[Pki-users] sscep enroll error
Dinesh Prasanth Moluguwan Krishnamoorthy
dmoluguw at redhat.com
Mon Sep 16 14:33:37 UTC 2019
Pavel,
The error you posted seems to be more of a issue with jar
files/classpaths rather than a bug in SCEP itself.
As mentioned before, it is best to try the officially released pki-
core-10.7.3-3 rather than building from master (which might have some
bugs).
If you face the same issue with 10.7.3-3, I'd suggest you to file a bug
against pki-core in https://bugzilla.redhat.com/ with required logs and
we'd be able to investigate deeper.
Regards,
--Dinesh
On Mon, 2019-09-16 at 09:11 +0300, Pavel Ryabikh wrote:
> Dear, Krishnamoorthy,
>
> We are using Fedora 30 (Fedora 29 was a mistake, sorry):
>
> $ cat /etc/os-release
> NAME=Fedora
> VERSION="30 (Server Edition)"
> ID=fedora
> VERSION_ID=30
> VERSION_CODENAME=""
> PLATFORM_ID="platform:f30"
> PRETTY_NAME="Fedora 30 (Server Edition)"
> ANSI_COLOR="0;34"
> LOGO=fedora-logo-icon
> CPE_NAME="cpe:/o:fedoraproject:fedora:30"
> HOME_URL="https://fedoraproject.org/"
> DOCUMENTATION_URL="
> https://docs.fedoraproject.org/en-US/fedora/f30/system-administrators-guide/
> "
> SUPPORT_URL="
> https://fedoraproject.org/wiki/Communicating_and_getting_help"
> BUG_REPORT_URL="https://bugzilla.redhat.com/"
> REDHAT_BUGZILLA_PRODUCT="Fedora"
> REDHAT_BUGZILLA_PRODUCT_VERSION=30
> REDHAT_SUPPORT_PRODUCT="Fedora"
> REDHAT_SUPPORT_PRODUCT_VERSION=30
> PRIVACY_POLICY_URL="
> https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
> VARIANT="Server Edition"
> VARIANT_ID=server
>
> and "pki-server-10.8.0-0.1.fc30.noarch"
>
> What can be a reason of SCEP bug?
> Can it be fixed?
> How could we use SCEP in this conditions?
> Can you at least point a direction to fix it? or it is hopeless to
> make
> SCEP work?
>
>
> On Fri, 2019-09-13 at 15:14 -0400, Dinesh Prasanth Moluguwan
> Krishnamoorthy wrote:
> > On Wed, 2019-09-11 at 09:20 +0300, Pavel Ryabikh wrote:
> > > This is the result of "rpm -qa | grep pki":
> > >
> > > pki-tools-10.8.0-0.1.fc30.x86_64
> > > pki-javadoc-10.8.0-0.1.fc30.noarch
> > > python3-pki-10.8.0-0.1.fc30.noarch
> > > pki-ca-10.8.0-0.1.fc30.noarch
> > > dogtag-pki-console-theme-10.8.0-0.1.fc30.noarch
> > > pki-server-10.8.0-0.1.fc30.noarch
> > > pki-tks-10.8.0-0.1.fc30.noarch
> > > dogtag-pki-10.8.0-0.1.fc30.x86_64
> > > pki-base-java-10.8.0-0.1.fc30.noarch
> > > pki-symkey-10.8.0-0.1.fc30.x86_64
> > > pki-ocsp-10.8.0-0.1.fc30.noarch
> > > dogtag-pki-server-theme-10.8.0-0.1.fc30.noarch
> > > pki-base-10.8.0-0.1.fc30.noarch
> > > pki-kra-10.8.0-0.1.fc30.noarch
> > > pki-console-10.8.0-0.1.fc30.noarch
> > > pki-tps-10.8.0-0.1.fc30.x86_64
> > >
> > > Does it help to fix the problem ?
> > Pavel,
> >
> > No, it does not. But, helps to identify the issue.
> >
> > As per your original email, you are using Fedora 29 system. But,
> > the
> > packages installed seem to be built on **Fedora 30**. We don't
> > support
> > installing Fedora 30 packages on Fedora 29.
> >
> > Also, I see that you are using PKI 10.8.0 version. We haven't
> > officially released it on Fedora. The latest official release is
> > pki-
> > core-10.7.3-3
> >
> > Regards,
> > --Dinesh
> >
> > > On Tue, 2019-09-10 at 12:16 -0400, Dinesh Prasanth Moluguwan
> > > Krishnamoorthy wrote:
> > > > Hi Pavel,
> > > >
> > > > There was a recent merger of pki-cmscore.jar into pki-cms.jar
> > > > [1].
> > > > As
> > > > a
> > > > consequence,
> > > > `com.netscape.cms.servlet.cert.scep.ChallengePassword`
> > > > was
> > > > also affected. I suspect there is some mismatch in the
> > > > installed
> > > > version of the packages.
> > > >
> > > > Can you post the result of:
> > > >
> > > > `rpm -qa | grep pki` ?
> > > >
> > > > [1]
> > > > https://github.com/dogtagpki/pki/commits/master/base/server/src/com/netscape/cms/servlet/cert/scep/ChallengePassword.java
> > > >
> > > > Regards,
> > > > --Dinesh
> > > >
> > > > On Mon, 2019-09-09 at 10:32 +0300, Pavel Ryabikh wrote:
> > > > > Hello dear PKI-users!
> > > > >
> > > > > Our pki system version is:
> > > > > Fedora 29.
> > > > > pki-server-10.8.0-0.1.fc30.noarch
> > > > >
> > > > > We are configured SCEP following:
> > > > > https://www.dogtagpki.org/wiki/SCEP_Setup
> > > > >
> > > > > CS.cfg:
> > > > > ...
> > > > > ca.scep.allowedEncryptionAlgorithms=DES,DES3
> > > > > ca.scep.allowedHashAlgorithms=MD5,SHA1,SHA256,SHA512
> > > > > ca.scep.enable=true
> > > > > ca.scep.encryptionAlgorithm=DES
> > > > > ca.scep.hashAlgorithm=MD5
> > > > > ca.scep.nonceSizeLimit=16
> > > > > ...
> > > > >
> > > > > we also
> > > > > - installed SSCEP client
> > > > > - generated CA certificate
> > > > > $ sscep getca -u http://$HOSTNAME:8080/ca/cgi-
> > > > > bin/pkiclient.exe
> > > > > -c
> > > > > ca.crt
> > > > > it is checked by
> > > > > $ openssl x509 -in ca.crt -text
> > > > > and it is correct
> > > > > - generated CSR request and a key
> > > > > $ /usr/bin/mkrequest -ip 172.16.24.238 Uojs93wkfd0IS
> > > > >
> > > > > and when trying to test enroll we are getting the followng
> > > > > error:
> > > > > (Could not unwrap PKCS10 blob:
> > > > > java.security.cert.CertificateException:
> > > > > Error instantiating class for challenge_password
> > > > > java.lang.ClassNotFoundException):
> > > > >
> > > > > # sscep enroll -u http://$HOSTNAME:8080/ca/cgi-
> > > > > bin/pkiclient.exe
> > > > > -c
> > > > > ca.crt -k local.key -r local.csr -l cert.crt -d
> > > > >
> > > > > sscep: starting sscep, version 0.6.1
> > > > > sscep: new transaction
> > > > > sscep: transaction id: D41D8CD98F00B204E9800998ECF8427E
> > > > > sscep: hostname: ca.lvm.postmet.com
> > > > > sscep: directory: ca/cgi-bin/pkiclient.exe
> > > > > sscep: port: 8080
> > > > > sscep: Read request with transaction id:
> > > > > 9A6C3918C54DB994E7E951505983A181
> > > > > sscep: generating selfsigned certificate
> > > > > sscep: SCEP_OPERATION_ENROLL
> > > > > sscep: sending certificate request
> > > > > sscep: creating inner PKCS#7
> > > > > sscep: inner PKCS#7 in mem BIO
> > > > > sscep: request data dump
> > > > > -----BEGIN CERTIFICATE REQUEST-----
> > > > > MIIBmz..........GDEWMBQGA1UEAwwNMTcyLjE2LjI0LjIzODCBnzANBgkqh
> > > > > ki
> > > > > G
> > > > > 9w0BAQEFAAOBjQAwgYkCgYEAsfeobE3UTqt4Sd9vPnyG+ugzbW9uG1nXlm8Vv
> > > > > 39
> > > > > M
> > > > > ACJqfgxU6os8Kh6sElQcjXn5lNiy8L7VAX/Oqyp2SEcb4qAoIMCBMTLN7UzRH
> > > > > Ip
> > > > > Q
> > > > > Kr9c6oZIcvUc0mBWpDbv3jcqdTfF1MoIs2/qyAVPg2f5sZ42V1w8IDZ6TM3JZ
> > > > > K6
> > > > > /
> > > > > ckUCAwEAAaBDMBwGCSqGSIb3DQEJBzEPDA1Vb2pzOTN3a2ZkMElTMCMGCSqGS
> > > > > Ib
> > > > > 3
> > > > > DQEJDjEWMBQwEgYDVR0RAQH/BAgwBocErBAY7jANBgkqhkiG9w0BAQsFAAOBg
> > > > > QA
> > > > > 5
> > > > > URuLsrH0bKtBqrNiaPT1nMQ+fRAJ6Ckjfj/pQsyXO0Nll7blBdbErOtSzDR5y
> > > > > V9
> > > > > 1
> > > > > g6/oin5LPn/RwT1hATfjCniF4UVfotLnFjKQe7icsS82gl2FNT+pG1CjTAqxJ
> > > > > qZ
> > > > > O
> > > > > oBe+ZWzs4cx7wHerjk5u8baz79XFfkQyCdL6QRVlTA==
> > > > > -----END CERTIFICATE REQUEST-----
> > > > > sscep: data payload size: 415 bytes
> > > > >
> > > > > sscep: hexdump request payload
> > > > > 3082019b3082010402010030183116301406035504030c0d3137322e31362
> > > > > e3
> > > > > 23
> > > > > 42
> > > > > e3
> > > > > 23
> > > > > 33830819f300d06092a864886f70d010101050003818d0030818902818100
> > > > > b1
> > > > > f7
> > > > > a8
> > > > > 6c
> > > > > 4d
> > > > > d44eab7849df6f3e7c86fae8336d6f6e1b59d7966f15bf7f4c00226a7e0c5
> > > > > 4e
> > > > > a8
> > > > > b3
> > > > > c2
> > > > > a1
> > > > > eac12541c8d79f994d8b2f0bed5017fceab2a7648471be2a02820c0813132
> > > > > cd
> > > > > ed
> > > > > 4c
> > > > > d1
> > > > > 1c
> > > > > 8a502abf5cea864872f51cd26056a436efde372a7537c5d4ca08b36feac80
> > > > > 54
> > > > > f8
> > > > > 36
> > > > > 7f
> > > > > 9b
> > > > > 19e36575c3c20367a4ccdc964aebf72450203010001a043301c06092a8648
> > > > > 86
> > > > > f7
> > > > > 0d
> > > > > 01
> > > > > 09
> > > > > 07310f0c0d556f6a733933776b6664304953302306092a864886f70d01090
> > > > > e3
> > > > > 11
> > > > > 63
> > > > > 01
> > > > > 43
> > > > > 0120603551d110101ff040830068704ac1018ee300d06092a864886f70d01
> > > > > 01
> > > > > 0b
> > > > > 05
> > > > > 00
> > > > > 03
> > > > > 81810039511b8bb2b1f46cab41aab36268f4f59cc43e7d1009e829237e3fe
> > > > > 94
> > > > > 2c
> > > > > c9
> > > > > 73
> > > > > b4
> > > > > 36597b6e505d6c4aceb52cc3479c95f7583afe88a7e4b3e7fd1c13d610137
> > > > > e3
> > > > > 0a
> > > > > 78
> > > > > 85
> > > > > e1
> > > > > 455fa2d2e71632907bb89cb12f36825d85353fa91b50a34c0ab126a64ea01
> > > > > 7b
> > > > > e6
> > > > > 56
> > > > > ce
> > > > > ce
> > > > > 1cc7bc077ab8e4e6ef1b6b3efd5c57e443209d2fa4115654c
> > > > > sscep: hexdump payload 415
> > > > > sscep: successfully encrypted payload
> > > > > sscep: envelope size: 956 bytes
> > > > > sscep: printing PEM fomatted PKCS#7
> > > > > -----BEGIN PKCS7-----
> > > > > MIIDu..........NAQcDoIIDqTCCA6UCAQAxggHYMIIB1AIBADCBuzCBpTELM
> > > > > Ak
> > > > > G
> > > > > A1UEBhMCU0MxGTAXBgNVBAgTEE1haGUsIFNleWNoZWxsZXMxHDAaBgNVBAoTE
> > > > > 1B
> > > > > v
> > > > > c3RNZXQgQ29ycG9yYXRpb24xGTAXBgNVBAsTEFNTTCBrZXkgZGl2aXNpb24xI
> > > > > DA
> > > > > e
> > > > > BgNVBAMTF1Bvc3RNZXQgUm9vdCBDQSBDbGFzcyAxMSAwHgYJKoZIhvcNAQkBF
> > > > > hF
> > > > > h
> > > > > ZG1pbkBwb3N0bWV0LmNvbQIRE0hlg2RXY0h1Y0doMWQ1h8EwDQYJKoZIhvcNA
> > > > > QE
> > > > > B
> > > > > BQAEggEAgHq5KowCLbOAX/E3YRrheGwmQqHHHCf2mPHEAx835nifRSd1pPbU9
> > > > > 58
> > > > > 7
> > > > > 8zOFihn+BY76caLss0eJyjTmh68mksh9Qzgc8sewyPWWgq2ilnE3eZtiiGpjf
> > > > > 6G
> > > > > j
> > > > > e7AN38gY4y6MU0NU04r/E16tcPAuP+/7mmrr+Lh4PYxSn/LkXFy9GOdnGaTma
> > > > > ph
> > > > > v
> > > > > L0qwxb1pS4OO765cumy5IFyJHAn3O5EyNJYuxNPuoXu8azxACKb19SVnEuay0
> > > > > Z2
> > > > > W
> > > > > L0/WCYMNpN6kdX/1KceTlg6Gu8oxqVwBvHUewLvn91Lyy8d+EgPMJOPTXRnZS
> > > > > C4
> > > > > 9
> > > > > U4AUes2yA9Idbt4ZLNNIktdsK6MhgjCCAcIGCSqGSIb3DQEHATARBgUrDgMCB
> > > > > wQ
> > > > > I
> > > > > +d5X8SPX45KAggGg1CRRmVhAwHcj2zE7uScsfMUzyDiuw3c7fdy3W653pYswY
> > > > > Ve
> > > > > l
> > > > > CpqQbK6chMv6ya1OCi3G1dMY3+M1sa21nc30tpAeF1MonFD9YSTuvTJVYHo5g
> > > > > Ao
> > > > > b
> > > > > mjnhNsYL+7H0VGWiRzmDNG+HzgUzQbrdk5vFd/4Wbc5UMTy++7PdXO8e+e300
> > > > > FT
> > > > > l
> > > > > iM96uijNS6QoZruM8vp2eNn1IymLwFv8xfwibJnzAz0SYXpbRJK9I+39g5rGA
> > > > > 1/
> > > > > s
> > > > > uTRAa7W2Bc4lp71ROdsHBH3aJDYkzcrffd9nGy+b5icnRZa2S6TJTOEQkWpQo
> > > > > s5
> > > > > k
> > > > > YQMi8+/3Chb8IBeH8HQ6/23PjjqIFVAHxj+pPlpiN4psx/10i9WAHzMBfUnod
> > > > > pP
> > > > > E
> > > > > +yqKLTFmo037A/LNEH4NorN9E/yPDsHVp3gwjMG60cLO9ipQHCMMjpCxQF4jw
> > > > > aT
> > > > > C
> > > > > 5W0fZd8uVZyayBXR0qLKBAhhtz6Y6k3zcXUBNjqKO1tyCUemndxLbuMPBMB1J
> > > > > Z7
> > > > > c
> > > > > Km7TipKk+LCMNBwVbLFIPCGQUchzGnJD+fzaQKLTca9fKieLpca8Ui/Ur8o=
> > > > > -----END PKCS7-----
> > > > > sscep: creating outer PKCS#7
> > > > > sscep: signature added successfully
> > > > > sscep: adding signed attributes
> > > > > sscep: adding string attribute transId
> > > > > sscep: adding string attribute messageType
> > > > > sscep: adding octet attribute senderNonce
> > > > > sscep: PKCS#7 data written successfully
> > > > > sscep: printing PEM fomatted PKCS#7
> > > > > -----BEGIN PKCS7-----
> > > > > MIIHc..........NAQcCoIIHYjCCB14CAQExDjAMBggqhkiG9w0CBQUAMIIDz
> > > > > wY
> > > > > J
> > > > > KoZIhvcNAQcBoIIDwASCA7wwggO4BgkqhkiG9w0BBwOgggOpMIIDpQIBADGCA
> > > > > dg
> > > > > w
> > > > > ggHUAgEAMIG7MIGlMQswCQYDVQQGEwJTQzEZMBcGA1UECBMQTWFoZSwgU2V5Y
> > > > > 2h
> > > > > l
> > > > > bGxlczEcMBoGA1UEChMTUG9zdE1ldCBDb3Jwb3JhdGlvbjEZMBcGA1UECxMQU
> > > > > 1N
> > > > > M
> > > > > IGtleSBkaXZpc2lvbjEgMB4GA1UEAxMXUG9zdE1ldCBSb290IENBIENsYXNzI
> > > > > DE
> > > > > x
> > > > > IDAeBgkqhkiG9w0BCQEWEWFkbWluQHBvc3RtZXQuY29tAhETSGWDZFdjSHVjR
> > > > > 2g
> > > > > x
> > > > > ZDWHwTANBgkqhkiG9w0BAQEFAASCAQCAerkqjAIts4Bf8TdhGuF4bCZCocccJ
> > > > > /a
> > > > > Y
> > > > > 8cQDHzfmeJ9FJ3Wk9tT3nzvzM4WKGf4FjvpxouyzR4nKNOaHryaSyH1DOBzyx
> > > > > 7D
> > > > > I
> > > > > 9ZaCraKWcTd5m2KIamN/oaN7sA3fyBjjLoxTQ1TTiv8TXq1w8C4/7/uaauv4u
> > > > > Hg
> > > > > 9
> > > > > jFKf8uRcXL0Y52cZpOZqmG8vSrDFvWlLg47vrly6bLkgXIkcCfc7kTI0li7E0
> > > > > +6
> > > > > h
> > > > > e7xrPEAIpvX1JWcS5rLRnZYvT9YJgw2k3qR1f/Upx5OWDoa7yjGpXAG8dR7Au
> > > > > +f
> > > > > 3
> > > > > UvLLx34SA8wk49NdGdlILj1TgBR6zbID0h1u3hks00iS12wroyGCMIIBwgYJK
> > > > > oZ
> > > > > I
> > > > > hvcNAQcBMBEGBSsOAwIHBAj53lfxI9fjkoCCAaDUJFGZWEDAdyPbMTu5Jyx8x
> > > > > TP
> > > > > I
> > > > > OK7Ddzt93LdbrnelizBhV6UKmpBsrpyEy/rJrU4KLcbV0xjf4zWxrbWdzfS2k
> > > > > B4
> > > > > X
> > > > > UyicUP1hJO69MlVgejmAChuaOeE2xgv7sfRUZaJHOYM0b4fOBTNBut2Tm8V3/
> > > > > hZ
> > > > > t
> > > > > zlQxPL77s91c7x757fTQVOWIz3q6KM1LpChmu4zy+nZ42fUjKYvAW/zF/CJsm
> > > > > fM
> > > > > D
> > > > > PRJheltEkr0j7f2DmsYDX+y5NEBrtbYFziWnvVE52wcEfdokNiTNyt9932cbL
> > > > > 5v
> > > > > m
> > > > > JydFlrZLpMlM4RCRalCizmRhAyLz7/cKFvwgF4fwdDr/bc+OOogVUAfGP6k+W
> > > > > mI
> > > > > 3
> > > > > imzH/XSL1YAfMwF9Seh2k8T7KootMWajTfsD8s0Qfg2is30T/I8OwdWneDCMw
> > > > > br
> > > > > R
> > > > > ws72KlAcIwyOkLFAXiPBpMLlbR9l3y5VnJrIFdHSosoECGG3PpjqTfNxdQE2O
> > > > > oo
> > > > > 7
> > > > > W3IJR6ad3Etu4w8EwHUlntwqbtOKkqT4sIw0HBVssUg8IZBRyHMackP5/NpAo
> > > > > tN
> > > > > x
> > > > > r18qJ4ulxrxSL9SvyqCCAccwggHDMIIBLKADAgECAiA5QTZDMzkxOEM1NERCO
> > > > > Tk
> > > > > 0
> > > > > RTdFOTUxNTA1OTgzQTE4MTANBgkqhkiG9w0BAQQFADAYMRYwFAYDVQQDDA0xN
> > > > > zI
> > > > > u
> > > > > MTYuMjQuMjM4MB4XDTE5MDkwOTA3MTIzMloXDTE5MDkxNTA5MTIzMlowGDEWM
> > > > > BQ
> > > > > G
> > > > > A1UEAwwNMTcyLjE2LjI0LjIzODCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCg
> > > > > YE
> > > > > A
> > > > > sfeobE3UTqt4Sd9vPnyG+ugzbW9uG1nXlm8Vv39MACJqfgxU6os8Kh6sElQcj
> > > > > Xn
> > > > > 5
> > > > > lNiy8L7VAX/Oqyp2SEcb4qAoIMCBMTLN7UzRHIpQKr9c6oZIcvUc0mBWpDbv3
> > > > > jc
> > > > > q
> > > > > dTfF1MoIs2/qyAVPg2f5sZ42V1w8IDZ6TM3JZK6/ckUCAwEAATANBgkqhkiG9
> > > > > w0
> > > > > B
> > > > > AQQFAAOBgQATop2OWQJzY3Axds0+9PGPAc0xGtlUQ462teCwgkm6bbrBr7eYh
> > > > > Qe
> > > > > L
> > > > > gsT07aesE+37wrtOfmXBucDrdextS6OxW3g5KzC8Gp1yPXHglt8nUUESy9ooF
> > > > > 49
> > > > > 0
> > > > > TZDBIIQ5yBbMk+AYy0IOWQURlNcc8RJ5LmJXnbq4G/etkLGGyELXxDGCAakwg
> > > > > gG
> > > > > l
> > > > > AgEBMDwwGDEWMBQGA1UEAwwNMTcyLjE2LjI0LjIzOAIgOUE2QzM5MThDNTREQ
> > > > > jk
> > > > > 5
> > > > > NEU3RTk1MTUwNTk4M0ExODEwDAYIKoZIhvcNAgUFAKCBwTASBgpghkgBhvhFA
> > > > > Qk
> > > > > C
> > > > > MQQTAjE5MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFM
> > > > > Q8
> > > > > X
> > > > > DTE5MDkwOTA3MTIzMlowHwYJKoZIhvcNAQkEMRIEEMhY6izfmIjbrJo0kGbUb
> > > > > bQ
> > > > > w
> > > > > IAYKYIZIAYb4RQEJBTESBBDpm5bmNyqQpJbJXX9leZwfMDAGCmCGSAGG+EUBC
> > > > > Qc
> > > > > x
> > > > > IhMgOUE2QzM5MThDNTREQjk5NEU3RTk1MTUwNTk4M0ExODEwDQYJKoZIhvcNA
> > > > > QE
> > > > > B
> > > > > BQAEgYBThSGDFq9BdXNiOmDxxgw03eEEpxHKTn5jwdHnHxR5nLq2IKmVicyAd
> > > > > yu
> > > > > u
> > > > > Ax/ohg2CAU8+g+k914OzYWMh611mmKu5UyliRmq5LofTgXxzF3duW6aeRkMWx
> > > > > pD
> > > > > b
> > > > > zMp1TGXlKryeo1uPpZ5xZ0GGPqbkhsFlgCc2mhn35B7M2bD4jg==
> > > > > -----END PKCS7-----
> > > > > sscep: applying base64 encoding
> > > > > sscep: base64 encoded payload size: 2588 bytes
> > > > > sscep: scep msg: GET /ca/cgi-
> > > > > bin/pkiclient.exe?operation=PKIOperation&message=MIIHc.......
> > > > > ..
> > > > > .N
> > > > > AQ
> > > > > cC
> > > > > oI
> > > > > IHYjCCB14CAQExDjAMBggqhkiG9w0CBQUAMIIDzwYJ%0AKoZIhvcNAQcBoIID
> > > > > wA
> > > > > SC
> > > > > A7
> > > > > ww
> > > > > gg
> > > > > O4BgkqhkiG9w0BBwOgggOpMIIDpQIBADGCAdgw%0AggHUAgEAMIG7MIGlMQsw
> > > > > CQ
> > > > > YD
> > > > > VQ
> > > > > QG
> > > > > Ew
> > > > > JTQzEZMBcGA1UECBMQTWFoZSwgU2V5Y2hl%0AbGxlczEcMBoGA1UEChMTUG9z
> > > > > dE
> > > > > 1l
> > > > > dC
> > > > > BD
> > > > > b3
> > > > > Jwb3JhdGlvbjEZMBcGA1UECxMQU1NM%0AIGtleSBkaXZpc2lvbjEgMB4GA1UE
> > > > > Ax
> > > > > MX
> > > > > UG
> > > > > 9z
> > > > > dE
> > > > > 1ldCBSb290IENBIENsYXNzIDEx%0AIDAeBgkqhkiG9w0BCQEWEWFkbWluQHBv
> > > > > c3
> > > > > Rt
> > > > > ZX
> > > > > Qu
> > > > > Y2
> > > > > 9tAhETSGWDZFdjSHVjR2gx%0AZDWHwTANBgkqhkiG9w0BAQEFAASCAQCAerkq
> > > > > jA
> > > > > It
> > > > > s4
> > > > > Bf
> > > > > 8T
> > > > > dhGuF4bCZCocccJ/aY%0A8cQDHzfmeJ9FJ3Wk9tT3nzvzM4WKGf4Fjvpxouyz
> > > > > R4
> > > > > nK
> > > > > NO
> > > > > aH
> > > > > ry
> > > > > aSyH1DOBzyx7DI%0A9ZaCraKWcTd5m2KIamN/oaN7sA3fyBjjLoxTQ1TTiv8T
> > > > > Xq
> > > > > 1w
> > > > > 8C
> > > > > 4/
> > > > > 7/
> > > > > uaauv4uHg9%0AjFKf8uRcXL0Y52cZpOZqmG8vSrDFvWlLg47vrly6bLkgXIkc
> > > > > Cf
> > > > > c7
> > > > > kT
> > > > > I0
> > > > > li
> > > > > 7E0%2B6h%0Ae7xrPEAIpvX1JWcS5rLRnZYvT9YJgw2k3qR1f/Upx5OWDoa7yj
> > > > > Gp
> > > > > XA
> > > > > G8
> > > > > dR
> > > > > 7A
> > > > > u%2Bf3%0AUvLLx34SA8wk49NdGdlILj1TgBR6zbID0h1u3hks00iS12wroyGC
> > > > > MI
> > > > > IB
> > > > > wg
> > > > > YJ
> > > > > Ko
> > > > > ZI%0AhvcNAQcBMBEGBSsOAwIHBAj53lfxI9fjkoCCAaDUJFGZWEDAdyPbMTu5
> > > > > Jy
> > > > > x8
> > > > > xT
> > > > > PI
> > > > > %0
> > > > > AOK7Ddzt93LdbrnelizBhV6UKmpBsrpyEy/rJrU4KLcbV0xjf4zWxrbWdzfS2
> > > > > kB
> > > > > 4X
> > > > > %0
> > > > > AU
> > > > > yi
> > > > > cUP1hJO69MlVgejmAChuaOeE2xgv7sfRUZaJHOYM0b4fOBTNBut2Tm8V3/hZt
> > > > > %0
> > > > > Az
> > > > > lQ
> > > > > xP
> > > > > L7
> > > > > 7s91c7x757fTQVOWIz3q6KM1LpChmu4zy%2BnZ42fUjKYvAW/zF/CJsmfMD%0
> > > > > AP
> > > > > RJ
> > > > > he
> > > > > lt
> > > > > Ek
> > > > > r0j7f2DmsYDX%2By5NEBrtbYFziWnvVE52wcEfdokNiTNyt9932cbL5vm%0AJ
> > > > > yd
> > > > > Fl
> > > > > rZ
> > > > > Lp
> > > > > Ml
> > > > > M4RCRalCizmRhAyLz7/cKFvwgF4fwdDr/bc%2BOOogVUAfGP6k%2BWmI3%0Ai
> > > > > mz
> > > > > H/
> > > > > XS
> > > > > L1
> > > > > YA
> > > > > fMwF9Seh2k8T7KootMWajTfsD8s0Qfg2is30T/I8OwdWneDCMwbrR%0Aws72K
> > > > > lA
> > > > > cI
> > > > > wy
> > > > > Ok
> > > > > LF
> > > > > AXiPBpMLlbR9l3y5VnJrIFdHSosoECGG3PpjqTfNxdQE2Ooo7%0AW3IJR6ad3
> > > > > Et
> > > > > u4
> > > > > w8
> > > > > Ew
> > > > > HU
> > > > > lntwqbtOKkqT4sIw0HBVssUg8IZBRyHMackP5/NpAotNx%0Ar18qJ4ulxrxSL
> > > > > 9S
> > > > > vy
> > > > > qC
> > > > > CA
> > > > > cc
> > > > > wggHDMIIBLKADAgECAiA5QTZDMzkxOEM1NERCOTk0%0ARTdFOTUxNTA1OTgzQ
> > > > > TE
> > > > > 4M
> > > > > TA
> > > > > NB
> > > > > gk
> > > > > qhkiG9w0BAQQFADAYMRYwFAYDVQQDDA0xNzIu%0AMTYuMjQuMjM4MB4XDTE5M
> > > > > Dk
> > > > > wO
> > > > > TA
> > > > > 3M
> > > > > TI
> > > > > zMloXDTE5MDkxNTA5MTIzMlowGDEWMBQG%0AA1UEAwwNMTcyLjE2LjI0LjIzO
> > > > > DC
> > > > > Bn
> > > > > zA
> > > > > NB
> > > > > gk
> > > > > qhkiG9w0BAQEFAAOBjQAwgYkCgYEA%0AsfeobE3UTqt4Sd9vPnyG%2BugzbW9
> > > > > uG
> > > > > 1n
> > > > > Xl
> > > > > m8
> > > > > Vv
> > > > > 39MACJqfgxU6os8Kh6sElQcjXn5%0AlNiy8L7VAX/Oqyp2SEcb4qAoIMCBMTL
> > > > > N7
> > > > > Uz
> > > > > RH
> > > > > Ip
> > > > > QK
> > > > > r9c6oZIcvUc0mBWpDbv3jcq%0AdTfF1MoIs2/qyAVPg2f5sZ42V1w8IDZ6TM3
> > > > > JZ
> > > > > K6
> > > > > /c
> > > > > kU
> > > > > CA
> > > > > wEAATANBgkqhkiG9w0B%0AAQQFAAOBgQATop2OWQJzY3Axds0%2B9PGPAc0xG
> > > > > tl
> > > > > UQ
> > > > > 46
> > > > > 2t
> > > > > eC
> > > > > wgkm6bbrBr7eYhQeL%0AgsT07aesE%2B37wrtOfmXBucDrdextS6OxW3g5KzC
> > > > > 8G
> > > > > p1
> > > > > yP
> > > > > XH
> > > > > gl
> > > > > t8nUUESy9ooF490%0ATZDBIIQ5yBbMk%2BAYy0IOWQURlNcc8RJ5LmJXnbq4G
> > > > > /e
> > > > > tk
> > > > > LG
> > > > > Gy
> > > > > EL
> > > > > XxDGCAakwggGl%0AAgEBMDwwGDEWMBQGA1UEAwwNMTcyLjE2LjI0LjIzOAIgO
> > > > > UE
> > > > > 2Q
> > > > > zM
> > > > > 5M
> > > > > Th
> > > > > DNTREQjk5%0ANEU3RTk1MTUwNTk4M0ExODEwDAYIKoZIhvcNAgUFAKCBwTASB
> > > > > gp
> > > > > gh
> > > > > kg
> > > > > Bh
> > > > > vh
> > > > > FAQkC%0AMQQTAjE5MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIh
> > > > > vc
> > > > > NA
> > > > > Qk
> > > > > FM
> > > > > Q8
> > > > > X%0ADTE5MDkwOTA3MTIzMlowHwYJKoZIhvcNAQkEMRIEEMhY6izfmIjbrJo0k
> > > > > Gb
> > > > > Ub
> > > > > bQ
> > > > > w%
> > > > > 0A
> > > > > IAYKYIZIAYb4RQEJBTESBBDpm5bmNyqQpJbJXX9leZwfMDAGCmCGSAGG%2BEU
> > > > > BC
> > > > > Qc
> > > > > x%
> > > > > 0A
> > > > > Ih
> > > > > MgOUE2QzM5MThDNTREQjk5NEU3RTk1MTUwNTk4M0ExODEwDQYJKoZIhvcNAQE
> > > > > B%
> > > > > 0A
> > > > > BQ
> > > > > AE
> > > > > gY
> > > > > BThSGDFq9BdXNiOmDxxgw03eEEpxHKTn5jwdHnHxR5nLq2IKmVicyAdyuu%0A
> > > > > Ax
> > > > > /o
> > > > > hg
> > > > > 2C
> > > > > AU
> > > > > 8%2Bg%2Bk914OzYWMh611mmKu5UyliRmq5LofTgXxzF3duW6aeRkMWxpDb%0A
> > > > > zM
> > > > > p1
> > > > > TG
> > > > > Xl
> > > > > Kr
> > > > > yeo1uPpZ5xZ0GGPqbkhsFlgCc2mhn35B7M2bD4jg%3D%3D%0A HTTP/1.0
> > > > >
> > > > > sscep: server returned status code 500
> > > > > sscep: mime_err: HTTP/1.1 500
> > > > > Content-Type: text/html;charset=utf-8
> > > > > Content-Language: en
> > > > > Content-Length: 3234
> > > > > Date: Mon, 09 Sep 2019 07:12:32 GMT
> > > > > Connection: close
> > > > >
> > > > > <!doctype html><html lang="en"><head><title>HTTP Status 500 –
> > > > > Internal
> > > > > Server Error</title><style type="text/css">h1 {font-
> > > > > family:Tahoma,Arial,sans-serif;color:white;background-
> > > > > color:#525D76;font-size:22px;} h2 {font-
> > > > > family:Tahoma,Arial,sans-
> > > > > serif;color:white;background-color:#525D76;font-size:16px;}
> > > > > h3
> > > > > {font-
> > > > > family:Tahoma,Arial,sans-serif;color:white;background-
> > > > > color:#525D76;font-size:14px;} body {font-
> > > > > family:Tahoma,Arial,sans-
> > > > > serif;color:black;background-color:white;} b {font-
> > > > > family:Tahoma,Arial,sans-serif;color:white;background-
> > > > > color:#525D76;}
> > > > > p
> > > > > {font-family:Tahoma,Arial,sans-
> > > > > serif;background:white;color:black;font-
> > > > > size:12px;} a {color:black;} a.name {color:black;} .line
> > > > > {height:1px;background-
> > > > > color:#525D76;border:none;}</style></head><body><h1>HTTP
> > > > > Status
> > > > > 500
> > > > > –
> > > > > Internal Server Error</h1><hr class="line" /><p><b>Type</b>
> > > > > Exception
> > > > > Report</p><p><b>Message</b> Couldn't handle CEP request
> > > > > (PKCSReq)
> > > > > -
> > > > > Could not unwrap PKCS10 blob:
> > > > > java.security.cert.CertificateException:
> > > > > Error instantiating class for challenge_password
> > > > > java.lang.ClassNotFoundException:
> > > > > com.netscape.cms.servlet.cert.scep.ChallengePassword</p><p><b
> > > > > >D
> > > > > es
> > > > > cr
> > > > > ip
> > > > > ti
> > > > > on</b> The server encountered an unexpected condition that
> > > > > prevented
> > > > > it
> > > > > from fulfilling the
> > > > > request.</p><p><b>Exception</b></p><pre>javax.servlet.Servlet
> > > > > Ex
> > > > > ce
> > > > > pt
> > > > > io
> > > > > n:
> > > > > Couldn't handle CEP request (PKCSReq) - Could not unwrap
> > > > > PKCS10
> > > > > blob: java.security.cert.CertificateException: Error
> > > > > instantiating
> > > > > class for challenge_password
> > > > > java.lang.ClassNotFoundException:
> > > > > com.netscape.cms.servlet.cert.scep.ChallengePassword
> > > > > com.netscape.cms.servlet.cert.scep.CRSEnrollment.serv
> > > > > ic
> > > > > e(
> > > > > CR
> > > > > SE
> > > > > nr
> > > > > ollment.java:397)
> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.ja
> > > > > va
> > > > > :7
> > > > > 41
> > > > > )
> > > > > sun.reflect.GeneratedMethodAccessor48.invoke(Unknown
> > > > > Source)
> > > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(Deleg
> > > > > at
> > > > > in
> > > > > gM
> > > > > et
> > > > > ho
> > > > > dAccessorImpl.java:43)
> > > > > java.lang.reflect.Method.invoke(Method.java:498)
> > > > > org.apache.catalina.security.SecurityUtil$1.run(Secur
> > > > > it
> > > > > yU
> > > > > ti
> > > > > l.
> > > > > ja
> > > > > va:282)
> > > > > org.apache.catalina.security.SecurityUtil$1.run(Secur
> > > > > it
> > > > > yU
> > > > > ti
> > > > > l.
> > > > > ja
> > > > > va:279)
> > > > > java.security.AccessController.doPrivileged(Native
> > > > > Method)
> > > > > javax.security.auth.Subject.doAsPrivileged(Subject.ja
> > > > > va
> > > > > :5
> > > > > 49
> > > > > )
> > > > > org.apache.catalina.security.SecurityUtil.execute(Sec
> > > > > ur
> > > > > it
> > > > > yU
> > > > > ti
> > > > > l.
> > > > > java:314)
> > > > > org.apache.catalina.security.SecurityUtil.doAsPrivile
> > > > > ge
> > > > > (S
> > > > > ec
> > > > > ur
> > > > > it
> > > > > yUtil.java:170)
> > > > > java.security.AccessController.doPrivileged(Native
> > > > > Method)
> > > > > org.apache.tomcat.websocket.server.WsFilter.doFilter(
> > > > > Ws
> > > > > Fi
> > > > > lt
> > > > > er
> > > > > .j
> > > > > ava:53)
> > > > > sun.reflect.GeneratedMethodAccessor47.invoke(Unknown
> > > > > Source)
> > > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(Deleg
> > > > > at
> > > > > in
> > > > > gM
> > > > > et
> > > > > ho
> > > > > dAccessorImpl.java:43)
> > > > > java.lang.reflect.Method.invoke(Method.java:498)
> > > > > org.apache.catalina.security.SecurityUtil$1.run(Secur
> > > > > it
> > > > > yU
> > > > > ti
> > > > > l.
> > > > > ja
> > > > > va:282)
> > > > > org.apache.catalina.security.SecurityUtil$1.run(Secur
> > > > > it
> > > > > yU
> > > > > ti
> > > > > l.
> > > > > ja
> > > > > va:279)
> > > > > java.security.AccessController.doPrivileged(Native
> > > > > Method)
> > > > > javax.security.auth.Subject.doAsPrivileged(Subject.ja
> > > > > va
> > > > > :5
> > > > > 49
> > > > > )
> > > > > org.apache.catalina.security.SecurityUtil.execute(Sec
> > > > > ur
> > > > > it
> > > > > yU
> > > > > ti
> > > > > l.
> > > > > java:314)
> > > > > org.apache.catalina.security.SecurityUtil.doAsPrivile
> > > > > ge
> > > > > (S
> > > > > ec
> > > > > ur
> > > > > it
> > > > > yUtil.java:253)
> > > > > </pre><p><b>Note</b> The full stack trace of the root cause
> > > > > is
> > > > > available in the server logs.</p><hr class="line"
> > > > > /><h3>Apache
> > > > > Tomcat/9.0.21</h3></body></html>
> > > > > sscep: wrong (or missing) MIME content type
> > > > > sscep: error while sending message
> > > > >
> > > > >
> > > > > Why it is trying to unwrap PKCS10 if we are sending PKCS7 ?
> > > > > How it can be fixed ?
> > > > > I am sure you know it.
> > > > > Please help.
> > > > >
> > > > >
> > > > >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/pki-users/attachments/20190916/64936f4f/attachment.sig>
More information about the Pki-users
mailing list