx3puk6p/cert_chain.p7b --output-prefix /tmp/tmptc7rw5h0/cert --output-suffix .crt Please check pkispawn logs in /var/log/pki/pki-ca- spawn.20190819144510.log And these are configs: STEP1: [DEFAULT] pki_server_database_password=121212 [CA] pki_admin_email=admin at postmet.com pki_admin_name=caadmin pki_admin_nickname=caadmin pki_admin_password=121212 pki_admin_uid=caadmin pki_client_database_password=121212 pki_client_database_purge=False pki_client_pkcs12_password=121212 pki_ds_base_dn=dc=ca,dc=lvm,dc=postmet,dc=com pki_ds_database=ca pki_ds_password=121212 pki_security_domain_name=lvm.postmet.com Security Domain pki_ca_signing_nickname=ca_signing pki_ocsp_signing_nickname=ca_ocsp_signing pki_audit_signing_nickname=ca_audit_signing pki_sslserver_nickname=sslserver pki_subsystem_nickname=subsystem pki_external=True pki_external_step_two=False pki_ca_signing_csr_path=ca_signing.csr STEP2: [DEFAULT] pki_instance_name = pki-tomcat pki_admin_password = 121212 pki_backup_password = 121212 pki_client_database_password = 121212 pki_client_pin = 121212 pki_client_pkcs12_password = 121212 pki_clone_pkcs12_password = 121212 pki_ds_password = 121212 pki_external_pkcs12_password = 121212 pki_pkcs12_password = 121212 pki_replication_password = 121212 pki_security_domain_password = 121212 pki_server_database_password = 121212 pki_server_pkcs12_password = 121212 pki_token_password = 121212 [CA] pki_admin_email=admin at postmet.com pki_admin_name=caadmin pki_admin_nickname=caadmin pki_admin_password=121212 pki_admin_uid=caadmin pki_client_database_password=121212 pki_client_database_purge=False pki_client_pkcs12_password=121212 pki_ds_base_dn=dc=ca,dc=lvm,dc=postmet,dc=com pki_ds_database=ca pki_ds_password=121212 pki_security_domain_name=lvm.postmet.com Security Domain pki_ca_signing_nickname=ca_signing pki_ocsp_signing_nickname=ca_ocsp_signing pki_audit_signing_nickname=ca_audit_signing pki_sslserver_nickname=sslserver pki_subsystem_nickname=subsystem pki_external=True pki_external_step_two=True pki_ca_signing_csr_path=ca_signing.csr pki_ca_signing_cert_path=ca_signing.crt pki_cert_chain_nickname=external pki_cert_chain_path=cert_chain.p7b pki_import_admin_cert = False pki_client_admin_cert = ca_admin.cert pki_admin_subject_dn=cn=PKI Administrator,o=%(pki_security_domain_name)s Please help -- Pavel Ryabih PostMet Corporation http://www.postmet.com Call to sip:pr at postmet.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6468 bytes Desc: not available URL: From dmoluguw at redhat.com Thu Aug 22 16:54:45 2019 From: dmoluguw at redhat.com (Dinesh Prasanth Moluguwan Krishnamoorthy) Date: Thu, 22 Aug 2019 12:54:45 -0400 Subject: [Pki-users] 10.7.x fails to run tests In-Reply-To: <28c2c7a2-54da-1120-2641-d246cfa6879f@ubuntu.com> References: <28c2c7a2-54da-1120-2641-d246cfa6879f@ubuntu.com> Message-ID: Hi Timo, This is because, these tests have been moved [1] into JSS [2]. You will need to install jss >=4.6.0 in order to pickup these tests. [1] https://github.com/dogtagpki/pki/pull/237/files#diff-ff19d2165756efe40fdc00e6573d5f3e [2] https://github.com/dogtagpki/jss/commit/c08fb6fff7ce34b534f5e052250aecc9b9792851#diff-cf105ed1db067bf858a4215f2d24bcfb Regards, --Dinesh On Fri, 2019-08-09 at 12:39 +0300, Timo Aaltonen wrote: > building on Debian I get a failure on "Running JUnit test-pki-util" > > cd dogtag-pki.git/build/core/base/util/test && mkdir -p reports > cd dogtag-pki.git/build/core/base/util/test && > /usr/lib/jvm/java-8-openjdk-amd64/bin/java > -Djunit.reports.dir=reports > -classpath > :/usr/share/java/slf4j-api.jar:/usr/share/java/slf4j- > jdk14.jar:dogtag-pki.git/build/core/dist/pki-nsutil.jar:dogtag- > pki.git/build/core/dist/pki- > cmsutil.jar:/usr/share/java/jss4.jar:/usr/share/java/ldapjdk.jar:/usr > /share/java/commons-codec.jar:/usr/share/java/hamcrest- > core.jar:/usr/share/java/junit4.jar:/home/tjaalton/src/pkg- > freeipa/dogtag-pki.git/build/core/test/classes > com.netscape.test.TestRunner > com.netscape.cmsutil.crypto.KeyIDCodecTest > com.netscape.security.util.BMPStringTest > com.netscape.security.util.IA5StringTest > com.netscape.security.util.PrintableStringTest > com.netscape.security.util.TeletexStringTest > com.netscape.security.util.UniversalStringTest > com.netscape.security.util.UTF8StringTest > com.netscape.security.x509.GenericValueConverterTest > com.netscape.security.x509.IA5StringConverterTest > com.netscape.security.x509.PrintableConverterTest > TestRunner: Test FAILED > > and then an example from the results: > > classname="com.netscape.security.x509.PrintableConverterTest" > name="testControlCharacters" time="0.001"> > type="java.lang.NoSuchMethodError">java.lang.NoSuchMethodError: > java.nio.ByteBuffer.mark()Ljava/nio/ByteBuffer; > at > com.netscape.security.x509.PrintableConverterTest.testControlCharacte > rs(PrintableConverterTest.java:73) > > > how to fix that? > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part URL: From tjaalton at ubuntu.com Thu Aug 22 18:23:50 2019 From: tjaalton at ubuntu.com (Timo Aaltonen) Date: Thu, 22 Aug 2019 21:23:50 +0300 Subject: [Pki-users] 10.7.x fails to run tests In-Reply-To: References: <28c2c7a2-54da-1120-2641-d246cfa6879f@ubuntu.com> Message-ID: On 22.8.2019 19.54, Dinesh Prasanth Moluguwan Krishnamoorthy wrote: > Hi Timo, > > This is because, these tests have been moved [1] into JSS [2]. > > You will need to install jss >=4.6.0 in order to pickup these tests. > > [1] > https://github.com/dogtagpki/pki/pull/237/files#diff-ff19d2165756efe40fdc00e6573d5f3e > > [2] > https://github.com/dogtagpki/jss/commit/c08fb6fff7ce34b534f5e052250aecc9b9792851#diff-cf105ed1db067bf858a4215f2d24bcfb Yes, #237 was the result of my email and the following discussion on irc. -- t -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: