[Pki-users] DogTag ca denied (inside IPA)
Kat
uncommonkat at gmail.com
Mon Feb 25 14:33:33 UTC 2019
Hi all - new to list. I can't find the answer on the IPA mailing list
and I really thing this is directly related to DogTag anyway.
Trying to debug a key being denied. Here is a little snippet of log.
Where can I find WHY it is getting denied - or is there some additional
debug I can turn on to find it? See the last one? This is driving me
crazy - if anyone can point me to debug settings or anything to help me
diagnose?
2019-02-09 16:12:56 - SimpleCredsAuth-[auth:simple] - PASS: '30015'
authenticated as '48, 48'
2019-02-09 16:12:56 - SimpleHeaderAuth-[auth:header] - PASS: '30015'
authenticated as '(null)'
2019-02-09 16:12:56 - IPAKEMKeys-[authz:kemkeys] - PASS: '30015'
authorized for '/keys'
2019-02-09 16:12:57 - Secrets-[/keys] - ALLOWED:
'(null)' requested key 'ca/subsystemCert cert-pki-ca'
2019-02-09 16:14:53 - SimpleCredsAuth-[auth:simple] - PASS: '30015'
authenticated as '48, 48'
2019-02-09 16:14:53 - SimpleHeaderAuth-[auth:header] - PASS: '30015'
authenticated as '(null)'
2019-02-09 16:14:53 - IPAKEMKeys-[authz:kemkeys] - PASS: '30015'
authorized for '/keys'
2019-02-09 16:14:53 - Secrets-[/keys] - ALLOWED:
'(null)' requested key 'ra/ipaCert'
2019-02-09 16:17:34 - SimpleCredsAuth-[auth:simple] - PASS: '24826'
authenticated as '48, 48'
2019-02-09 16:17:34 - SimpleHeaderAuth-[auth:header] - PASS: '24826'
authenticated as '(null)'
2019-02-09 16:17:34 - IPAKEMKeys-[authz:kemkeys] - PASS: '24826'
authorized for '/keys'
2019-02-09 16:17:34 - Secrets-[/keys] - ALLOWED:
'(null)' requested key 'dm/DMHash'
*2019-02-25 09:21:47 - SimpleCredsAuth-[auth:simple] - PASS: '5570'
authenticated as '48, 48'**
**2019-02-25 09:21:47 - SimpleHeaderAuth-[auth:header] - PASS: '5570'
authenticated as '(null)'**
**2019-02-25 09:21:47 - IPAKEMKeys-[authz:kemkeys] - PASS: '5570'
authorized for '/keys'**
**2019-02-25 09:21:47 - Secrets-[/keys] - DENIED:
'(null)' requested key 'ca/caSigningCert cert-pki-ca'*
-K
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20190225/74cdf034/attachment.htm>
More information about the Pki-users
mailing list