Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 679427 Details for
Bug 895561
IPA install in pure IPv6 environment fails with "Can't contact LDAP server" error
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Pure IPv6 env IPA install log
ipaserver-install.log (text/x-log), 272.57 KB, created by
Steeve Goveas
on 2013-01-16 09:08:05 UTC
(
hide
)
Description:
Pure IPv6 env IPA install log
Filename:
MIME Type:
Creator:
Steeve Goveas
Created:
2013-01-16 09:08:05 UTC
Size:
272.57 KB
patch
obsolete
>2013-01-16T08:55:08Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:08Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:55:08Z DEBUG httpd is not configured >2013-01-16T08:55:08Z DEBUG kadmin is not configured >2013-01-16T08:55:08Z DEBUG dirsrv is not configured >2013-01-16T08:55:08Z DEBUG pki-cad is not configured >2013-01-16T08:55:08Z DEBUG pki-tomcatd is not configured >2013-01-16T08:55:08Z DEBUG pkids is not configured >2013-01-16T08:55:08Z DEBUG install is not configured >2013-01-16T08:55:08Z DEBUG krb5kdc is not configured >2013-01-16T08:55:08Z DEBUG ntpd is not configured >2013-01-16T08:55:08Z DEBUG named is not configured >2013-01-16T08:55:08Z DEBUG ipa_memcached is not configured >2013-01-16T08:55:08Z DEBUG filestore is tracking no files >2013-01-16T08:55:08Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' >2013-01-16T08:55:08Z DEBUG /usr/sbin/ipa-server-install was invoked with options: {'zone_refresh': 0, 'reverse_zone': None, 'realm_name': 'TESTRELM.COM', 'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 'no_forwarders': True, 'persistent_search': True, 'ui_redirect': True, 'domain_name': 'testrelm.com', 'idmax': 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': False, 'selfsign': False, 'trust_sshfp': False, 'external_ca_file': None, 'no_host_dns': False, 'http_pkcs12': None, 'zone_notif': False, 'forwarders': None, 'idstart': 1935800000, 'external_ca': False, 'ip_address': None, 'conf_ssh': True, 'serial_autoincrement': True, 'zonemgr': None, 'setup_dns': True, 'host_name': None, 'debug': False, 'external_cert_file': None, 'uninstall': False} >2013-01-16T08:55:08Z DEBUG missing options might be asked for interactively later > >2013-01-16T08:55:08Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:55:08Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:10Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS >2013-01-16T08:55:10Z DEBUG stdout=VirtualHost configuration: >wildcard NameVirtualHosts and _default_ servers: >_default_:8443 sideswipe.testrelm.com (/etc/httpd/conf.d/nss.conf:84) > >2013-01-16T08:55:10Z DEBUG stderr=Syntax OK > >2013-01-16T08:55:11Z DEBUG Check if sideswipe.testrelm.com is a primary hostname for localhost >2013-01-16T08:55:11Z DEBUG Primary hostname for localhost: sideswipe.testrelm.com >2013-01-16T08:55:11Z DEBUG will use host_name: sideswipe.testrelm.com > >2013-01-16T08:55:11Z DEBUG args=/sbin/ip -family inet6 -oneline address show >2013-01-16T08:55:11Z DEBUG stdout=1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever >2: eth0 inet6 2620:52:0:41ce:5054:ff:fe3b:c68b/64 scope global dynamic \ valid_lft 2591902sec preferred_lft 604702sec >2: eth0 inet6 fe80::5054:ff:fe3b:c68b/64 scope link \ valid_lft forever preferred_lft forever > >2013-01-16T08:55:11Z DEBUG stderr= >2013-01-16T08:55:13Z DEBUG will use dns_forwarders: () > >2013-01-16T08:55:15Z DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipalib/plugins'... >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automember.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automount.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/batch.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/cert.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/config.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/delegation.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/group.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacrule.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvc.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvcgroup.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbactest.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/host.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hostgroup.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/idrange.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/internal.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/kerberos.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/krbtpolicy.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/migration.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/misc.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/passwd.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/permission.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/ping.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/privilege.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/pwpolicy.py' >2013-01-16T08:55:15Z DEBUG args=klist -V >2013-01-16T08:55:15Z DEBUG stdout=Kerberos 5 version 1.10.3 > >2013-01-16T08:55:15Z DEBUG stderr= >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/role.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/selfservice.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/selinuxusermap.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/service.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmd.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmdgroup.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudorule.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/trust.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/user.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/virtual.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/xmlclient.py' >2013-01-16T08:55:15Z DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipaserver/install/plugins'... >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/adtrust.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/baseupdate.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/dns.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/fix_replica_agreements.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/rename_managed.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/update_services.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/updateclient.py' >2013-01-16T08:55:15Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/upload_cacrt.py' >2013-01-16T08:55:16Z DEBUG ds group dirsrv exists >2013-01-16T08:55:16Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:16Z DEBUG Configuring NTP daemon (ntpd) >2013-01-16T08:55:16Z DEBUG [1/4]: stopping ntpd >2013-01-16T08:55:17Z DEBUG args=/sbin/service ntpd status >2013-01-16T08:55:17Z DEBUG stdout=ntpd is stopped > >2013-01-16T08:55:17Z DEBUG stderr= >2013-01-16T08:55:17Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:17Z DEBUG args=/sbin/service ntpd stop >2013-01-16T08:55:17Z DEBUG stdout=Shutting down ntpd: [60G[[0;31mFAILED[0;39m] > >2013-01-16T08:55:17Z DEBUG stderr= >2013-01-16T08:55:17Z DEBUG duration: 0 seconds >2013-01-16T08:55:17Z DEBUG [2/4]: writing configuration >2013-01-16T08:55:17Z DEBUG Backing up system configuration file '/etc/ntp.conf' >2013-01-16T08:55:17Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:55:17Z DEBUG Backing up system configuration file '/etc/sysconfig/ntpd' >2013-01-16T08:55:17Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:55:17Z DEBUG duration: 0 seconds >2013-01-16T08:55:17Z DEBUG [3/4]: configuring ntpd to start on boot >2013-01-16T08:55:17Z DEBUG args=/sbin/chkconfig ntpd >2013-01-16T08:55:17Z DEBUG stdout= >2013-01-16T08:55:17Z DEBUG stderr= >2013-01-16T08:55:17Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:17Z DEBUG args=/sbin/chkconfig ntpd on >2013-01-16T08:55:17Z DEBUG stdout= >2013-01-16T08:55:17Z DEBUG stderr= >2013-01-16T08:55:17Z DEBUG duration: 0 seconds >2013-01-16T08:55:17Z DEBUG [4/4]: starting ntpd >2013-01-16T08:55:17Z DEBUG args=/sbin/service ntpd start >2013-01-16T08:55:17Z DEBUG stdout=Starting ntpd: [60G[[0;32m OK [0;39m] > >2013-01-16T08:55:17Z DEBUG stderr= >2013-01-16T08:55:17Z DEBUG args=/sbin/service ntpd status >2013-01-16T08:55:17Z DEBUG stdout=ntpd (pid 26069) is running... > >2013-01-16T08:55:17Z DEBUG stderr= >2013-01-16T08:55:17Z DEBUG duration: 0 seconds >2013-01-16T08:55:17Z DEBUG Done configuring NTP daemon (ntpd). >2013-01-16T08:55:17Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:17Z DEBUG Configuring directory server for the CA (pkids): Estimated time 30 minutes 30 seconds >2013-01-16T08:55:17Z DEBUG [1/3]: creating directory server user >2013-01-16T08:55:17Z DEBUG ds user pkisrv exists >2013-01-16T08:55:17Z DEBUG duration: 0 seconds >2013-01-16T08:55:17Z DEBUG [2/3]: creating directory server instance >2013-01-16T08:55:17Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:17Z DEBUG writing inf template >2013-01-16T08:55:17Z DEBUG >[General] >FullMachineName= sideswipe.testrelm.com >SuiteSpotUserID= pkisrv >SuiteSpotGroup= dirsrv >ServerRoot= /usr/lib64/dirsrv >[slapd] >ServerPort= 7389 >ServerIdentifier= PKI-IPA >Suffix= dc=testrelm,dc=com >RootDN= cn=Directory Manager >ConfigFile = /usr/share/pki/ca/conf/database.ldif > >2013-01-16T08:55:17Z DEBUG calling setup-ds.pl >2013-01-16T08:55:27Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpy7P0xk >2013-01-16T08:55:27Z DEBUG stdout=[13/01/16:14:25:27] - [Setup] Info Your new DS instance 'PKI-IPA' was successfully created. >Your new DS instance 'PKI-IPA' was successfully created. >[13/01/16:14:25:27] - [Setup] Success Exiting . . . >Log file is '-' > >Exiting . . . >Log file is '-' > > >2013-01-16T08:55:27Z DEBUG stderr= >2013-01-16T08:55:27Z DEBUG completed creating ds instance >2013-01-16T08:55:27Z DEBUG duration: 10 seconds >2013-01-16T08:55:27Z DEBUG [3/3]: restarting directory server >2013-01-16T08:55:30Z DEBUG args=/sbin/service dirsrv restart PKI-IPA >2013-01-16T08:55:30Z DEBUG stdout=Shutting down dirsrv: > PKI-IPA...[60G[[0;32m OK [0;39m] >Starting dirsrv: > PKI-IPA...[60G[[0;32m OK [0;39m] > >2013-01-16T08:55:30Z DEBUG stderr= >2013-01-16T08:55:31Z DEBUG args=/sbin/service dirsrv status PKI-IPA >2013-01-16T08:55:31Z DEBUG stdout=dirsrv PKI-IPA (pid 26238) is running... > >2013-01-16T08:55:31Z DEBUG stderr= >2013-01-16T08:55:31Z DEBUG wait_for_open_ports: localhost [7389] timeout 120 >2013-01-16T08:55:31Z DEBUG args=/sbin/service dirsrv status PKI-IPA >2013-01-16T08:55:31Z DEBUG stdout=dirsrv PKI-IPA (pid 26238) is running... > >2013-01-16T08:55:31Z DEBUG stderr= >2013-01-16T08:55:31Z DEBUG duration: 3 seconds >2013-01-16T08:55:31Z DEBUG Done configuring directory server for the CA (pkids). >2013-01-16T08:55:31Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:55:31Z DEBUG Configuring certificate server (pki-cad): Estimated time 33 minutes 30 seconds >2013-01-16T08:55:31Z DEBUG [1/21]: creating certificate server user >2013-01-16T08:55:31Z DEBUG ca user pkiuser exists >2013-01-16T08:55:31Z DEBUG duration: 0 seconds >2013-01-16T08:55:31Z DEBUG [2/21]: creating pki-ca instance >2013-01-16T08:55:40Z DEBUG args=/usr/bin/pkicreate -pki_instance_root /var/lib -pki_instance_name pki-ca -subsystem_type ca -agent_secure_port 9443 -ee_secure_port 9444 -admin_secure_port 9445 -ee_secure_client_auth_port 9446 -unsecure_port 9180 -tomcat_server_port 9701 -redirect conf=/etc/pki-ca -redirect logs=/var/log/pki-ca -enable_proxy >2013-01-16T08:55:40Z DEBUG stdout=PKI instance creation Utility ... > >Capturing installation information in /var/log/pki-ca-install.log > >PKI instance creation completed ... > >Installation information recorded in /var/log/pki-ca-install.log. >Before proceeding with the configuration, make sure >the firewall settings of this machine permit proper >access to this subsystem. > >Please start the configuration by accessing: > >https://sideswipe.testrelm.com:9445/ca/admin/console/config/login?pin=anTsM7s6Fm7PPrJGqsVs > >After configuration, the server can be operated by the command: > > /sbin/service pki-cad restart pki-ca > > >2013-01-16T08:55:40Z DEBUG stderr= >2013-01-16T08:55:40Z DEBUG duration: 9 seconds >2013-01-16T08:55:40Z DEBUG [3/21]: configuring certificate server instance >2013-01-16T08:56:07Z DEBUG args=/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname sideswipe.testrelm.com -cs_port 9445 -client_certdb_dir /tmp/tmp-2bMSnp -client_certdb_pwd XXXXXXXX -preop_pin anTsM7s6Fm7PPrJGqsVs -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject CN=ipa-ca-agent,O=TESTRELM.COM -ldap_host sideswipe.testrelm.com -ldap_port 7389 -bind_dn cn=Directory Manager -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name CN=CA Subsystem,O=TESTRELM.COM -ca_subsystem_cert_subject_name CN=CA Subsystem,O=TESTRELM.COM -ca_ocsp_cert_subject_name CN=OCSP Subsystem,O=TESTRELM.COM -ca_server_cert_subject_name CN=sideswipe.testrelm.com,O=TESTRELM.COM -ca_audit_signing_cert_subject_name CN=CA Audit,O=TESTRELM.COM -ca_sign_cert_subject_name CN=Certificate Authority,O=TESTRELM.COM -external false -clone false >2013-01-16T08:56:07Z DEBUG stdout=libpath=/usr/lib64 >####################################################################### >CRYPTO INIT WITH CERTDB:/tmp/tmp-2bMSnp >tokenpwd:XXXXXXXX >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >in TestCertApprovalCallback.approve() >Peer cert details: > subject: CN=sideswipe.testrelm.com,O=2013-01-16 14:25:31 > issuer: CN=sideswipe.testrelm.com,O=2013-01-16 14:25:31 > serial: 0 >item 1 reason=-8156 depth=1 > cert details: > subject: CN=sideswipe.testrelm.com,O=2013-01-16 14:25:31 > issuer: CN=sideswipe.testrelm.com,O=2013-01-16 14:25:31 > serial: 0 >item 2 reason=-8172 depth=1 > cert details: > subject: CN=sideswipe.testrelm.com,O=2013-01-16 14:25:31 > issuer: CN=sideswipe.testrelm.com,O=2013-01-16 14:25:31 > serial: 0 >importing certificate. >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/login?pin=anTsM7s6Fm7PPrJGqsVs&xml=true >RESPONSE STATUS: HTTP/1.1 302 Moved Temporarily >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Set-Cookie: JSESSIONID=8A2E4CE0F4AA3865F104F6AF3BB99DA2; Path=/ca; Secure >RESPONSE HEADER: Location: https://sideswipe.testrelm.com:9445/ca/admin/console/config/wizard >RESPONSE HEADER: Content-Type: text/html;charset=UTF-8 >RESPONSE HEADER: Content-Length: 0 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:43 GMT >RESPONSE HEADER: Connection: keep-alive >xml returned: >cookie list: JSESSIONID=8A2E4CE0F4AA3865F104F6AF3BB99DA2; Path=/ca; Secure >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=0&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:43 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/modulepanel.vm</panel> > <res/> > <showApplyButton/> > <status>display</status> > <subpanelno>2</subpanelno> > <sms> > <Vector> > <Module> > <CommonName>NSS Internal PKCS #11 Module</CommonName> > <UserFriendlyName>NSS Internal PKCS #11 Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > <Module> > <CommonName>nfast</CommonName> > <UserFriendlyName>nCipher's nFast Token Hardware Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > <Module> > <CommonName>lunasa</CommonName> > <UserFriendlyName>SafeNet's LunaSA Token Hardware Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > </Vector> > </sms> > <errorString/> > <size>19</size> > <title>Key Store</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>1</p> > <name>CA Setup Wizard</name> > <oms> > <Vector/> > </oms> > <defTok>Internal Key Storage Token</defTok> > <req/> > <panelname>module</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=1&op=next&xml=true&choice=Internal+Key+Storage+Token >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:43 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <machineName>sideswipe.testrelm.com</machineName> > <panel>admin/console/config/securitydomainpanel.vm</panel> > <res/> > <showApplyButton/> > <initCommand>/sbin/service pki-cad</initCommand> > <sdomainName>Testrelm Domain</sdomainName> > <sdomainURL>https://sideswipe.testrelm.com:9445</sdomainURL> > <http_ee_port>80</http_ee_port> > <systemname>CA</systemname> > <title>Security Domain</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <sdomainAdminURL>https://sideswipe.testrelm.com:9445</sdomainAdminURL> > <check_existingdomain/> > <name>CA Setup Wizard</name> > <https_ee_port>443</https_ee_port> > <https_admin_port>443</https_admin_port> > <panelname>securitydomain</panelname> > <https_agent_port>443</https_agent_port> > <cstype>CA</cstype> > <instanceId><security_domain_instance_name></instanceId> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <p>3</p> > <check_newdomain>checked</check_newdomain> > <req/> > <wizardname>CA Setup Wizard</wizardname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?sdomainURL=https%3A%2F%2Fsideswipe.testrelm.com%3A9445&sdomainName=IPA&choice=newdomain&p=3&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:44 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <machineName>sideswipe.testrelm.com</machineName> > <panel>admin/console/config/createsubsystempanel.vm</panel> > <res/> > <showApplyButton/> > <disableClone>true</disableClone> > <systemname>CA</systemname> > <title>Subsystem Type</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <check_clonesubsystem/> > <name>CA Setup Wizard</name> > <https_ee_port>443</https_ee_port> > <https_admin_port>443</https_admin_port> > <fullsystemname>Certificate Authority</fullsystemname> > <http_port>80</http_port> > <panelname>subsystem</panelname> > <https_agent_port>443</https_agent_port> > <cstype>CA</cstype> > <check_newsubsystem>checked</check_newsubsystem> > <urls> > <Vector/> > </urls> > <subsystemName>Certificate Authority</subsystemName> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <p>5</p> > <req/> > <wizardname>CA Setup Wizard</wizardname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=5&op=next&xml=true&choice=newsubsystem&subsystemName=pki-cad >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:44 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/hierarchypanel.vm</panel> > <res/> > <showApplyButton/> > <check_root>checked</check_root> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <title>PKI Hierarchy</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <name>CA Setup Wizard</name> > <p>8</p> > <req/> > <check_join/> > <panelname>cahierarchy</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=8&op=next&xml=true&choice=root >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:44 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/databasepanel.vm</panel> > <res/> > <clone>new</clone> > <bindpwd>(sensitive)</bindpwd> > <showApplyButton/> > <portStr>389</portStr> > <cloneStartTLS>off</cloneStartTLS> > <updateStatus>success</updateStatus> > <hostname>localhost</hostname> > <errorString/> > <database>sideswipe.testrelm.com-pki-ca</database> > <binddn>cn=Directory Manager</binddn> > <size>19</size> > <firsttime>true</firsttime> > <title>Internal Database</title> > <secureConn>off</secureConn> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>9</p> > <name>CA Setup Wizard</name> > <req/> > <basedn>dc=sideswipe.testrelm.com-pki-ca</basedn> > <panelname>database</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=9&op=next&xml=true&host=sideswipe.testrelm.com&port=7389&binddn=cn%3DDirectory+Manager&__bindpwd=XXXXXXXX&basedn=o%3Dipaca&database=ipaca&display=%24displayStr >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:53 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/sizepanel.vm</panel> > <res/> > <ecclist>SHA256withEC,SHA1withEC,SHA384withEC,SHA512withEC</ecclist> > <portStr>7389</portStr> > <showApplyButton/> > <cloneStartTLS>off</cloneStartTLS> > <default_keysize>2048</default_keysize> > <firsttime>true</firsttime> > <title>Key Pairs</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <name>CA Setup Wizard</name> > <panelname>size</panelname> > <rsalist>SHA256withRSA,SHA1withRSA,SHA512withRSA,MD5withRSA,MD2withRSA</rsalist> > <subsystemtype>ca</subsystemtype> > <bindpwd>(sensitive)</bindpwd> > <select>new</select> > <default_ecc_curvename>nistp521</default_ecc_curvename> > <updateStatus>success</updateStatus> > <hselect>root</hselect> > <hostname>sideswipe.testrelm.com</hostname> > <curvelist>nistp256,nistp384,nistp521,sect163k1,nistk163,sect163r1,sect163r2,nistb163,sect193r1,sect193r2,sect233k1,nistk233,sect233r1,nistb233,sect239k1,sect283k1,nistk283,sect283r1,nistb283,sect409k1,nistk409,sect409r1,nistb409,sect571k1,nistk571,sect571r1,nistb571,secp160k1,secp160r1,secp160r2,secp192k1,secp192r1,nistp192,secp224k1,secp224r1,nistp224,secp256k1,secp256r1,secp384r1,secp521r1,prime192v1,prime192v2,prime192v3,prime239v1,prime239v2,prime239v3,c2pnb163v1,c2pnb163v2,c2pnb163v3,c2pnb176v1,c2tnb191v1,c2tnb191v2,c2tnb191v3,c2pnb208w1,c2tnb239v1,c2tnb239v2,c2tnb239v3,c2pnb272w1,c2pnb304w1,c2tnb359w1,c2pnb368w1,c2tnb431r1,secp112r1,secp112r2,secp128r1,secp128r2,sect113r1,sect113r2,sect131r1,sect131r2</curvelist> > <database>ipaca</database> > <binddn>cn=Directory Manager</binddn> > <errorString/> > <size>19</size> > <show_signing>true</show_signing> > <secureConn>off</secureConn> > <certs> > <Vector> > <CertReqPair> > <Nickname>caSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>ocspSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>Server-Cert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>subsystemCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > <CertReqPair> > <Nickname>auditSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type/> > <DN/> > <CertPP/> > <KeyOption>default</KeyOption> > </CertReqPair> > </Vector> > </certs> > <p>10</p> > <basedn>o=ipaca</basedn> > <req/> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=10&op=next&xml=true&subsystem_custom_size=2048&subsystem_custom_curvename=nistp256&subsystem_keytype=rsa&subsystem_choice=custom&sslserver_custom_size=2048&sslserver_custom_curvename=nistp256&sslserver_keytype=rsa&sslserver_choice=custom&signing_custom_size=2048&signing_custom_curvename=nistp256&signing_keytype=rsa&signing_choice=custom&signing_keyalgorithm=SHA256withRSA&signing_signingalgorithm=SHA256withRSA&ocsp_signing_custom_size=2048&ocsp_signing_custom_curvename=nistp256&ocsp_signing_keytype=rsa&ocsp_signing_choice=custom&ocsp_signing_signingalgorithm=SHA256withRSA&audit_signing_custom_size=2048&audit_signing_custom_curvename=nistp256&audit_signing_keytype=rsa&audit_signing_choice=custom&custom_size=2048&custom_curvename=nistp256&keytype=rsa&choice=custom&signingalgorithm=SHA256withRSA&keyalgorithm=SHA256withRSA >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:55:58 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/namepanel.vm</panel> > <res/> > <showApplyButton/> > <select>new</select> > <urls> > <Vector>External CA</Vector> > </urls> > <updateStatus>success</updateStatus> > <isRoot>true</isRoot> > <errorString/> > <size>19</size> > <firsttime>true</firsttime> > <title>Subject Names</title> > <certs> > <Vector> > <CertReqPair> > <Nickname>caSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>selfsign</Type> > <DN>CN=Certificate Authority,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>ocspSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=OCSP Signing Certificate,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>Server-Cert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=sideswipe.testrelm.com,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>subsystemCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=CA Subsystem Certificate,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>auditSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request/> > <Certificate/> > <Type>local</Type> > <DN>CN=CA Audit Signing Certificate,OU=pki-ca,O=IPA</DN> > <CertPP/> > <KeyOption/> > </CertReqPair> > </Vector> > </certs> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>11</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>subjectname</panelname> ></response> >tag=DN value=CN=Certificate Authority,OU=pki-ca,O=IPA >tag=DN value=CN=OCSP Signing Certificate,OU=pki-ca,O=IPA >tag=DN value=CN=sideswipe.testrelm.com,OU=pki-ca,O=IPA >tag=DN value=CN=CA Subsystem Certificate,OU=pki-ca,O=IPA >tag=DN value=CN=CA Audit Signing Certificate,OU=pki-ca,O=IPA >default: ca_cert_name=CN=Certificate Authority,OU=pki-ca,O=IPA >default: ocsp_cert_name=CN=OCSP Signing Certificate,OU=pki-ca,O=IPA >default: ca_subsystem_cert_name=CN=CA Subsystem Certificate,OU=pki-ca,O=IPA >default: ca_audit_signing_cert_name=CN=CA Audit Signing Certificate,OU=pki-ca,O=IPA >default: server_cert_name=CN=sideswipe.testrelm.com,OU=pki-ca,O=IPA >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=11&op=next&xml=true&subsystem=CN%3DCA+Subsystem%2CO%3DTESTRELM.COM&ocsp_signing=CN%3DOCSP+Subsystem%2CO%3DTESTRELM.COM&signing=CN%3DCertificate+Authority%2CO%3DTESTRELM.COM&sslserver=CN%3Dsideswipe.testrelm.com%2CO%3DTESTRELM.COM&audit_signing=CN%3DCA+Audit%2CO%3DTESTRELM.COM&urls=0 >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:03 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/certrequestpanel.vm</panel> > <res/> > <showApplyButton/> > <reqscerts> > <Vector> > <CertReqPair> > <Nickname>caSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICfDCCAWQCAQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0 >ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyxCURwZjOorozaxr2 >sr4Ybg5j+3VDmG+BXp2z4LqcAvGlZNYFdPLdLWqxpH3en7zOzC4qLzWNCs9fAiO9GU0iDWVuL4v+ >UWm0u014qnz5/8ChPCizA5CcQEp7QAEmsK4hPADCauEmxUFtezi7cavfsxboRniLM5jbRVkPEw1a >feigWIO4jOSbLa9ARPRbqRQYStKLNUkrHDaodk0t9EXX02O7mKt8Ti9keyCeF/rC0aJ7z/0KRXJS >1+nHjX95YIAIW9Psgh9yu9ivmj9bNCUecA1RqNpTyyT8nYwsE1+6c7ei1otwVXncVYBJRfBFuewj >Y+kNsPg+gRX4oDFYrIpnAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAT+rRJHdJe10wCa1Lz9Gq >u3XmlMpkyuVjXXeHFthCadcI9diCqs0zIBNVuWe7H6SP0FbCzHPLeT3MEBmXya+uYutMVcDvmaSv >ohglUBugAfYUynMha3n6hP19UoAwe4HOq1chVQ+gf79Z2GAI2fQLITfcbWI0B0V01VWoSg+msOQg >rKBe7t6djKMIIybfJeqkpNwtqUhlSHutp79Of9GLiCf4tbDoor3tmfahcvH4tsLH7SOWLM/CVrXp >XpZc1EgIv7OVIL9PLYx3PdM7/3ZfcCjjRWRRV1gHlSd3Y3FCxs9VWH4d5kZ/SlT37Jytf8PpidWL >NnQS+yc3hsrsCp6/dg== >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU1NThaFw0zMzAxMTYw >ODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0 >aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK+GG4O >Y/t1Q5hvgV6ds+C6nALxpWTWBXTy3S1qsaR93p+8zswuKi81jQrPXwIjvRlNIg1lbi+L/lFptLtN >eKp8+f/AoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMNWn3ooFiD >uIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6wtGie8/9CkVyUtfpx41/ >eWCACFvT7IIfcrvYr5o/WzQlHnANUajaU8sk/J2MLBNfunO3otaLcFV53FWASUXwRbnsI2PpDbD4 >PoEV+KAxWKyKZwIDAQABo4GqMIGnMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA8G >A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ/kz >IT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJl >bG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd+yFiOgzVQyaxXre3epPftM4 >5CaTwRD7Dg4o/xwCVbQ9htw+GN7iVLcceBYKxzr6oXde+bZATF/AsnUUAmUbUNWXe41Qi0TiJfxZ >iJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn39flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrW >j4eJMyXU8NpH6/G1efw6e/d1/xKHl6au4jWqpfxqdVF025Bb/gJiRk6J7GXAdMY06V9iZlDpwxk2 >3FDPNwymwPvHHDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5+p71ROmt3Xo6rr >aCqIcnVWUt4= >-----END CERTIFICATE-----</Certificate> > <Type>selfsign</Type> > <DN>CN=Certificate Authority,O=TESTRELM.COM</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x1 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wednesday, January 16, 2013 2:25:58 PM IST Asia/Kolkata > Not After: Sunday, January 16, 2033 2:25:58 PM IST Asia/Kolkata > Subject: CN=Certificate Authority,O=TESTRELM.COM > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > B2:C4:25:11:C1:98:CE:A2:BA:33:6B:1A:F6:B2:BE:18: > 6E:0E:63:FB:75:43:98:6F:81:5E:9D:B3:E0:BA:9C:02: > F1:A5:64:D6:05:74:F2:DD:2D:6A:B1:A4:7D:DE:9F:BC: > CE:CC:2E:2A:2F:35:8D:0A:CF:5F:02:23:BD:19:4D:22: > 0D:65:6E:2F:8B:FE:51:69:B4:BB:4D:78:AA:7C:F9:FF: > C0:A1:3C:28:B3:03:90:9C:40:4A:7B:40:01:26:B0:AE: > 21:3C:00:C2:6A:E1:26:C5:41:6D:7B:38:BB:71:AB:DF: > B3:16:E8:46:78:8B:33:98:DB:45:59:0F:13:0D:5A:7D: > E8:A0:58:83:B8:8C:E4:9B:2D:AF:40:44:F4:5B:A9:14: > 18:4A:D2:8B:35:49:2B:1C:36:A8:76:4D:2D:F4:45:D7: > D3:63:BB:98:AB:7C:4E:2F:64:7B:20:9E:17:FA:C2:D1: > A2:7B:CF:FD:0A:45:72:52:D7:E9:C7:8D:7F:79:60:80: > 08:5B:D3:EC:82:1F:72:BB:D8:AF:9A:3F:5B:34:25:1E: > 70:0D:51:A8:DA:53:CB:24:FC:9D:8C:2C:13:5F:BA:73: > B7:A2:D6:8B:70:55:79:DC:55:80:49:45:F0:45:B9:EC: > 23:63:E9:0D:B0:F8:3E:81:15:F8:A0:31:58:AC:8A:67 > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33: > 21:3D:70:16 > Identifier: Basic Constraints - 2.5.29.19 > Critical: yes > Is CA: yes > Path Length Constraint: UNLIMITED > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key CertSign > Crl Sign > Identifier: Subject Key Identifier - 2.5.29.14 > Critical: no > Key Identifier: > 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33: > 21:3D:70:16 > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://sideswipe.testrelm.com:80/ca/ocsp > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > A4:21:77:EC:85:88:E8:33:55:0C:9A:C5:7A:DE:DD:EA: > 4F:7E:D3:38:E4:26:93:C1:10:FB:0E:0E:28:FF:1C:02: > 55:B4:3D:86:DC:3E:18:DE:E2:54:B7:1C:78:16:0A:C7: > 3A:FA:A1:77:5E:F9:B6:40:4C:5F:C0:B2:75:14:02:65: > 1B:50:D5:97:7B:8D:50:8B:44:E2:25:FC:59:88:96:BB: > 09:73:71:2E:E4:EF:CF:55:DB:AB:7B:94:EB:85:ED:75: > B3:CC:D4:98:A5:3C:49:F7:F5:F9:66:34:2F:66:DC:63: > 8B:52:E0:04:4F:AE:1E:74:43:13:62:47:43:85:94:AD: > 3A:D5:92:29:0A:D6:8F:87:89:33:25:D4:F0:DA:47:EB: > F1:B5:79:FC:3A:7B:F7:75:FF:12:87:97:A6:AE:E2:35: > AA:A5:FC:6A:75:51:74:DB:90:5B:FE:02:62:46:4E:89: > EC:65:C0:74:C6:34:E9:5F:62:66:50:E9:C3:19:36:DC: > 50:CF:37:0C:A6:C0:FB:C7:1C:30:5D:D7:2C:CC:F6:63: > 26:F0:0B:A7:95:04:67:21:99:8D:74:54:85:34:3E:AD: > C9:8E:7C:C3:54:97:46:4B:4D:A5:CB:B0:B7:9F:A9:EF: > 54:4E:9A:DD:D7:A3:AA:EB:68:2A:88:72:75:56:52:DE > FingerPrint > MD2: > CC:EE:B0:2F:E1:B4:2E:BC:F1:78:68:45:A9:43:46:F6 > MD5: > EC:EA:74:27:13:79:35:8B:92:30:6E:7C:2E:A9:C2:D1 > SHA1: > CA:89:2F:FF:12:1A:4B:5A:48:01:95:C6:0E:59:9F:28: > 42:83:CC:31 > SHA256: > ED:63:18:C9:A4:9F:A6:5C:8F:C3:8C:0B:85:9A:6B:86: > E1:E5:3D:46:98:2A:4D:F2:5C:4D:3A:B5:53:C2:87:9A > SHA512: > 29:8F:0E:05:BA:AB:28:76:FC:7A:02:44:4F:D5:E9:8D: > AD:DB:84:A3:5C:C9:11:C8:1C:BF:0B:1B:7E:44:E0:0A: > E1:4F:B7:8F:9D:3B:18:FF:9B:2A:C3:E5:3D:86:F4:7C: > AE:F6:D7:43:0E:88:1F:8D:F5:EE:B2:7D:38:D1:E0:71 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>ocspSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICdTCCAV0CAQAwMDEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMRcwFQYDVQQDEw5PQ1NQIFN1YnN5 >c3RlbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3BJIxEUTGnkVcRtwrpCfXnL8RH >/4y72KqOl8AJmh+aCH4JzPbz7Uk6V7Pu6BIKuRQH7a9HjIdJnm7EfqdHMPFaECVZlagMVxilIF+r >04STUNxRzRy3UR2TPm0aud98/ycneIcfe5siPINNKNDFwfzwZjkDed/y0Z+vupawFCtLFcQBlj0a >INd33hs4cdfNf4fMdPwRUk0fmKMwthXde9EQsELnX6cHGRUlBzAi75astI9fxleCiIzSYuG5aAN5 >7DaEAnx/bp3NIaPQUapldXn47AnbVDJDh4A3oUHePZzLLYDe818r7uuSA8LR0rkoo648PsckvaXn >bs5qJ6z+MysCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAXNxz8ODzBnJ0MrcjdfemKX5fWlnLX >2goe8rEy+S2355wFSWQweT4Gf0Wol9cYmBK0XLKdD/gKGM8HhljLxg5T8M4h3cU5FnjmiseDG/Iw >CS2T8e8hUVR2f6HSbuSahZGSBixyt4hhirJbzkmhGJthKu03KhvU4N0r2hAWYh97IYcbJO4vtffq >is1c1vvzvf06GhlAhqCaUj1TMDVPbRsqMOgVeggpK7ssxtllMoV+7bStOmTi1eLJNOYZuaT3n7XU >SYM/Pdvc9D8VWaTA/s+WzV86lIkSeCao+jyTbNJAtsUeGH+3+daqS2y4UhCzAYST85N5jw7aC9hs >0EWCW/5u >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDcjCCAlqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDFaFw0xNTAxMDYw >ODU2MDFaMDAxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0w >ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtwSSMRFExp5FXEbcK6Qn15y/ER/+Mu9iq >jpfACZofmgh+Ccz28+1JOlez7ugSCrkUB+2vR4yHSZ5uxH6nRzDxWhAlWZWoDFcYpSBfq9OEk1Dc >Uc0ct1Edkz5tGrnffP8nJ3iHH3ubIjyDTSjQxcH88GY5A3nf8tGfr7qWsBQrSxXEAZY9GiDXd94b >OHHXzX+HzHT8EVJNH5ijMLYV3XvRELBC51+nBxkVJQcwIu+WrLSPX8ZXgoiM0mLhuWgDeew2hAJ8 >f26dzSGj0FGqZXV5+OwJ21QyQ4eAN6FB3j2cyy2A3vNfK+7rkgPC0dK5KKOuPD7HJL2l527Oaies >/jMrAgMBAAGjgY8wgYwwHwYDVR0jBBgwFoAUQ9403arXptkzDLAdDif5MyE9cBYwDgYDVR0PAQH/ >BAQDAgHGMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0 >cmVsbS5jb206ODAvY2Evb2NzcDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOC >AQEAd3SjxNfLUkTkvuFH/mIyMLoq60mcuU9I0rVs0NNMw07dfBZ+rgWGaowHZq7L7JrvElAQ2V7e >5k7G0ZhARYrOOBzywrTLtRDxxy29OEsDLRRrc3p1GhKWUeldmKeQdXnqfueJSrpXFlZuHHnhVdV8 >5HS8kIJ35xe1XCsGhIb5S52JwxUf87JjknPc9RZEwkltMWrz9SLjMTcp90pL5wI6MtdsHUzVgcaJ >9yJLbTRYkOcFy04XForxGODGawhbqrU8y18Pc3Y57lQJcs8rXeDHt+dN0t9XmsmnJDtmwS1WEJO8 >ZCLDR7MenZpJdTfZT0rYfGIaJHyUHALJThXWDKdd8A== >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=OCSP Subsystem,O=TESTRELM.COM</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x2 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wednesday, January 16, 2013 2:26:01 PM IST Asia/Kolkata > Not After: Tuesday, January 6, 2015 2:26:01 PM IST Asia/Kolkata > Subject: CN=OCSP Subsystem,O=TESTRELM.COM > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > AD:C1:24:8C:44:51:31:A7:91:57:11:B7:0A:E9:09:F5: > E7:2F:C4:47:FF:8C:BB:D8:AA:8E:97:C0:09:9A:1F:9A: > 08:7E:09:CC:F6:F3:ED:49:3A:57:B3:EE:E8:12:0A:B9: > 14:07:ED:AF:47:8C:87:49:9E:6E:C4:7E:A7:47:30:F1: > 5A:10:25:59:95:A8:0C:57:18:A5:20:5F:AB:D3:84:93: > 50:DC:51:CD:1C:B7:51:1D:93:3E:6D:1A:B9:DF:7C:FF: > 27:27:78:87:1F:7B:9B:22:3C:83:4D:28:D0:C5:C1:FC: > F0:66:39:03:79:DF:F2:D1:9F:AF:BA:96:B0:14:2B:4B: > 15:C4:01:96:3D:1A:20:D7:77:DE:1B:38:71:D7:CD:7F: > 87:CC:74:FC:11:52:4D:1F:98:A3:30:B6:15:DD:7B:D1: > 10:B0:42:E7:5F:A7:07:19:15:25:07:30:22:EF:96:AC: > B4:8F:5F:C6:57:82:88:8C:D2:62:E1:B9:68:03:79:EC: > 36:84:02:7C:7F:6E:9D:CD:21:A3:D0:51:AA:65:75:79: > F8:EC:09:DB:54:32:43:87:80:37:A1:41:DE:3D:9C:CB: > 2D:80:DE:F3:5F:2B:EE:EB:92:03:C2:D1:D2:B9:28:A3: > AE:3C:3E:C7:24:BD:A5:E7:6E:CE:6A:27:AC:FE:33:2B > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33: > 21:3D:70:16 > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key CertSign > Crl Sign > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://sideswipe.testrelm.com:80/ca/ocsp > Identifier: Extended Key Usage: - 2.5.29.37 > Critical: no > Extended Key Usage: > OCSPSigning > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 77:74:A3:C4:D7:CB:52:44:E4:BE:E1:47:FE:62:32:30: > BA:2A:EB:49:9C:B9:4F:48:D2:B5:6C:D0:D3:4C:C3:4E: > DD:7C:16:7E:AE:05:86:6A:8C:07:66:AE:CB:EC:9A:EF: > 12:50:10:D9:5E:DE:E6:4E:C6:D1:98:40:45:8A:CE:38: > 1C:F2:C2:B4:CB:B5:10:F1:C7:2D:BD:38:4B:03:2D:14: > 6B:73:7A:75:1A:12:96:51:E9:5D:98:A7:90:75:79:EA: > 7E:E7:89:4A:BA:57:16:56:6E:1C:79:E1:55:D5:7C:E4: > 74:BC:90:82:77:E7:17:B5:5C:2B:06:84:86:F9:4B:9D: > 89:C3:15:1F:F3:B2:63:92:73:DC:F5:16:44:C2:49:6D: > 31:6A:F3:F5:22:E3:31:37:29:F7:4A:4B:E7:02:3A:32: > D7:6C:1D:4C:D5:81:C6:89:F7:22:4B:6D:34:58:90:E7: > 05:CB:4E:17:16:8A:F1:18:E0:C6:6B:08:5B:AA:B5:3C: > CB:5F:0F:73:76:39:EE:54:09:72:CF:2B:5D:E0:C7:B7: > E7:4D:D2:DF:57:9A:C9:A7:24:3B:66:C1:2D:56:10:93: > BC:64:22:C3:47:B3:1E:9D:9A:49:75:37:D9:4F:4A:D8: > 7C:62:1A:24:7C:94:1C:02:C9:4E:15:D6:0C:A7:5D:F0 > FingerPrint > MD2: > 9A:16:DA:71:00:DA:FA:BF:22:28:98:B9:26:EB:8B:53 > MD5: > 87:4B:75:54:B9:EB:2E:15:5F:98:36:AE:2F:A1:02:1F > SHA1: > FD:4A:C0:02:8D:54:22:93:77:75:59:97:B2:5F:4B:C0: > 4A:11:FA:24 > SHA256: > CA:9E:27:78:05:1D:E0:A5:BA:3A:8E:F3:71:58:92:01: > 3F:30:22:52:E4:30:A4:26:2C:5E:F8:ED:81:ED:5F:F0 > SHA512: > 77:6C:74:D6:16:66:01:6F:BE:E7:78:EF:8D:8A:4D:E2: > C1:76:C4:29:B0:06:F6:1F:CB:EB:68:2C:12:01:7F:97: > 7C:46:0D:1B:81:22:5B:C0:08:66:3A:4A:F1:F8:0D:C2: > C0:AD:D7:A9:D0:3C:91:C5:90:05:F2:C9:47:15:26:07 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>Server-Cert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICfTCCAWUCAQAwODEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR8wHQYDVQQDExZzaWRlc3dpcGUu >dGVzdHJlbG0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ34Mf3w6D9fzSXD >IYj3tK0mciXKpmZq7+ufMXywtYnvNbB5LzmXPAgDJ1RiQC28jgYuG+PWo450fPZIs+qvT8yc44QH >S6Ggoems+bAj2MaTDPBW2Djivf5cciTMIiuLrhR6E7rJX0mY8id1xuoKdTe7oFdf4W4K5RFZIjlZ >om9gHw6pXhW8cb3ysvFmdy15XsiL2hzRsS6YnWPH99w0TKSwJgtT0+RIqZ9pClGfKsBPW6KYQnSp >nIUIOj4hlc7YnIKXiOUY5bCgeu5I1Nsr69ABlCx14sMb4e+tSa3jIqYeDDQZKYXZV2bm1oDaAVwE >WpBBW76dQa37IyUUSAA4JwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAAPNn6SM81rI5SCkp4eC >ZF1+dhnmIoza6Apxm0KrbwVF/PML644ibCJWbI5nc2rvFTeRLtHmiSnDAdZOyI1fAVn1NuURiC/1 >G1j/xBRfRMTMHRDoL8AiiFK2qcCLyEGwk5E64emdBL5u8B1zA8EayaS7S3Zqn5GaHCXh7488bzea >cgHz36Wq9zQu8hTWRpixUBh+p7ho/VRGufEYwC2VYo4T1z18ki9vmUN9t8DPy2CNjtCM13xfXg1r >nCb1gmdDHupkWEc9OoLe+HfI0fDWnOcBCdbpjlsr4aXJRplVXcOGzohZI1gVOBtGoJJwpOvU63H3 >LbhJ98tR+EJCMnZMmX4= >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDejCCAmKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw >ODU2MDJaMDgxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEfMB0GA1UEAxMWc2lkZXN3aXBlLnRlc3Ry >ZWxtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGd+DH98Og/X80lwyGI97St >JnIlyqZmau/rnzF8sLWJ7zWweS85lzwIAydUYkAtvI4GLhvj1qOOdHz2SLPqr0/MnOOEB0uhoKHp >rPmwI9jGkwzwVtg44r3+XHIkzCIri64UehO6yV9JmPIndcbqCnU3u6BXX+FuCuURWSI5WaJvYB8O >qV4VvHG98rLxZncteV7Ii9oc0bEumJ1jx/fcNEyksCYLU9PkSKmfaQpRnyrAT1uimEJ0qZyFCDo+ >IZXO2JyCl4jlGOWwoHruSNTbK+vQAZQsdeLDG+HvrUmt4yKmHgw0GSmF2Vdm5taA2gFcBFqQQVu+ >nUGt+yMlFEgAOCcCAwEAAaOBjzCBjDAfBgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t >OjgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3 >DQEBCwUAA4IBAQBEKWDkxmYgaUosCd5/KDH1HsTsH2F0ukw/CGvlHbVbSvzdmcLRssngHDtqLEkA >KJDiT5Ik6RyBu9jW3aQUc9uqitGyb53xtaQgdnsTofjzVRwD4+bRzGu6qKAVeL/IjILAkr7D1uvl >wXgk74C+F22eloUjubhysltqaCH/5sGazLu8AWEbL6fAS+4Fv3VOQOolmFmdYNKcm+g9Eh9EGPVB >3DUPrDC72pAfgFNzyCF7n9MNZv8W46u0cLzDv0dK/rk9VOtbWm2GO6Gk5wQ8UqnSiwLr4qNgnXI5 >iySmlM4matPLcrwaBFNilvHToaKdrH/dfvpj6hOkA670xpza3eDE >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=sideswipe.testrelm.com,O=TESTRELM.COM</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x3 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wednesday, January 16, 2013 2:26:02 PM IST Asia/Kolkata > Not After: Tuesday, January 6, 2015 2:26:02 PM IST Asia/Kolkata > Subject: CN=sideswipe.testrelm.com,O=TESTRELM.COM > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > B1:9D:F8:31:FD:F0:E8:3F:5F:CD:25:C3:21:88:F7:B4: > AD:26:72:25:CA:A6:66:6A:EF:EB:9F:31:7C:B0:B5:89: > EF:35:B0:79:2F:39:97:3C:08:03:27:54:62:40:2D:BC: > 8E:06:2E:1B:E3:D6:A3:8E:74:7C:F6:48:B3:EA:AF:4F: > CC:9C:E3:84:07:4B:A1:A0:A1:E9:AC:F9:B0:23:D8:C6: > 93:0C:F0:56:D8:38:E2:BD:FE:5C:72:24:CC:22:2B:8B: > AE:14:7A:13:BA:C9:5F:49:98:F2:27:75:C6:EA:0A:75: > 37:BB:A0:57:5F:E1:6E:0A:E5:11:59:22:39:59:A2:6F: > 60:1F:0E:A9:5E:15:BC:71:BD:F2:B2:F1:66:77:2D:79: > 5E:C8:8B:DA:1C:D1:B1:2E:98:9D:63:C7:F7:DC:34:4C: > A4:B0:26:0B:53:D3:E4:48:A9:9F:69:0A:51:9F:2A:C0: > 4F:5B:A2:98:42:74:A9:9C:85:08:3A:3E:21:95:CE:D8: > 9C:82:97:88:E5:18:E5:B0:A0:7A:EE:48:D4:DB:2B:EB: > D0:01:94:2C:75:E2:C3:1B:E1:EF:AD:49:AD:E3:22:A6: > 1E:0C:34:19:29:85:D9:57:66:E6:D6:80:DA:01:5C:04: > 5A:90:41:5B:BE:9D:41:AD:FB:23:25:14:48:00:38:27 > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33: > 21:3D:70:16 > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://sideswipe.testrelm.com:80/ca/ocsp > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key Encipherment > Data Encipherment > Identifier: Extended Key Usage: - 2.5.29.37 > Critical: no > Extended Key Usage: > 1.3.6.1.5.5.7.3.1 > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 44:29:60:E4:C6:66:20:69:4A:2C:09:DE:7F:28:31:F5: > 1E:C4:EC:1F:61:74:BA:4C:3F:08:6B:E5:1D:B5:5B:4A: > FC:DD:99:C2:D1:B2:C9:E0:1C:3B:6A:2C:49:00:28:90: > E2:4F:92:24:E9:1C:81:BB:D8:D6:DD:A4:14:73:DB:AA: > 8A:D1:B2:6F:9D:F1:B5:A4:20:76:7B:13:A1:F8:F3:55: > 1C:03:E3:E6:D1:CC:6B:BA:A8:A0:15:78:BF:C8:8C:82: > C0:92:BE:C3:D6:EB:E5:C1:78:24:EF:80:BE:17:6D:9E: > 96:85:23:B9:B8:72:B2:5B:6A:68:21:FF:E6:C1:9A:CC: > BB:BC:01:61:1B:2F:A7:C0:4B:EE:05:BF:75:4E:40:EA: > 25:98:59:9D:60:D2:9C:9B:E8:3D:12:1F:44:18:F5:41: > DC:35:0F:AC:30:BB:DA:90:1F:80:53:73:C8:21:7B:9F: > D3:0D:66:FF:16:E3:AB:B4:70:BC:C3:BF:47:4A:FE:B9: > 3D:54:EB:5B:5A:6D:86:3B:A1:A4:E7:04:3C:52:A9:D2: > 8B:02:EB:E2:A3:60:9D:72:39:8B:24:A6:94:CE:26:6A: > D3:CB:72:BC:1A:04:53:62:96:F1:D3:A1:A2:9D:AC:7F: > DD:7E:FA:63:EA:13:A4:03:AE:F4:C6:9C:DA:DD:E0:C4 > FingerPrint > MD2: > E4:98:7D:91:F8:3E:25:F2:49:7B:A4:BD:C7:F0:4B:8A > MD5: > A6:1C:53:9E:4D:2B:53:33:D1:E5:5C:92:9D:65:77:CA > SHA1: > AC:53:2F:8B:A9:D5:93:3E:AB:1A:A0:EF:02:39:C9:1D: > 3A:32:FD:2C > SHA256: > A2:9E:22:C8:FD:54:65:8E:C2:05:D9:66:6C:09:A9:2D: > C9:BA:97:75:9A:1A:E5:14:12:F3:B1:57:5C:55:BB:A7 > SHA512: > 7B:6D:51:E0:52:53:5B:BF:27:67:68:42:D5:44:DD:E2: > 66:E1:E8:25:EC:6A:25:4B:82:AF:BB:C7:AD:A7:9D:29: > 8A:00:45:31:A7:08:3F:61:44:B2:99:51:9F:E1:E8:9E: > 70:96:58:7E:49:28:EE:53:4A:E2:8D:E3:7B:22:03:37 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>subsystemCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICczCCAVsCAQAwLjEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMRUwEwYDVQQDEwxDQSBTdWJzeXN0 >ZW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4y4UMMdWttrMt4pkpK2A5wK2a2YHs >Jo0BJb0oYm8dybvh0R7zmmdCNnfuo3rPc5v9j/+TMh7koi/AZCQ1wgAbG8u34dU05lS0FAIK20HJ >b7jE+uMjMKKQm3k87RfeZXWb/fQNPDqqntDnnHbGwrshtnzh3OG48rc6JlRB4vujxcYvDJO3fxzR >fD4zzGJ0V3YTZguRKojrauNHNgiLCSfssN8Sw+BGw/xcW7NYZJVxSZEjpWNhBZuhbY6EXEIqi+j2 >5qzJCD2z5WEJzK6842MTJDE6Vu5bXnom62gMqsvzaLNs61ofxtwysBWbS/fFyvV7JP2Ivlx7OLdp >nu0P7PObAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAEi00w2FXZXSAGbrixLc7N4QoDWQTpdUS >Jf0xBgK5fmKqg4yNCFk7nt5FQ4zVnR04CJskYGNp7k0y+U2ZjW3LjRfJxU03Q6RNd5IYZyA1guZU >79JDYFjDJIvcw4VpeZ7Jcv0CKcP2nmMfC2RC7bxelH7sH/5vZs7hv1fKzGg5EXmCqk+LvkWKYtIP >hYqP8yeTABZOZTL0LUeaKO/cODbFQSltrUmDx8usp4IxZjb+hpLPQJJk2frDyCSXTMzGCXYGsT4J >NxzL/er75JT5yU7GuvrB5divxo9kV5iQ3TUVev/Rg+T8qqhtJhFsyGJmfWr/EiT8rVkzd3+6Lict >rtvdOw== >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDejCCAmKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw >ODU2MDJaMC4xFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIB >IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMuFDDHVrbazLeKZKStgOcCtmtmB7CaNASW9 >KGJvHcm74dEe85pnQjZ37qN6z3Ob/Y//kzIe5KIvwGQkNcIAGxvLt+HVNOZUtBQCCttByW+4xPrj >IzCikJt5PO0X3mV1m/30DTw6qp7Q55x2xsK7IbZ84dzhuPK3OiZUQeL7o8XGLwyTt38c0Xw+M8xi >dFd2E2YLkSqI62rjRzYIiwkn7LDfEsPgRsP8XFuzWGSVcUmRI6VjYQWboW2OhFxCKovo9uasyQg9 >s+VhCcyuvONjEyQxOlbuW156JutoDKrL82izbOtaH8bcMrAVm0v3xcr1eyT9iL5cezi3aZ7tD+zz >mwIDAQABo4GZMIGWMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMEQGCCsGAQUFBwEB >BDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0cmVsbS5jb206ODAvY2Evb2Nz >cDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3 >DQEBCwUAA4IBAQA/mGJEhgoOQ2gIDP5hCGJzTtV8iXBOgALV41B6BeGPdCHYRTz7wZP1aTRdEllt >2ZCzG+CQhUUV7FWkxo7bMFk4isWMs3g5gmY52q+5N/l+TCtPsT+ygfUYCieJwtLBDm/n8egBw72y >JswnXbw4Yi/j3itzLcu5NjdP+AV0dx7gv1OIpoJ+4GqrwwoWJv9X8a6KTwwgnfeQE1CCBIbhOGPK >nZ6kXbTYk55gSLg4UI/rhFcD5P0cyjG8Ui+YrERVq2MP3c/oe5Xx8rpw5QbDuv5Az6HfSqcNHeml >ZiwwVAdEdgQ7m3Zq9/dBweizYYJTKiKBRzQ5ESz9nM7Su/9FIV1g >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=CA Subsystem,O=TESTRELM.COM</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x4 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wednesday, January 16, 2013 2:26:02 PM IST Asia/Kolkata > Not After: Tuesday, January 6, 2015 2:26:02 PM IST Asia/Kolkata > Subject: CN=CA Subsystem,O=TESTRELM.COM > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > B8:CB:85:0C:31:D5:AD:B6:B3:2D:E2:99:29:2B:60:39: > C0:AD:9A:D9:81:EC:26:8D:01:25:BD:28:62:6F:1D:C9: > BB:E1:D1:1E:F3:9A:67:42:36:77:EE:A3:7A:CF:73:9B: > FD:8F:FF:93:32:1E:E4:A2:2F:C0:64:24:35:C2:00:1B: > 1B:CB:B7:E1:D5:34:E6:54:B4:14:02:0A:DB:41:C9:6F: > B8:C4:FA:E3:23:30:A2:90:9B:79:3C:ED:17:DE:65:75: > 9B:FD:F4:0D:3C:3A:AA:9E:D0:E7:9C:76:C6:C2:BB:21: > B6:7C:E1:DC:E1:B8:F2:B7:3A:26:54:41:E2:FB:A3:C5: > C6:2F:0C:93:B7:7F:1C:D1:7C:3E:33:CC:62:74:57:76: > 13:66:0B:91:2A:88:EB:6A:E3:47:36:08:8B:09:27:EC: > B0:DF:12:C3:E0:46:C3:FC:5C:5B:B3:58:64:95:71:49: > 91:23:A5:63:61:05:9B:A1:6D:8E:84:5C:42:2A:8B:E8: > F6:E6:AC:C9:08:3D:B3:E5:61:09:CC:AE:BC:E3:63:13: > 24:31:3A:56:EE:5B:5E:7A:26:EB:68:0C:AA:CB:F3:68: > B3:6C:EB:5A:1F:C6:DC:32:B0:15:9B:4B:F7:C5:CA:F5: > 7B:24:FD:88:BE:5C:7B:38:B7:69:9E:ED:0F:EC:F3:9B > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33: > 21:3D:70:16 > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://sideswipe.testrelm.com:80/ca/ocsp > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Key Encipherment > Data Encipherment > Identifier: Extended Key Usage: - 2.5.29.37 > Critical: no > Extended Key Usage: > 1.3.6.1.5.5.7.3.1 > 1.3.6.1.5.5.7.3.2 > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 3F:98:62:44:86:0A:0E:43:68:08:0C:FE:61:08:62:73: > 4E:D5:7C:89:70:4E:80:02:D5:E3:50:7A:05:E1:8F:74: > 21:D8:45:3C:FB:C1:93:F5:69:34:5D:12:59:6D:D9:90: > B3:1B:E0:90:85:45:15:EC:55:A4:C6:8E:DB:30:59:38: > 8A:C5:8C:B3:78:39:82:66:39:DA:AF:B9:37:F9:7E:4C: > 2B:4F:B1:3F:B2:81:F5:18:0A:27:89:C2:D2:C1:0E:6F: > E7:F1:E8:01:C3:BD:B2:26:CC:27:5D:BC:38:62:2F:E3: > DE:2B:73:2D:CB:B9:36:37:4F:F8:05:74:77:1E:E0:BF: > 53:88:A6:82:7E:E0:6A:AB:C3:0A:16:26:FF:57:F1:AE: > 8A:4F:0C:20:9D:F7:90:13:50:82:04:86:E1:38:63:CA: > 9D:9E:A4:5D:B4:D8:93:9E:60:48:B8:38:50:8F:EB:84: > 57:03:E4:FD:1C:CA:31:BC:52:2F:98:AC:44:55:AB:63: > 0F:DD:CF:E8:7B:95:F1:F2:BA:70:E5:06:C3:BA:FE:40: > CF:A1:DF:4A:A7:0D:1D:E9:A5:66:2C:30:54:07:44:76: > 04:3B:9B:76:6A:F7:F7:41:C1:E8:B3:61:82:53:2A:22: > 81:47:34:39:11:2C:FD:9C:CE:D2:BB:FF:45:21:5D:60 > FingerPrint > MD2: > A4:2A:ED:B4:10:94:8D:F6:50:D5:85:31:18:EF:C4:C2 > MD5: > B1:EB:5E:80:22:A7:1F:5D:E1:93:3C:02:A4:23:74:CE > SHA1: > 35:66:7D:35:FC:9D:21:61:AC:B4:7D:A2:49:E8:99:B7: > AF:02:FE:79 > SHA256: > 6E:E7:42:1E:0A:D6:9A:9E:AD:52:7D:9F:1A:61:40:C0: > C3:FF:7C:9D:D0:90:C0:93:36:2B:04:0D:77:5C:59:CD > SHA512: > A3:12:18:14:6D:E5:09:30:B6:DD:6D:23:E1:FC:F8:38: > DB:23:44:81:A5:B5:1E:BE:27:3C:FA:AF:1C:26:9B:4C: > A2:2C:CE:93:E6:BB:45:45:87:28:CA:26:D6:A4:73:10: > 95:41:25:AE:CF:BB:76:58:2A:E0:6B:D8:B8:C4:1C:96 ></CertPP> > <KeyOption/> > </CertReqPair> > <CertReqPair> > <Nickname>auditSigningCert cert-pki-ca</Nickname> > <Tokenname>Internal Key Storage Token</Tokenname> > <Request>-----BEGIN CERTIFICATE REQUEST----- >MIICbzCCAVcCAQAwKjEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMREwDwYDVQQDEwhDQSBBdWRpdDCC >ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMs0W/YSoffGx0xxkX8G2yg+zyi29X3Vswmv >YP35y3LsufFn6aPwaYOQqBhFyqZbL4zVr+aJVD9ZC2/xbXmqt2s+jarkSlNWsCvDVwjuvDE5Iigj >+Hzq3q0wN6yea9tz1gs5G8J+L8ZJXvSSPEd6p5pOuE8EynFgO2rEDU8vxqSCF5AWw5b6T+wNmOs/ >scx+CoNGE2wxt8oBXKdVDshw5LNqpgS6zR8pwDR084zZMFk9f2d3y6kHCPw4Zo3A6ffj6OJNQ5Bs >fQnOJ3t8QpS7B2DkwjvGbI4JrB/uNpUKDUTcJuqdG7UYfKM4fdPakRngtCZiAinll4yPFV7gGPV5 >lSECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAZNX6WWowGYKvM3X5p+dF8YnsfjHK3tCGLiqV5 >W9gbm2tg5WP2wgiMv6f75gYxz4rq4dfFy2TIFBDDLUw08Lm8ntmQ9+OzN/TBhArcw5XP1P3hCpTu >mnMV5s01uGGCfjgn+rr0aZWDeY9LCHQcr6QbRZ2fhgnBFUKJcAob+n1A57f02tZ9ibdBIVJ6QNGw >Uj1oAHmdSULyGzHSvpQ+t4Pbmoipobw2EbU/rjEjxdMPYWH/NoRauk4o8be+A5HlvUR3K+luXAe8 >ljdhIEOo8G0k4y4bpUXLpv3m/lLtiUdG2uUKoPCqmKHRw25O/WYjNNhlQ6oHUmP601OPMHgTBXYd >-----END CERTIFICATE REQUEST-----</Request> > <Certificate>-----BEGIN CERTIFICATE----- >MIIDVTCCAj2gAwIBAgIBBTANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDNaFw0xNTAxMDYw >ODU2MDNaMCoxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0G >CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLNFv2EqH3xsdMcZF/BtsoPs8otvV91bMJr2D9+cty >7LnxZ+mj8GmDkKgYRcqmWy+M1a/miVQ/WQtv8W15qrdrPo2q5EpTVrArw1cI7rwxOSIoI/h86t6t >MDesnmvbc9YLORvCfi/GSV70kjxHeqeaTrhPBMpxYDtqxA1PL8akgheQFsOW+k/sDZjrP7HMfgqD >RhNsMbfKAVynVQ7IcOSzaqYEus0fKcA0dPOM2TBZPX9nd8upBwj8OGaNwOn34+jiTUOQbH0Jzid7 >fEKUuwdg5MI7xmyOCawf7jaVCg1E3CbqnRu1GHyjOH3T2pEZ4LQmYgIp5ZeMjxVe4Bj1eZUhAgMB >AAGjeTB3MB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA4GA1UdDwEB/wQEAwIGwDBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t >OjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAJIEUliu+e2ssxryNvbm0dHvl57+vYtB0h0Q >hobvtaH/oaJ7g21dXqLHcn8W9xfY8JaCOT5pbI7SlFAhCGDxowfThvtOjVC5apHeYjar0kAXdPk7 >+TrbTXeIGWNQ6V3HuZyygBQaOIQf6VR1Z+SXT7ycOtHZqj94J/MxCQBpSSaDv8CQkbSfYlfu631f >N+BDJVmqMeRQ2yniOe+p0CNSEX57JzNkt4QS7qnsH+oSPyxYf81gzG9Lr2CLLmD8Es28kJcfXZIo >+e9FCokpywgrSOlRB4mVn5mcm0HiZ0n/QpzATIH2tDRwX4r+QCuh3JS2GPz8iHN2DbVue1tp9PVo >Ohg= >-----END CERTIFICATE-----</Certificate> > <Type>local</Type> > <DN>CN=CA Audit,O=TESTRELM.COM</DN> > <CertPP> Certificate: > Data: > Version: v3 > Serial Number: 0x5 > Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wednesday, January 16, 2013 2:26:03 PM IST Asia/Kolkata > Not After: Tuesday, January 6, 2015 2:26:03 PM IST Asia/Kolkata > Subject: CN=CA Audit,O=TESTRELM.COM > Subject Public Key Info: > Algorithm: RSA - 1.2.840.113549.1.1.1 > Public Key: > Exponent: 65537 > Public Key Modulus: (2048 bits) : > CB:34:5B:F6:12:A1:F7:C6:C7:4C:71:91:7F:06:DB:28: > 3E:CF:28:B6:F5:7D:D5:B3:09:AF:60:FD:F9:CB:72:EC: > B9:F1:67:E9:A3:F0:69:83:90:A8:18:45:CA:A6:5B:2F: > 8C:D5:AF:E6:89:54:3F:59:0B:6F:F1:6D:79:AA:B7:6B: > 3E:8D:AA:E4:4A:53:56:B0:2B:C3:57:08:EE:BC:31:39: > 22:28:23:F8:7C:EA:DE:AD:30:37:AC:9E:6B:DB:73:D6: > 0B:39:1B:C2:7E:2F:C6:49:5E:F4:92:3C:47:7A:A7:9A: > 4E:B8:4F:04:CA:71:60:3B:6A:C4:0D:4F:2F:C6:A4:82: > 17:90:16:C3:96:FA:4F:EC:0D:98:EB:3F:B1:CC:7E:0A: > 83:46:13:6C:31:B7:CA:01:5C:A7:55:0E:C8:70:E4:B3: > 6A:A6:04:BA:CD:1F:29:C0:34:74:F3:8C:D9:30:59:3D: > 7F:67:77:CB:A9:07:08:FC:38:66:8D:C0:E9:F7:E3:E8: > E2:4D:43:90:6C:7D:09:CE:27:7B:7C:42:94:BB:07:60: > E4:C2:3B:C6:6C:8E:09:AC:1F:EE:36:95:0A:0D:44:DC: > 26:EA:9D:1B:B5:18:7C:A3:38:7D:D3:DA:91:19:E0:B4: > 26:62:02:29:E5:97:8C:8F:15:5E:E0:18:F5:79:95:21 > Extensions: > Identifier: Authority Key Identifier - 2.5.29.35 > Critical: no > Key Identifier: > 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33: > 21:3D:70:16 > Identifier: Key Usage: - 2.5.29.15 > Critical: yes > Key Usage: > Digital Signature > Non Repudiation > Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1 > Critical: no > Access Description: > Method #0: ocsp > Location #0: URIName: http://sideswipe.testrelm.com:80/ca/ocsp > Signature: > Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11 > Signature: > 92:04:52:58:AE:F9:ED:AC:B3:1A:F2:36:F6:E6:D1:D1: > EF:97:9E:FE:BD:8B:41:D2:1D:10:86:86:EF:B5:A1:FF: > A1:A2:7B:83:6D:5D:5E:A2:C7:72:7F:16:F7:17:D8:F0: > 96:82:39:3E:69:6C:8E:D2:94:50:21:08:60:F1:A3:07: > D3:86:FB:4E:8D:50:B9:6A:91:DE:62:36:AB:D2:40:17: > 74:F9:3B:F9:3A:DB:4D:77:88:19:63:50:E9:5D:C7:B9: > 9C:B2:80:14:1A:38:84:1F:E9:54:75:67:E4:97:4F:BC: > 9C:3A:D1:D9:AA:3F:78:27:F3:31:09:00:69:49:26:83: > BF:C0:90:91:B4:9F:62:57:EE:EB:7D:5F:37:E0:43:25: > 59:AA:31:E4:50:DB:29:E2:39:EF:A9:D0:23:52:11:7E: > 7B:27:33:64:B7:84:12:EE:A9:EC:1F:EA:12:3F:2C:58: > 7F:CD:60:CC:6F:4B:AF:60:8B:2E:60:FC:12:CD:BC:90: > 97:1F:5D:92:28:F9:EF:45:0A:89:29:CB:08:2B:48:E9: > 51:07:89:95:9F:99:9C:9B:41:E2:67:49:FF:42:9C:C0: > 4C:81:F6:B4:34:70:5F:8A:FE:40:2B:A1:DC:94:B6:18: > FC:FC:88:73:76:0D:B5:6E:7B:5B:69:F4:F5:68:3A:18 > FingerPrint > MD2: > 2D:82:C3:38:F8:18:FC:CA:44:BD:45:50:01:EC:29:97 > MD5: > C0:0F:4D:03:BB:FE:95:F8:03:E8:87:BF:1F:EC:6B:B1 > SHA1: > FC:8F:FD:49:A4:A5:EF:74:E1:4A:CE:A7:18:3D:4C:06: > 6B:25:66:CB > SHA256: > 3F:87:A4:11:00:E9:7D:EA:8F:43:C2:89:12:15:2C:3D: > 11:DF:3F:D6:CB:32:B7:E3:2E:8B:EE:94:5E:36:A8:C4 > SHA512: > C2:83:05:EF:42:00:F3:C4:5D:43:26:2C:94:00:41:2B: > 7E:0C:AF:36:FC:21:F3:29:46:73:78:D4:93:85:54:D1: > 73:DC:CF:80:78:B9:CC:CE:59:88:91:C3:7B:B7:F6:F7: > D1:21:44:F5:78:28:77:9B:1D:2C:79:90:97:F7:0A:AF ></CertPP> > <KeyOption/> > </CertReqPair> > </Vector> > </reqscerts> > <status>display</status> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <title>Requests and Certificates</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <name>CA Setup Wizard</name> > <p>12</p> > <req/> > <panelname>certrequest</panelname> ></response> >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICfDCCAWQCAQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0 >ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyxCURwZjOorozaxr2 >sr4Ybg5j+3VDmG+BXp2z4LqcAvGlZNYFdPLdLWqxpH3en7zOzC4qLzWNCs9fAiO9GU0iDWVuL4v+ >UWm0u014qnz5/8ChPCizA5CcQEp7QAEmsK4hPADCauEmxUFtezi7cavfsxboRniLM5jbRVkPEw1a >feigWIO4jOSbLa9ARPRbqRQYStKLNUkrHDaodk0t9EXX02O7mKt8Ti9keyCeF/rC0aJ7z/0KRXJS >1+nHjX95YIAIW9Psgh9yu9ivmj9bNCUecA1RqNpTyyT8nYwsE1+6c7ei1otwVXncVYBJRfBFuewj >Y+kNsPg+gRX4oDFYrIpnAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAT+rRJHdJe10wCa1Lz9Gq >u3XmlMpkyuVjXXeHFthCadcI9diCqs0zIBNVuWe7H6SP0FbCzHPLeT3MEBmXya+uYutMVcDvmaSv >ohglUBugAfYUynMha3n6hP19UoAwe4HOq1chVQ+gf79Z2GAI2fQLITfcbWI0B0V01VWoSg+msOQg >rKBe7t6djKMIIybfJeqkpNwtqUhlSHutp79Of9GLiCf4tbDoor3tmfahcvH4tsLH7SOWLM/CVrXp >XpZc1EgIv7OVIL9PLYx3PdM7/3ZfcCjjRWRRV1gHlSd3Y3FCxs9VWH4d5kZ/SlT37Jytf8PpidWL >NnQS+yc3hsrsCp6/dg== >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICdTCCAV0CAQAwMDEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMRcwFQYDVQQDEw5PQ1NQIFN1YnN5 >c3RlbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3BJIxEUTGnkVcRtwrpCfXnL8RH >/4y72KqOl8AJmh+aCH4JzPbz7Uk6V7Pu6BIKuRQH7a9HjIdJnm7EfqdHMPFaECVZlagMVxilIF+r >04STUNxRzRy3UR2TPm0aud98/ycneIcfe5siPINNKNDFwfzwZjkDed/y0Z+vupawFCtLFcQBlj0a >INd33hs4cdfNf4fMdPwRUk0fmKMwthXde9EQsELnX6cHGRUlBzAi75astI9fxleCiIzSYuG5aAN5 >7DaEAnx/bp3NIaPQUapldXn47AnbVDJDh4A3oUHePZzLLYDe818r7uuSA8LR0rkoo648PsckvaXn >bs5qJ6z+MysCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAXNxz8ODzBnJ0MrcjdfemKX5fWlnLX >2goe8rEy+S2355wFSWQweT4Gf0Wol9cYmBK0XLKdD/gKGM8HhljLxg5T8M4h3cU5FnjmiseDG/Iw >CS2T8e8hUVR2f6HSbuSahZGSBixyt4hhirJbzkmhGJthKu03KhvU4N0r2hAWYh97IYcbJO4vtffq >is1c1vvzvf06GhlAhqCaUj1TMDVPbRsqMOgVeggpK7ssxtllMoV+7bStOmTi1eLJNOYZuaT3n7XU >SYM/Pdvc9D8VWaTA/s+WzV86lIkSeCao+jyTbNJAtsUeGH+3+daqS2y4UhCzAYST85N5jw7aC9hs >0EWCW/5u >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICfTCCAWUCAQAwODEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR8wHQYDVQQDExZzaWRlc3dpcGUu >dGVzdHJlbG0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ34Mf3w6D9fzSXD >IYj3tK0mciXKpmZq7+ufMXywtYnvNbB5LzmXPAgDJ1RiQC28jgYuG+PWo450fPZIs+qvT8yc44QH >S6Ggoems+bAj2MaTDPBW2Djivf5cciTMIiuLrhR6E7rJX0mY8id1xuoKdTe7oFdf4W4K5RFZIjlZ >om9gHw6pXhW8cb3ysvFmdy15XsiL2hzRsS6YnWPH99w0TKSwJgtT0+RIqZ9pClGfKsBPW6KYQnSp >nIUIOj4hlc7YnIKXiOUY5bCgeu5I1Nsr69ABlCx14sMb4e+tSa3jIqYeDDQZKYXZV2bm1oDaAVwE >WpBBW76dQa37IyUUSAA4JwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAAPNn6SM81rI5SCkp4eC >ZF1+dhnmIoza6Apxm0KrbwVF/PML644ibCJWbI5nc2rvFTeRLtHmiSnDAdZOyI1fAVn1NuURiC/1 >G1j/xBRfRMTMHRDoL8AiiFK2qcCLyEGwk5E64emdBL5u8B1zA8EayaS7S3Zqn5GaHCXh7488bzea >cgHz36Wq9zQu8hTWRpixUBh+p7ho/VRGufEYwC2VYo4T1z18ki9vmUN9t8DPy2CNjtCM13xfXg1r >nCb1gmdDHupkWEc9OoLe+HfI0fDWnOcBCdbpjlsr4aXJRplVXcOGzohZI1gVOBtGoJJwpOvU63H3 >LbhJ98tR+EJCMnZMmX4= >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICczCCAVsCAQAwLjEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMRUwEwYDVQQDEwxDQSBTdWJzeXN0 >ZW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4y4UMMdWttrMt4pkpK2A5wK2a2YHs >Jo0BJb0oYm8dybvh0R7zmmdCNnfuo3rPc5v9j/+TMh7koi/AZCQ1wgAbG8u34dU05lS0FAIK20HJ >b7jE+uMjMKKQm3k87RfeZXWb/fQNPDqqntDnnHbGwrshtnzh3OG48rc6JlRB4vujxcYvDJO3fxzR >fD4zzGJ0V3YTZguRKojrauNHNgiLCSfssN8Sw+BGw/xcW7NYZJVxSZEjpWNhBZuhbY6EXEIqi+j2 >5qzJCD2z5WEJzK6842MTJDE6Vu5bXnom62gMqsvzaLNs61ofxtwysBWbS/fFyvV7JP2Ivlx7OLdp >nu0P7PObAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAEi00w2FXZXSAGbrixLc7N4QoDWQTpdUS >Jf0xBgK5fmKqg4yNCFk7nt5FQ4zVnR04CJskYGNp7k0y+U2ZjW3LjRfJxU03Q6RNd5IYZyA1guZU >79JDYFjDJIvcw4VpeZ7Jcv0CKcP2nmMfC2RC7bxelH7sH/5vZs7hv1fKzGg5EXmCqk+LvkWKYtIP >hYqP8yeTABZOZTL0LUeaKO/cODbFQSltrUmDx8usp4IxZjb+hpLPQJJk2frDyCSXTMzGCXYGsT4J >NxzL/er75JT5yU7GuvrB5divxo9kV5iQ3TUVev/Rg+T8qqhtJhFsyGJmfWr/EiT8rVkzd3+6Lict >rtvdOw== >-----END CERTIFICATE REQUEST----- >tag=Request value=-----BEGIN CERTIFICATE REQUEST----- >MIICbzCCAVcCAQAwKjEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMREwDwYDVQQDEwhDQSBBdWRpdDCC >ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMs0W/YSoffGx0xxkX8G2yg+zyi29X3Vswmv >YP35y3LsufFn6aPwaYOQqBhFyqZbL4zVr+aJVD9ZC2/xbXmqt2s+jarkSlNWsCvDVwjuvDE5Iigj >+Hzq3q0wN6yea9tz1gs5G8J+L8ZJXvSSPEd6p5pOuE8EynFgO2rEDU8vxqSCF5AWw5b6T+wNmOs/ >scx+CoNGE2wxt8oBXKdVDshw5LNqpgS6zR8pwDR084zZMFk9f2d3y6kHCPw4Zo3A6ffj6OJNQ5Bs >fQnOJ3t8QpS7B2DkwjvGbI4JrB/uNpUKDUTcJuqdG7UYfKM4fdPakRngtCZiAinll4yPFV7gGPV5 >lSECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAZNX6WWowGYKvM3X5p+dF8YnsfjHK3tCGLiqV5 >W9gbm2tg5WP2wgiMv6f75gYxz4rq4dfFy2TIFBDDLUw08Lm8ntmQ9+OzN/TBhArcw5XP1P3hCpTu >mnMV5s01uGGCfjgn+rr0aZWDeY9LCHQcr6QbRZ2fhgnBFUKJcAob+n1A57f02tZ9ibdBIVJ6QNGw >Uj1oAHmdSULyGzHSvpQ+t4Pbmoipobw2EbU/rjEjxdMPYWH/NoRauk4o8be+A5HlvUR3K+luXAe8 >ljdhIEOo8G0k4y4bpUXLpv3m/lLtiUdG2uUKoPCqmKHRw25O/WYjNNhlQ6oHUmP601OPMHgTBXYd >-----END CERTIFICATE REQUEST----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU1NThaFw0zMzAxMTYw >ODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0 >aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK+GG4O >Y/t1Q5hvgV6ds+C6nALxpWTWBXTy3S1qsaR93p+8zswuKi81jQrPXwIjvRlNIg1lbi+L/lFptLtN >eKp8+f/AoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMNWn3ooFiD >uIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6wtGie8/9CkVyUtfpx41/ >eWCACFvT7IIfcrvYr5o/WzQlHnANUajaU8sk/J2MLBNfunO3otaLcFV53FWASUXwRbnsI2PpDbD4 >PoEV+KAxWKyKZwIDAQABo4GqMIGnMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA8G >A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ/kz >IT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJl >bG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd+yFiOgzVQyaxXre3epPftM4 >5CaTwRD7Dg4o/xwCVbQ9htw+GN7iVLcceBYKxzr6oXde+bZATF/AsnUUAmUbUNWXe41Qi0TiJfxZ >iJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn39flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrW >j4eJMyXU8NpH6/G1efw6e/d1/xKHl6au4jWqpfxqdVF025Bb/gJiRk6J7GXAdMY06V9iZlDpwxk2 >3FDPNwymwPvHHDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5+p71ROmt3Xo6rr >aCqIcnVWUt4= >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDcjCCAlqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDFaFw0xNTAxMDYw >ODU2MDFaMDAxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0w >ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtwSSMRFExp5FXEbcK6Qn15y/ER/+Mu9iq >jpfACZofmgh+Ccz28+1JOlez7ugSCrkUB+2vR4yHSZ5uxH6nRzDxWhAlWZWoDFcYpSBfq9OEk1Dc >Uc0ct1Edkz5tGrnffP8nJ3iHH3ubIjyDTSjQxcH88GY5A3nf8tGfr7qWsBQrSxXEAZY9GiDXd94b >OHHXzX+HzHT8EVJNH5ijMLYV3XvRELBC51+nBxkVJQcwIu+WrLSPX8ZXgoiM0mLhuWgDeew2hAJ8 >f26dzSGj0FGqZXV5+OwJ21QyQ4eAN6FB3j2cyy2A3vNfK+7rkgPC0dK5KKOuPD7HJL2l527Oaies >/jMrAgMBAAGjgY8wgYwwHwYDVR0jBBgwFoAUQ9403arXptkzDLAdDif5MyE9cBYwDgYDVR0PAQH/ >BAQDAgHGMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0 >cmVsbS5jb206ODAvY2Evb2NzcDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOC >AQEAd3SjxNfLUkTkvuFH/mIyMLoq60mcuU9I0rVs0NNMw07dfBZ+rgWGaowHZq7L7JrvElAQ2V7e >5k7G0ZhARYrOOBzywrTLtRDxxy29OEsDLRRrc3p1GhKWUeldmKeQdXnqfueJSrpXFlZuHHnhVdV8 >5HS8kIJ35xe1XCsGhIb5S52JwxUf87JjknPc9RZEwkltMWrz9SLjMTcp90pL5wI6MtdsHUzVgcaJ >9yJLbTRYkOcFy04XForxGODGawhbqrU8y18Pc3Y57lQJcs8rXeDHt+dN0t9XmsmnJDtmwS1WEJO8 >ZCLDR7MenZpJdTfZT0rYfGIaJHyUHALJThXWDKdd8A== >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDejCCAmKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw >ODU2MDJaMDgxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEfMB0GA1UEAxMWc2lkZXN3aXBlLnRlc3Ry >ZWxtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGd+DH98Og/X80lwyGI97St >JnIlyqZmau/rnzF8sLWJ7zWweS85lzwIAydUYkAtvI4GLhvj1qOOdHz2SLPqr0/MnOOEB0uhoKHp >rPmwI9jGkwzwVtg44r3+XHIkzCIri64UehO6yV9JmPIndcbqCnU3u6BXX+FuCuURWSI5WaJvYB8O >qV4VvHG98rLxZncteV7Ii9oc0bEumJ1jx/fcNEyksCYLU9PkSKmfaQpRnyrAT1uimEJ0qZyFCDo+ >IZXO2JyCl4jlGOWwoHruSNTbK+vQAZQsdeLDG+HvrUmt4yKmHgw0GSmF2Vdm5taA2gFcBFqQQVu+ >nUGt+yMlFEgAOCcCAwEAAaOBjzCBjDAfBgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t >OjgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3 >DQEBCwUAA4IBAQBEKWDkxmYgaUosCd5/KDH1HsTsH2F0ukw/CGvlHbVbSvzdmcLRssngHDtqLEkA >KJDiT5Ik6RyBu9jW3aQUc9uqitGyb53xtaQgdnsTofjzVRwD4+bRzGu6qKAVeL/IjILAkr7D1uvl >wXgk74C+F22eloUjubhysltqaCH/5sGazLu8AWEbL6fAS+4Fv3VOQOolmFmdYNKcm+g9Eh9EGPVB >3DUPrDC72pAfgFNzyCF7n9MNZv8W46u0cLzDv0dK/rk9VOtbWm2GO6Gk5wQ8UqnSiwLr4qNgnXI5 >iySmlM4matPLcrwaBFNilvHToaKdrH/dfvpj6hOkA670xpza3eDE >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDejCCAmKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw >ODU2MDJaMC4xFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIB >IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMuFDDHVrbazLeKZKStgOcCtmtmB7CaNASW9 >KGJvHcm74dEe85pnQjZ37qN6z3Ob/Y//kzIe5KIvwGQkNcIAGxvLt+HVNOZUtBQCCttByW+4xPrj >IzCikJt5PO0X3mV1m/30DTw6qp7Q55x2xsK7IbZ84dzhuPK3OiZUQeL7o8XGLwyTt38c0Xw+M8xi >dFd2E2YLkSqI62rjRzYIiwkn7LDfEsPgRsP8XFuzWGSVcUmRI6VjYQWboW2OhFxCKovo9uasyQg9 >s+VhCcyuvONjEyQxOlbuW156JutoDKrL82izbOtaH8bcMrAVm0v3xcr1eyT9iL5cezi3aZ7tD+zz >mwIDAQABo4GZMIGWMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMEQGCCsGAQUFBwEB >BDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0cmVsbS5jb206ODAvY2Evb2Nz >cDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3 >DQEBCwUAA4IBAQA/mGJEhgoOQ2gIDP5hCGJzTtV8iXBOgALV41B6BeGPdCHYRTz7wZP1aTRdEllt >2ZCzG+CQhUUV7FWkxo7bMFk4isWMs3g5gmY52q+5N/l+TCtPsT+ygfUYCieJwtLBDm/n8egBw72y >JswnXbw4Yi/j3itzLcu5NjdP+AV0dx7gv1OIpoJ+4GqrwwoWJv9X8a6KTwwgnfeQE1CCBIbhOGPK >nZ6kXbTYk55gSLg4UI/rhFcD5P0cyjG8Ui+YrERVq2MP3c/oe5Xx8rpw5QbDuv5Az6HfSqcNHeml >ZiwwVAdEdgQ7m3Zq9/dBweizYYJTKiKBRzQ5ESz9nM7Su/9FIV1g >-----END CERTIFICATE----- >tag=Certificate value=-----BEGIN CERTIFICATE----- >MIIDVTCCAj2gAwIBAgIBBTANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDNaFw0xNTAxMDYw >ODU2MDNaMCoxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0G >CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLNFv2EqH3xsdMcZF/BtsoPs8otvV91bMJr2D9+cty >7LnxZ+mj8GmDkKgYRcqmWy+M1a/miVQ/WQtv8W15qrdrPo2q5EpTVrArw1cI7rwxOSIoI/h86t6t >MDesnmvbc9YLORvCfi/GSV70kjxHeqeaTrhPBMpxYDtqxA1PL8akgheQFsOW+k/sDZjrP7HMfgqD >RhNsMbfKAVynVQ7IcOSzaqYEus0fKcA0dPOM2TBZPX9nd8upBwj8OGaNwOn34+jiTUOQbH0Jzid7 >fEKUuwdg5MI7xmyOCawf7jaVCg1E3CbqnRu1GHyjOH3T2pEZ4LQmYgIp5ZeMjxVe4Bj1eZUhAgMB >AAGjeTB3MB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA4GA1UdDwEB/wQEAwIGwDBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t >OjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAJIEUliu+e2ssxryNvbm0dHvl57+vYtB0h0Q >hobvtaH/oaJ7g21dXqLHcn8W9xfY8JaCOT5pbI7SlFAhCGDxowfThvtOjVC5apHeYjar0kAXdPk7 >+TrbTXeIGWNQ6V3HuZyygBQaOIQf6VR1Z+SXT7ycOtHZqj94J/MxCQBpSSaDv8CQkbSfYlfu631f >N+BDJVmqMeRQ2yniOe+p0CNSEX57JzNkt4QS7qnsH+oSPyxYf81gzG9Lr2CLLmD8Es28kJcfXZIo >+e9FCokpywgrSOlRB4mVn5mcm0HiZ0n/QpzATIH2tDRwX4r+QCuh3JS2GPz8iHN2DbVue1tp9PVo >Ohg= >-----END CERTIFICATE----- >tag=Nickname value=caSigningCert cert-pki-ca >tag=Nickname value=ocspSigningCert cert-pki-ca >tag=Nickname value=Server-Cert cert-pki-ca >tag=Nickname value=subsystemCert cert-pki-ca >tag=Nickname value=auditSigningCert cert-pki-ca >req_list_size=5 >cert_list_size=5 >dn_list_size=5 >ca_cert_name=CN=Certificate Authority,O=TESTRELM.COM >ocsp_cert_name=CN=OCSP Subsystem,O=TESTRELM.COM >ca_subsystem_cert_name=CN=CA Subsystem,O=TESTRELM.COM >server_cert_name=CN=sideswipe.testrelm.com,O=TESTRELM.COM >audit_signing_cert_name=CN=CA Audit,O=TESTRELM.COM >ca_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICfDCCAWQCAQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0 >ZSBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyxCURwZjOorozaxr2 >sr4Ybg5j+3VDmG+BXp2z4LqcAvGlZNYFdPLdLWqxpH3en7zOzC4qLzWNCs9fAiO9GU0iDWVuL4v+ >UWm0u014qnz5/8ChPCizA5CcQEp7QAEmsK4hPADCauEmxUFtezi7cavfsxboRniLM5jbRVkPEw1a >feigWIO4jOSbLa9ARPRbqRQYStKLNUkrHDaodk0t9EXX02O7mKt8Ti9keyCeF/rC0aJ7z/0KRXJS >1+nHjX95YIAIW9Psgh9yu9ivmj9bNCUecA1RqNpTyyT8nYwsE1+6c7ei1otwVXncVYBJRfBFuewj >Y+kNsPg+gRX4oDFYrIpnAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAT+rRJHdJe10wCa1Lz9Gq >u3XmlMpkyuVjXXeHFthCadcI9diCqs0zIBNVuWe7H6SP0FbCzHPLeT3MEBmXya+uYutMVcDvmaSv >ohglUBugAfYUynMha3n6hP19UoAwe4HOq1chVQ+gf79Z2GAI2fQLITfcbWI0B0V01VWoSg+msOQg >rKBe7t6djKMIIybfJeqkpNwtqUhlSHutp79Of9GLiCf4tbDoor3tmfahcvH4tsLH7SOWLM/CVrXp >XpZc1EgIv7OVIL9PLYx3PdM7/3ZfcCjjRWRRV1gHlSd3Y3FCxs9VWH4d5kZ/SlT37Jytf8PpidWL >NnQS+yc3hsrsCp6/dg== >-----END CERTIFICATE REQUEST----- >ocsp_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICdTCCAV0CAQAwMDEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMRcwFQYDVQQDEw5PQ1NQIFN1YnN5 >c3RlbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK3BJIxEUTGnkVcRtwrpCfXnL8RH >/4y72KqOl8AJmh+aCH4JzPbz7Uk6V7Pu6BIKuRQH7a9HjIdJnm7EfqdHMPFaECVZlagMVxilIF+r >04STUNxRzRy3UR2TPm0aud98/ycneIcfe5siPINNKNDFwfzwZjkDed/y0Z+vupawFCtLFcQBlj0a >INd33hs4cdfNf4fMdPwRUk0fmKMwthXde9EQsELnX6cHGRUlBzAi75astI9fxleCiIzSYuG5aAN5 >7DaEAnx/bp3NIaPQUapldXn47AnbVDJDh4A3oUHePZzLLYDe818r7uuSA8LR0rkoo648PsckvaXn >bs5qJ6z+MysCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAXNxz8ODzBnJ0MrcjdfemKX5fWlnLX >2goe8rEy+S2355wFSWQweT4Gf0Wol9cYmBK0XLKdD/gKGM8HhljLxg5T8M4h3cU5FnjmiseDG/Iw >CS2T8e8hUVR2f6HSbuSahZGSBixyt4hhirJbzkmhGJthKu03KhvU4N0r2hAWYh97IYcbJO4vtffq >is1c1vvzvf06GhlAhqCaUj1TMDVPbRsqMOgVeggpK7ssxtllMoV+7bStOmTi1eLJNOYZuaT3n7XU >SYM/Pdvc9D8VWaTA/s+WzV86lIkSeCao+jyTbNJAtsUeGH+3+daqS2y4UhCzAYST85N5jw7aC9hs >0EWCW/5u >-----END CERTIFICATE REQUEST----- >ca_subsystem_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICczCCAVsCAQAwLjEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMRUwEwYDVQQDEwxDQSBTdWJzeXN0 >ZW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4y4UMMdWttrMt4pkpK2A5wK2a2YHs >Jo0BJb0oYm8dybvh0R7zmmdCNnfuo3rPc5v9j/+TMh7koi/AZCQ1wgAbG8u34dU05lS0FAIK20HJ >b7jE+uMjMKKQm3k87RfeZXWb/fQNPDqqntDnnHbGwrshtnzh3OG48rc6JlRB4vujxcYvDJO3fxzR >fD4zzGJ0V3YTZguRKojrauNHNgiLCSfssN8Sw+BGw/xcW7NYZJVxSZEjpWNhBZuhbY6EXEIqi+j2 >5qzJCD2z5WEJzK6842MTJDE6Vu5bXnom62gMqsvzaLNs61ofxtwysBWbS/fFyvV7JP2Ivlx7OLdp >nu0P7PObAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAEi00w2FXZXSAGbrixLc7N4QoDWQTpdUS >Jf0xBgK5fmKqg4yNCFk7nt5FQ4zVnR04CJskYGNp7k0y+U2ZjW3LjRfJxU03Q6RNd5IYZyA1guZU >79JDYFjDJIvcw4VpeZ7Jcv0CKcP2nmMfC2RC7bxelH7sH/5vZs7hv1fKzGg5EXmCqk+LvkWKYtIP >hYqP8yeTABZOZTL0LUeaKO/cODbFQSltrUmDx8usp4IxZjb+hpLPQJJk2frDyCSXTMzGCXYGsT4J >NxzL/er75JT5yU7GuvrB5divxo9kV5iQ3TUVev/Rg+T8qqhtJhFsyGJmfWr/EiT8rVkzd3+6Lict >rtvdOw== >-----END CERTIFICATE REQUEST----- >server_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICfTCCAWUCAQAwODEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR8wHQYDVQQDExZzaWRlc3dpcGUu >dGVzdHJlbG0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ34Mf3w6D9fzSXD >IYj3tK0mciXKpmZq7+ufMXywtYnvNbB5LzmXPAgDJ1RiQC28jgYuG+PWo450fPZIs+qvT8yc44QH >S6Ggoems+bAj2MaTDPBW2Djivf5cciTMIiuLrhR6E7rJX0mY8id1xuoKdTe7oFdf4W4K5RFZIjlZ >om9gHw6pXhW8cb3ysvFmdy15XsiL2hzRsS6YnWPH99w0TKSwJgtT0+RIqZ9pClGfKsBPW6KYQnSp >nIUIOj4hlc7YnIKXiOUY5bCgeu5I1Nsr69ABlCx14sMb4e+tSa3jIqYeDDQZKYXZV2bm1oDaAVwE >WpBBW76dQa37IyUUSAA4JwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAAPNn6SM81rI5SCkp4eC >ZF1+dhnmIoza6Apxm0KrbwVF/PML644ibCJWbI5nc2rvFTeRLtHmiSnDAdZOyI1fAVn1NuURiC/1 >G1j/xBRfRMTMHRDoL8AiiFK2qcCLyEGwk5E64emdBL5u8B1zA8EayaS7S3Zqn5GaHCXh7488bzea >cgHz36Wq9zQu8hTWRpixUBh+p7ho/VRGufEYwC2VYo4T1z18ki9vmUN9t8DPy2CNjtCM13xfXg1r >nCb1gmdDHupkWEc9OoLe+HfI0fDWnOcBCdbpjlsr4aXJRplVXcOGzohZI1gVOBtGoJJwpOvU63H3 >LbhJ98tR+EJCMnZMmX4= >-----END CERTIFICATE REQUEST----- >ca_audit_siging_cert_req=-----BEGIN CERTIFICATE REQUEST----- >MIICbzCCAVcCAQAwKjEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMREwDwYDVQQDEwhDQSBBdWRpdDCC >ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMs0W/YSoffGx0xxkX8G2yg+zyi29X3Vswmv >YP35y3LsufFn6aPwaYOQqBhFyqZbL4zVr+aJVD9ZC2/xbXmqt2s+jarkSlNWsCvDVwjuvDE5Iigj >+Hzq3q0wN6yea9tz1gs5G8J+L8ZJXvSSPEd6p5pOuE8EynFgO2rEDU8vxqSCF5AWw5b6T+wNmOs/ >scx+CoNGE2wxt8oBXKdVDshw5LNqpgS6zR8pwDR084zZMFk9f2d3y6kHCPw4Zo3A6ffj6OJNQ5Bs >fQnOJ3t8QpS7B2DkwjvGbI4JrB/uNpUKDUTcJuqdG7UYfKM4fdPakRngtCZiAinll4yPFV7gGPV5 >lSECAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQAZNX6WWowGYKvM3X5p+dF8YnsfjHK3tCGLiqV5 >W9gbm2tg5WP2wgiMv6f75gYxz4rq4dfFy2TIFBDDLUw08Lm8ntmQ9+OzN/TBhArcw5XP1P3hCpTu >mnMV5s01uGGCfjgn+rr0aZWDeY9LCHQcr6QbRZ2fhgnBFUKJcAob+n1A57f02tZ9ibdBIVJ6QNGw >Uj1oAHmdSULyGzHSvpQ+t4Pbmoipobw2EbU/rjEjxdMPYWH/NoRauk4o8be+A5HlvUR3K+luXAe8 >ljdhIEOo8G0k4y4bpUXLpv3m/lLtiUdG2uUKoPCqmKHRw25O/WYjNNhlQ6oHUmP601OPMHgTBXYd >-----END CERTIFICATE REQUEST----- >ca_cert_cert=-----BEGIN CERTIFICATE----- >MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU1NThaFw0zMzAxMTYw >ODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0 >aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK+GG4O >Y/t1Q5hvgV6ds+C6nALxpWTWBXTy3S1qsaR93p+8zswuKi81jQrPXwIjvRlNIg1lbi+L/lFptLtN >eKp8+f/AoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMNWn3ooFiD >uIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6wtGie8/9CkVyUtfpx41/ >eWCACFvT7IIfcrvYr5o/WzQlHnANUajaU8sk/J2MLBNfunO3otaLcFV53FWASUXwRbnsI2PpDbD4 >PoEV+KAxWKyKZwIDAQABo4GqMIGnMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA8G >A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ/kz >IT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJl >bG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd+yFiOgzVQyaxXre3epPftM4 >5CaTwRD7Dg4o/xwCVbQ9htw+GN7iVLcceBYKxzr6oXde+bZATF/AsnUUAmUbUNWXe41Qi0TiJfxZ >iJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn39flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrW >j4eJMyXU8NpH6/G1efw6e/d1/xKHl6au4jWqpfxqdVF025Bb/gJiRk6J7GXAdMY06V9iZlDpwxk2 >3FDPNwymwPvHHDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5+p71ROmt3Xo6rr >aCqIcnVWUt4= >-----END CERTIFICATE----- >ocsp_cert_cert=-----BEGIN CERTIFICATE----- >MIIDcjCCAlqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDFaFw0xNTAxMDYw >ODU2MDFaMDAxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0w >ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtwSSMRFExp5FXEbcK6Qn15y/ER/+Mu9iq >jpfACZofmgh+Ccz28+1JOlez7ugSCrkUB+2vR4yHSZ5uxH6nRzDxWhAlWZWoDFcYpSBfq9OEk1Dc >Uc0ct1Edkz5tGrnffP8nJ3iHH3ubIjyDTSjQxcH88GY5A3nf8tGfr7qWsBQrSxXEAZY9GiDXd94b >OHHXzX+HzHT8EVJNH5ijMLYV3XvRELBC51+nBxkVJQcwIu+WrLSPX8ZXgoiM0mLhuWgDeew2hAJ8 >f26dzSGj0FGqZXV5+OwJ21QyQ4eAN6FB3j2cyy2A3vNfK+7rkgPC0dK5KKOuPD7HJL2l527Oaies >/jMrAgMBAAGjgY8wgYwwHwYDVR0jBBgwFoAUQ9403arXptkzDLAdDif5MyE9cBYwDgYDVR0PAQH/ >BAQDAgHGMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0 >cmVsbS5jb206ODAvY2Evb2NzcDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOC >AQEAd3SjxNfLUkTkvuFH/mIyMLoq60mcuU9I0rVs0NNMw07dfBZ+rgWGaowHZq7L7JrvElAQ2V7e >5k7G0ZhARYrOOBzywrTLtRDxxy29OEsDLRRrc3p1GhKWUeldmKeQdXnqfueJSrpXFlZuHHnhVdV8 >5HS8kIJ35xe1XCsGhIb5S52JwxUf87JjknPc9RZEwkltMWrz9SLjMTcp90pL5wI6MtdsHUzVgcaJ >9yJLbTRYkOcFy04XForxGODGawhbqrU8y18Pc3Y57lQJcs8rXeDHt+dN0t9XmsmnJDtmwS1WEJO8 >ZCLDR7MenZpJdTfZT0rYfGIaJHyUHALJThXWDKdd8A== >-----END CERTIFICATE----- >ca_subsystem_cert_cert=-----BEGIN CERTIFICATE----- >MIIDejCCAmKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw >ODU2MDJaMC4xFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIB >IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMuFDDHVrbazLeKZKStgOcCtmtmB7CaNASW9 >KGJvHcm74dEe85pnQjZ37qN6z3Ob/Y//kzIe5KIvwGQkNcIAGxvLt+HVNOZUtBQCCttByW+4xPrj >IzCikJt5PO0X3mV1m/30DTw6qp7Q55x2xsK7IbZ84dzhuPK3OiZUQeL7o8XGLwyTt38c0Xw+M8xi >dFd2E2YLkSqI62rjRzYIiwkn7LDfEsPgRsP8XFuzWGSVcUmRI6VjYQWboW2OhFxCKovo9uasyQg9 >s+VhCcyuvONjEyQxOlbuW156JutoDKrL82izbOtaH8bcMrAVm0v3xcr1eyT9iL5cezi3aZ7tD+zz >mwIDAQABo4GZMIGWMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMEQGCCsGAQUFBwEB >BDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0cmVsbS5jb206ODAvY2Evb2Nz >cDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3 >DQEBCwUAA4IBAQA/mGJEhgoOQ2gIDP5hCGJzTtV8iXBOgALV41B6BeGPdCHYRTz7wZP1aTRdEllt >2ZCzG+CQhUUV7FWkxo7bMFk4isWMs3g5gmY52q+5N/l+TCtPsT+ygfUYCieJwtLBDm/n8egBw72y >JswnXbw4Yi/j3itzLcu5NjdP+AV0dx7gv1OIpoJ+4GqrwwoWJv9X8a6KTwwgnfeQE1CCBIbhOGPK >nZ6kXbTYk55gSLg4UI/rhFcD5P0cyjG8Ui+YrERVq2MP3c/oe5Xx8rpw5QbDuv5Az6HfSqcNHeml >ZiwwVAdEdgQ7m3Zq9/dBweizYYJTKiKBRzQ5ESz9nM7Su/9FIV1g >-----END CERTIFICATE----- >server_cert_cert=-----BEGIN CERTIFICATE----- >MIIDejCCAmKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw >ODU2MDJaMDgxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEfMB0GA1UEAxMWc2lkZXN3aXBlLnRlc3Ry >ZWxtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGd+DH98Og/X80lwyGI97St >JnIlyqZmau/rnzF8sLWJ7zWweS85lzwIAydUYkAtvI4GLhvj1qOOdHz2SLPqr0/MnOOEB0uhoKHp >rPmwI9jGkwzwVtg44r3+XHIkzCIri64UehO6yV9JmPIndcbqCnU3u6BXX+FuCuURWSI5WaJvYB8O >qV4VvHG98rLxZncteV7Ii9oc0bEumJ1jx/fcNEyksCYLU9PkSKmfaQpRnyrAT1uimEJ0qZyFCDo+ >IZXO2JyCl4jlGOWwoHruSNTbK+vQAZQsdeLDG+HvrUmt4yKmHgw0GSmF2Vdm5taA2gFcBFqQQVu+ >nUGt+yMlFEgAOCcCAwEAAaOBjzCBjDAfBgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t >OjgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3 >DQEBCwUAA4IBAQBEKWDkxmYgaUosCd5/KDH1HsTsH2F0ukw/CGvlHbVbSvzdmcLRssngHDtqLEkA >KJDiT5Ik6RyBu9jW3aQUc9uqitGyb53xtaQgdnsTofjzVRwD4+bRzGu6qKAVeL/IjILAkr7D1uvl >wXgk74C+F22eloUjubhysltqaCH/5sGazLu8AWEbL6fAS+4Fv3VOQOolmFmdYNKcm+g9Eh9EGPVB >3DUPrDC72pAfgFNzyCF7n9MNZv8W46u0cLzDv0dK/rk9VOtbWm2GO6Gk5wQ8UqnSiwLr4qNgnXI5 >iySmlM4matPLcrwaBFNilvHToaKdrH/dfvpj6hOkA670xpza3eDE >-----END CERTIFICATE----- >ca_audit_signing_cert_cert=-----BEGIN CERTIFICATE----- >MIIDVTCCAj2gAwIBAgIBBTANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x >HjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDNaFw0xNTAxMDYw >ODU2MDNaMCoxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0G >CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLNFv2EqH3xsdMcZF/BtsoPs8otvV91bMJr2D9+cty >7LnxZ+mj8GmDkKgYRcqmWy+M1a/miVQ/WQtv8W15qrdrPo2q5EpTVrArw1cI7rwxOSIoI/h86t6t >MDesnmvbc9YLORvCfi/GSV70kjxHeqeaTrhPBMpxYDtqxA1PL8akgheQFsOW+k/sDZjrP7HMfgqD >RhNsMbfKAVynVQ7IcOSzaqYEus0fKcA0dPOM2TBZPX9nd8upBwj8OGaNwOn34+jiTUOQbH0Jzid7 >fEKUuwdg5MI7xmyOCawf7jaVCg1E3CbqnRu1GHyjOH3T2pEZ4LQmYgIp5ZeMjxVe4Bj1eZUhAgMB >AAGjeTB3MB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA4GA1UdDwEB/wQEAwIGwDBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t >OjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAJIEUliu+e2ssxryNvbm0dHvl57+vYtB0h0Q >hobvtaH/oaJ7g21dXqLHcn8W9xfY8JaCOT5pbI7SlFAhCGDxowfThvtOjVC5apHeYjar0kAXdPk7 >+TrbTXeIGWNQ6V3HuZyygBQaOIQf6VR1Z+SXT7ycOtHZqj94J/MxCQBpSSaDv8CQkbSfYlfu631f >N+BDJVmqMeRQ2yniOe+p0CNSEX57JzNkt4QS7qnsH+oSPyxYf81gzG9Lr2CLLmD8Es28kJcfXZIo >+e9FCokpywgrSOlRB4mVn5mcm0HiZ0n/QpzATIH2tDRwX4r+QCuh3JS2GPz8iHN2DbVue1tp9PVo >Ohg= >-----END CERTIFICATE----- >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=12&op=next&xml=true&subsystem=-----BEGIN+CERTIFICATE-----%0AMIIDejCCAmKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x%0AHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw%0AODU2MDJaMC4xFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEVMBMGA1UEAxMMQ0EgU3Vic3lzdGVtMIIB%0AIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMuFDDHVrbazLeKZKStgOcCtmtmB7CaNASW9%0AKGJvHcm74dEe85pnQjZ37qN6z3Ob%2FY%2F%2FkzIe5KIvwGQkNcIAGxvLt%2BHVNOZUtBQCCttByW%2B4xPrj%0AIzCikJt5PO0X3mV1m%2F30DTw6qp7Q55x2xsK7IbZ84dzhuPK3OiZUQeL7o8XGLwyTt38c0Xw%2BM8xi%0AdFd2E2YLkSqI62rjRzYIiwkn7LDfEsPgRsP8XFuzWGSVcUmRI6VjYQWboW2OhFxCKovo9uasyQg9%0As%2BVhCcyuvONjEyQxOlbuW156JutoDKrL82izbOtaH8bcMrAVm0v3xcr1eyT9iL5cezi3aZ7tD%2Bzz%0AmwIDAQABo4GZMIGWMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n%2BTMhPXAWMEQGCCsGAQUFBwEB%0ABDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0cmVsbS5jb206ODAvY2Evb2Nz%0AcDAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3%0ADQEBCwUAA4IBAQA%2FmGJEhgoOQ2gIDP5hCGJzTtV8iXBOgALV41B6BeGPdCHYRTz7wZP1aTRdEllt%0A2ZCzG%2BCQhUUV7FWkxo7bMFk4isWMs3g5gmY52q%2B5N%2Fl%2BTCtPsT%2BygfUYCieJwtLBDm%2Fn8egBw72y%0AJswnXbw4Yi%2Fj3itzLcu5NjdP%2BAV0dx7gv1OIpoJ%2B4GqrwwoWJv9X8a6KTwwgnfeQE1CCBIbhOGPK%0AnZ6kXbTYk55gSLg4UI%2FrhFcD5P0cyjG8Ui%2BYrERVq2MP3c%2Foe5Xx8rpw5QbDuv5Az6HfSqcNHeml%0AZiwwVAdEdgQ7m3Zq9%2FdBweizYYJTKiKBRzQ5ESz9nM7Su%2F9FIV1g%0A-----END+CERTIFICATE-----&subsystem_cc=&ocsp_signing=-----BEGIN+CERTIFICATE-----%0AMIIDcjCCAlqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x%0AHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDFaFw0xNTAxMDYw%0AODU2MDFaMDAxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEXMBUGA1UEAxMOT0NTUCBTdWJzeXN0ZW0w%0AggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtwSSMRFExp5FXEbcK6Qn15y%2FER%2F%2BMu9iq%0AjpfACZofmgh%2BCcz28%2B1JOlez7ugSCrkUB%2B2vR4yHSZ5uxH6nRzDxWhAlWZWoDFcYpSBfq9OEk1Dc%0AUc0ct1Edkz5tGrnffP8nJ3iHH3ubIjyDTSjQxcH88GY5A3nf8tGfr7qWsBQrSxXEAZY9GiDXd94b%0AOHHXzX%2BHzHT8EVJNH5ijMLYV3XvRELBC51%2BnBxkVJQcwIu%2BWrLSPX8ZXgoiM0mLhuWgDeew2hAJ8%0Af26dzSGj0FGqZXV5%2BOwJ21QyQ4eAN6FB3j2cyy2A3vNfK%2B7rkgPC0dK5KKOuPD7HJL2l527Oaies%0A%2FjMrAgMBAAGjgY8wgYwwHwYDVR0jBBgwFoAUQ9403arXptkzDLAdDif5MyE9cBYwDgYDVR0PAQH%2F%0ABAQDAgHGMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAYYoaHR0cDovL3NpZGVzd2lwZS50ZXN0%0AcmVsbS5jb206ODAvY2Evb2NzcDATBgNVHSUEDDAKBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOC%0AAQEAd3SjxNfLUkTkvuFH%2FmIyMLoq60mcuU9I0rVs0NNMw07dfBZ%2BrgWGaowHZq7L7JrvElAQ2V7e%0A5k7G0ZhARYrOOBzywrTLtRDxxy29OEsDLRRrc3p1GhKWUeldmKeQdXnqfueJSrpXFlZuHHnhVdV8%0A5HS8kIJ35xe1XCsGhIb5S52JwxUf87JjknPc9RZEwkltMWrz9SLjMTcp90pL5wI6MtdsHUzVgcaJ%0A9yJLbTRYkOcFy04XForxGODGawhbqrU8y18Pc3Y57lQJcs8rXeDHt%2BdN0t9XmsmnJDtmwS1WEJO8%0AZCLDR7MenZpJdTfZT0rYfGIaJHyUHALJThXWDKdd8A%3D%3D%0A-----END+CERTIFICATE-----&ocsp_signing_cc=&signing=-----BEGIN+CERTIFICATE-----%0AMIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x%0AHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU1NThaFw0zMzAxMTYw%0AODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0%0AaG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK%2BGG4O%0AY%2Ft1Q5hvgV6ds%2BC6nALxpWTWBXTy3S1qsaR93p%2B8zswuKi81jQrPXwIjvRlNIg1lbi%2BL%2FlFptLtN%0AeKp8%2Bf%2FAoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMNWn3ooFiD%0AuIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6wtGie8%2F9CkVyUtfpx41%2F%0AeWCACFvT7IIfcrvYr5o%2FWzQlHnANUajaU8sk%2FJ2MLBNfunO3otaLcFV53FWASUXwRbnsI2PpDbD4%0APoEV%2BKAxWKyKZwIDAQABo4GqMIGnMB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n%2BTMhPXAWMA8G%0AA1UdEwEB%2FwQFMAMBAf8wDgYDVR0PAQH%2FBAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ%2Fkz%0AIT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJl%0AbG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd%2ByFiOgzVQyaxXre3epPftM4%0A5CaTwRD7Dg4o%2FxwCVbQ9htw%2BGN7iVLcceBYKxzr6oXde%2BbZATF%2FAsnUUAmUbUNWXe41Qi0TiJfxZ%0AiJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn39flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrW%0Aj4eJMyXU8NpH6%2FG1efw6e%2Fd1%2FxKHl6au4jWqpfxqdVF025Bb%2FgJiRk6J7GXAdMY06V9iZlDpwxk2%0A3FDPNwymwPvHHDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5%2Bp71ROmt3Xo6rr%0AaCqIcnVWUt4%3D%0A-----END+CERTIFICATE-----&signing_cc=&audit_signing=-----BEGIN+CERTIFICATE-----%0AMIIDVTCCAj2gAwIBAgIBBTANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x%0AHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDNaFw0xNTAxMDYw%0AODU2MDNaMCoxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTERMA8GA1UEAxMIQ0EgQXVkaXQwggEiMA0G%0ACSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLNFv2EqH3xsdMcZF%2FBtsoPs8otvV91bMJr2D9%2Bcty%0A7LnxZ%2Bmj8GmDkKgYRcqmWy%2BM1a%2FmiVQ%2FWQtv8W15qrdrPo2q5EpTVrArw1cI7rwxOSIoI%2Fh86t6t%0AMDesnmvbc9YLORvCfi%2FGSV70kjxHeqeaTrhPBMpxYDtqxA1PL8akgheQFsOW%2Bk%2FsDZjrP7HMfgqD%0ARhNsMbfKAVynVQ7IcOSzaqYEus0fKcA0dPOM2TBZPX9nd8upBwj8OGaNwOn34%2BjiTUOQbH0Jzid7%0AfEKUuwdg5MI7xmyOCawf7jaVCg1E3CbqnRu1GHyjOH3T2pEZ4LQmYgIp5ZeMjxVe4Bj1eZUhAgMB%0AAAGjeTB3MB8GA1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n%2BTMhPXAWMA4GA1UdDwEB%2FwQEAwIGwDBE%0ABggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t%0AOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAJIEUliu%2Be2ssxryNvbm0dHvl57%2BvYtB0h0Q%0AhobvtaH%2FoaJ7g21dXqLHcn8W9xfY8JaCOT5pbI7SlFAhCGDxowfThvtOjVC5apHeYjar0kAXdPk7%0A%2BTrbTXeIGWNQ6V3HuZyygBQaOIQf6VR1Z%2BSXT7ycOtHZqj94J%2FMxCQBpSSaDv8CQkbSfYlfu631f%0AN%2BBDJVmqMeRQ2yniOe%2Bp0CNSEX57JzNkt4QS7qnsH%2BoSPyxYf81gzG9Lr2CLLmD8Es28kJcfXZIo%0A%2Be9FCokpywgrSOlRB4mVn5mcm0HiZ0n%2FQpzATIH2tDRwX4r%2BQCuh3JS2GPz8iHN2DbVue1tp9PVo%0AOhg%3D%0A-----END+CERTIFICATE-----&audit_signing_cc=&sslserver=-----BEGIN+CERTIFICATE-----%0AMIIDejCCAmKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00x%0AHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAxMTYwODU2MDJaFw0xNTAxMDYw%0AODU2MDJaMDgxFTATBgNVBAoTDFRFU1RSRUxNLkNPTTEfMB0GA1UEAxMWc2lkZXN3aXBlLnRlc3Ry%0AZWxtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALGd%2BDH98Og%2FX80lwyGI97St%0AJnIlyqZmau%2FrnzF8sLWJ7zWweS85lzwIAydUYkAtvI4GLhvj1qOOdHz2SLPqr0%2FMnOOEB0uhoKHp%0ArPmwI9jGkwzwVtg44r3%2BXHIkzCIri64UehO6yV9JmPIndcbqCnU3u6BXX%2BFuCuURWSI5WaJvYB8O%0AqV4VvHG98rLxZncteV7Ii9oc0bEumJ1jx%2FfcNEyksCYLU9PkSKmfaQpRnyrAT1uimEJ0qZyFCDo%2B%0AIZXO2JyCl4jlGOWwoHruSNTbK%2BvQAZQsdeLDG%2BHvrUmt4yKmHgw0GSmF2Vdm5taA2gFcBFqQQVu%2B%0AnUGt%2ByMlFEgAOCcCAwEAAaOBjzCBjDAfBgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ%2FkzIT1wFjBE%0ABggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29t%0AOjgwL2NhL29jc3AwDgYDVR0PAQH%2FBAQDAgTwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3%0ADQEBCwUAA4IBAQBEKWDkxmYgaUosCd5%2FKDH1HsTsH2F0ukw%2FCGvlHbVbSvzdmcLRssngHDtqLEkA%0AKJDiT5Ik6RyBu9jW3aQUc9uqitGyb53xtaQgdnsTofjzVRwD4%2BbRzGu6qKAVeL%2FIjILAkr7D1uvl%0AwXgk74C%2BF22eloUjubhysltqaCH%2F5sGazLu8AWEbL6fAS%2B4Fv3VOQOolmFmdYNKcm%2Bg9Eh9EGPVB%0A3DUPrDC72pAfgFNzyCF7n9MNZv8W46u0cLzDv0dK%2Frk9VOtbWm2GO6Gk5wQ8UqnSiwLr4qNgnXI5%0AiySmlM4matPLcrwaBFNilvHToaKdrH%2Fdfvpj6hOkA670xpza3eDE%0A-----END+CERTIFICATE-----&sslserver_cc= >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:03 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/backupkeycertpanel.vm</panel> > <res/> > <showApplyButton/> > <pwdagain/> > <updateStatus>success</updateStatus> > <dobackup/> > <errorString/> > <size>19</size> > <title>Export Keys and Certificates</title> > <pwd/> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <nobackup>checked</nobackup> > <p>13</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>backupkeys</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=13&op=next&xml=true&choice=backupkey&__pwd=XXXXXXXX&__pwdagain=XXXXXXXX >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:04 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/savepkcs12panel.vm</panel> > <res/> > <subsystemtype>ca</subsystemtype> > <showApplyButton/> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <title>Save Keys and Certificates</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <name>CA Setup Wizard</name> > <p>14</p> > <req/> > <panelname>savepk12</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/savepkcs12? >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/x-pkcs12 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:04 GMT >RESPONSE HEADER: Connection: close >Decoded PFX >Version: 3 >AuthSafes has 2 SafeContents >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=14&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:04 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/importcachainpanel.vm</panel> > <machineName>sideswipe.testrelm.com</machineName> > <res/> > <showApplyButton/> > <ca>true</ca> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <https_port>9444</https_port> > <title>Import CA's Certificate Chain</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>15</p> > <name>CA Setup Wizard</name> > <import>true</import> > <http_port>9180</http_port> > <req/> > <panelname>importcachain</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=15&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:04 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/adminpanel.vm</panel> > <res/> > <showApplyButton/> > <ca>true</ca> > <admin_pwd/> > <caType>sdca</caType> > <admin_pwd_again/> > <updateStatus>success</updateStatus> > <admin_name>CA Administrator of Instance pki-ca</admin_name> > <admin_email/> > <securityDomain>IPA</securityDomain> > <errorString/> > <info/> > <size>19</size> > <title>Administrator</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>16</p> > <name>CA Setup Wizard</name> > <import>true</import> > <req/> > <panelname>admin</panelname> > <admin_uid>admin</admin_uid> ></response> >CRYPTO INIT WITH CERTDB:/tmp/tmp-2bMSnp >Crypto manager already initialized >Debug : initialize crypto Manager >INITIALIZATION ERROR: org.mozilla.jss.crypto.AlreadyInitializedException >cdir = /tmp/tmp-2bMSnp >Debug : before getInstance >Debug : before get token >Debug : before login password >Debug : after login password >64-bit osutil library loaded >CRMF_REQUEST = MIIBdDCCAXAwggFkAgEBMIIBW4ABAqUwMC4xFTATBgNVBAoTDFRFU1RSRUxNLkNP >TTEVMBMGA1UEAxMMaXBhLWNhLWFnZW50poIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A >MIIBCgKCAQEAwK5pxVaVirOGVXaqgDKfXPCXJirA2G+totrVcydJwMW7326+yg9A >FhCbuDuc/oUvoaByn4whFh39lhC2m2GC4Uo1z/E7hkFMYQsKuuV+aTiv5P8BJXp0 >L6tQo0DcuDz2YWXjhM90gUFpEMUt/Xv2+fnjn3/yyiIHZIw31LJVHbIx1GLm+fev >+0yNP0aaKlkn770UThMJqE4A3W2eOdYiYaW5AoyQ03QkipUjs52ViZTluJitNy5p >zUoMqlHfWMN5DBmodSk3HW+rZSoQZcoIlqm2wYRzpH6uzOKxlverLQIbbwht7l4S >HPFtmGFzkortekNvlTJpM0lkWmcFpiRTHQIDAQABMACiBoAEAwADAA== >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=16&op=next&xml=true&cert_request_type=crmf&uid=admin&name=admin&__pwd=XXXXXXXX&__admin_password_again=XXXXXXXX&profileId=caAdminCert&email=root%40localhost&cert_request=MIIBdDCCAXAwggFkAgEBMIIBW4ABAqUwMC4xFTATBgNVBAoTDFRFU1RSRUxNLkNP%0D%0ATTEVMBMGA1UEAxMMaXBhLWNhLWFnZW50poIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A%0D%0AMIIBCgKCAQEAwK5pxVaVirOGVXaqgDKfXPCXJirA2G%2BtotrVcydJwMW7326%2Byg9A%0D%0AFhCbuDuc%2FoUvoaByn4whFh39lhC2m2GC4Uo1z%2FE7hkFMYQsKuuV%2BaTiv5P8BJXp0%0D%0AL6tQo0DcuDz2YWXjhM90gUFpEMUt%2FXv2%2Bfnjn3%2FyyiIHZIw31LJVHbIx1GLm%2Bfev%0D%0A%2B0yNP0aaKlkn770UThMJqE4A3W2eOdYiYaW5AoyQ03QkipUjs52ViZTluJitNy5p%0D%0AzUoMqlHfWMN5DBmodSk3HW%2BrZSoQZcoIlqm2wYRzpH6uzOKxlverLQIbbwht7l4S%0D%0AHPFtmGFzkortekNvlTJpM0lkWmcFpiRTHQIDAQABMACiBoAEAwADAA%3D%3D&subject=CN%3Dipa-ca-agent%2CO%3DTESTRELM.COM&clone=new&import=true&securitydomain=IPA >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:06 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/importadmincertpanel.vm</panel> > <res/> > <showApplyButton/> > <admin_pwd>XXXXXXXX</admin_pwd> > <ca>true</ca> > <caPort>9445</caPort> > <admin_pwd_again>XXXXXXXX</admin_pwd_again> > <caType>sdca</caType> > <updateStatus>success</updateStatus> > <serialNumber>6</serialNumber> > <admin_email>root@localhost</admin_email> > <admin_name>admin</admin_name> > <errorString/> > <size>19</size> > <info/> > <caHost>sideswipe.testrelm.com</caHost> > <title>Import Administrator's Certificate</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>17</p> > <name>CA Setup Wizard</name> > <import>true</import> > <pkcs7>MIIHRQYJKoZIhvcNAQcCoIIHNjCCBzICAQExADAPBgkqhkiG9w0BBwGgAgQAoIIHFjCCA3owggJioAMCAQICAQYwDQYJKoZIhvcNAQELBQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMwMTE2MDg1NjA2WhcNMTUwMTA2MDg1NjA2WjAuMRUwEwYDVQQKEwxURVNUUkVMTS5DT00xFTATBgNVBAMTDGlwYS1jYS1hZ2VudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCuacVWlYqzhlV2qoAyn1zwlyYqwNhvraLa1XMnScDFu99uvsoPQBYQm7g7nP6FL6Ggcp+MIRYd/ZYQtpthguFKNc/xO4ZBTGELCrrlfmk4r+T/ASV6dC+rUKNA3Lg89mFl44TPdIFBaRDFLf179vn5459/8soiB2SMN9SyVR2yMdRi5vn3r/tMjT9GmipZJ++9FE4TCahOAN1tnjnWImGluQKMkNN0JIqVI7OdlYmU5biYrTcuac1KDKpR31jDeQwZqHUpNx1vq2UqEGXKCJaptsGEc6R+rszisZb3qy0CG28Ibe5eEhzxbZhhc5KK7XpDb5UyaTNJZFpnBaYkUx0CAwEAAaOBmTCBljAfBgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29tOjgwL2NhL29jc3AwDgYDVR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAQEApWvw/dydqnaDeMkkPSP+Zh8Wbq3EMXwLw/VhEa4TFUcftapdHtkUDfw8ugx6SaO10kdPRma+GF7xWomX70GKe/LEavVi0OPOZ58zoI5GtWd+/W/OAHf3dt0quKnt7hu2KAsVJzVBth+g8ZWUQj8F5XJPLsGz5tyNOuZHoo9eb/1oMG8huqvj7ZFvO8YoP8rmEyxCtw8ouF7aLWmFtXWEezDGQ1OSNp27JjdGN7KPY/34XFsudN6eMxmMacdE8wEWd3xwcnQhbVAztlb7CeSYOuWoWCvNX5/R3zi0Y6KfbjCEBtQTC9GQtcAowEizex+13lb7Znai7w5vCkFKtjtBcTCCA5QwggJ8oAMCAQICAQEwDQYJKoZIhvcNAQELBQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMwMTE2MDg1NTU4WhcNMzMwMTE2MDg1NTU4WjA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALLEJRHBmM6iujNrGvayvhhuDmP7dUOYb4FenbPgupwC8aVk1gV08t0tarGkfd6fvM7MLiovNY0Kz18CI70ZTSINZW4vi/5RabS7TXiqfPn/wKE8KLMDkJxASntAASawriE8AMJq4SbFQW17OLtxq9+zFuhGeIszmNtFWQ8TDVp96KBYg7iM5Jstr0BE9FupFBhK0os1SSscNqh2TS30RdfTY7uYq3xOL2R7IJ4X+sLRonvP/QpFclLX6ceNf3lggAhb0+yCH3K72K+aP1s0JR5wDVGo2lPLJPydjCwTX7pzt6LWi3BVedxVgElF8EW57CNj6Q2w+D6BFfigMVisimcCAwEAAaOBqjCBpzAfBgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ/kzIT1wFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQUQ9403arXptkzDLAdDif5MyE9cBYwRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzABhihodHRwOi8vc2lkZXN3aXBlLnRlc3RyZWxtLmNvbTo4MC9jYS9vY3NwMA0GCSqGSIb3DQEBCwUAA4IBAQCkIXfshYjoM1UMmsV63t3qT37TOOQmk8EQ+w4OKP8cAlW0PYbcPhje4lS3HHgWCsc6+qF3Xvm2QExfwLJ1FAJlG1DVl3uNUItE4iX8WYiWuwlzcS7k789V26t7lOuF7XWzzNSYpTxJ9/X5ZjQvZtxji1LgBE+uHnRDE2JHQ4WUrTrVkikK1o+HiTMl1PDaR+vxtXn8Onv3df8Sh5emruI1qqX8anVRdNuQW/4CYkZOiexlwHTGNOlfYmZQ6cMZNtxQzzcMpsD7xxwwXdcszPZjJvALp5UEZyGZjXRUhTQ+rcmOfMNUl0ZLTaXLsLefqe9UTprd16Oq62gqiHJ1VlLeMQA=</pkcs7> > <req/> > <panelname>importadmincert</panelname> ></response> >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/ca/getBySerial?&serialNumber=6&importCert=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/x-x509-user-cert >RESPONSE HEADER: Content-Length: 1865 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:06 GMT >RESPONSE HEADER: Connection: keep-alive >Cert to Import =MIIHRQYJKoZIhvcNAQcCoIIHNjCCBzICAQExADAPBgkqhkiG9w0BBwGgAgQAoIIH >FjCCA3owggJioAMCAQICAQYwDQYJKoZIhvcNAQELBQAwNzEVMBMGA1UEChMMVEVT >VFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMw >MTE2MDg1NjA2WhcNMTUwMTA2MDg1NjA2WjAuMRUwEwYDVQQKEwxURVNUUkVMTS5D >T00xFTATBgNVBAMTDGlwYS1jYS1hZ2VudDCCASIwDQYJKoZIhvcNAQEBBQADggEP >ADCCAQoCggEBAMCuacVWlYqzhlV2qoAyn1zwlyYqwNhvraLa1XMnScDFu99uvsoP >QBYQm7g7nP6FL6Ggcp+MIRYd/ZYQtpthguFKNc/xO4ZBTGELCrrlfmk4r+T/ASV6 >dC+rUKNA3Lg89mFl44TPdIFBaRDFLf179vn5459/8soiB2SMN9SyVR2yMdRi5vn3 >r/tMjT9GmipZJ++9FE4TCahOAN1tnjnWImGluQKMkNN0JIqVI7OdlYmU5biYrTcu >ac1KDKpR31jDeQwZqHUpNx1vq2UqEGXKCJaptsGEc6R+rszisZb3qy0CG28Ibe5e >EhzxbZhhc5KK7XpDb5UyaTNJZFpnBaYkUx0CAwEAAaOBmTCBljAfBgNVHSMEGDAW >gBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUH >MAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29tOjgwL2NhL29jc3AwDgYD >VR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkq >hkiG9w0BAQsFAAOCAQEApWvw/dydqnaDeMkkPSP+Zh8Wbq3EMXwLw/VhEa4TFUcf >tapdHtkUDfw8ugx6SaO10kdPRma+GF7xWomX70GKe/LEavVi0OPOZ58zoI5GtWd+ >/W/OAHf3dt0quKnt7hu2KAsVJzVBth+g8ZWUQj8F5XJPLsGz5tyNOuZHoo9eb/1o >MG8huqvj7ZFvO8YoP8rmEyxCtw8ouF7aLWmFtXWEezDGQ1OSNp27JjdGN7KPY/34 >XFsudN6eMxmMacdE8wEWd3xwcnQhbVAztlb7CeSYOuWoWCvNX5/R3zi0Y6KfbjCE >BtQTC9GQtcAowEizex+13lb7Znai7w5vCkFKtjtBcTCCA5QwggJ8oAMCAQICAQEw >DQYJKoZIhvcNAQELBQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQD >ExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMwMTE2MDg1NTU4WhcNMzMwMTE2 >MDg1NTU4WjA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00xHjAcBgNVBAMTFUNlcnRp >ZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB >ALLEJRHBmM6iujNrGvayvhhuDmP7dUOYb4FenbPgupwC8aVk1gV08t0tarGkfd6f >vM7MLiovNY0Kz18CI70ZTSINZW4vi/5RabS7TXiqfPn/wKE8KLMDkJxASntAASaw >riE8AMJq4SbFQW17OLtxq9+zFuhGeIszmNtFWQ8TDVp96KBYg7iM5Jstr0BE9Fup >FBhK0os1SSscNqh2TS30RdfTY7uYq3xOL2R7IJ4X+sLRonvP/QpFclLX6ceNf3lg >gAhb0+yCH3K72K+aP1s0JR5wDVGo2lPLJPydjCwTX7pzt6LWi3BVedxVgElF8EW5 >7CNj6Q2w+D6BFfigMVisimcCAwEAAaOBqjCBpzAfBgNVHSMEGDAWgBRD3jTdqtem >2TMMsB0OJ/kzIT1wFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAd >BgNVHQ4EFgQUQ9403arXptkzDLAdDif5MyE9cBYwRAYIKwYBBQUHAQEEODA2MDQG >CCsGAQUFBzABhihodHRwOi8vc2lkZXN3aXBlLnRlc3RyZWxtLmNvbTo4MC9jYS9v >Y3NwMA0GCSqGSIb3DQEBCwUAA4IBAQCkIXfshYjoM1UMmsV63t3qT37TOOQmk8EQ >+w4OKP8cAlW0PYbcPhje4lS3HHgWCsc6+qF3Xvm2QExfwLJ1FAJlG1DVl3uNUItE >4iX8WYiWuwlzcS7k789V26t7lOuF7XWzzNSYpTxJ9/X5ZjQvZtxji1LgBE+uHnRD >E2JHQ4WUrTrVkikK1o+HiTMl1PDaR+vxtXn8Onv3df8Sh5emruI1qqX8anVRdNuQ >W/4CYkZOiexlwHTGNOlfYmZQ6cMZNtxQzzcMpsD7xxwwXdcszPZjJvALp5UEZyGZ >jXRUhTQ+rcmOfMNUl0ZLTaXLsLefqe9UTprd16Oq62gqiHJ1VlLeMQA= >Cert to Import =MIIHRQYJKoZIhvcNAQcCoIIHNjCCBzICAQExADAPBgkqhkiG9w0BBwGgAgQAoIIH >FjCCA3owggJioAMCAQICAQYwDQYJKoZIhvcNAQELBQAwNzEVMBMGA1UEChMMVEVT >VFJFTE0uQ09NMR4wHAYDVQQDExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMw >MTE2MDg1NjA2WhcNMTUwMTA2MDg1NjA2WjAuMRUwEwYDVQQKEwxURVNUUkVMTS5D >T00xFTATBgNVBAMTDGlwYS1jYS1hZ2VudDCCASIwDQYJKoZIhvcNAQEBBQADggEP >ADCCAQoCggEBAMCuacVWlYqzhlV2qoAyn1zwlyYqwNhvraLa1XMnScDFu99uvsoP >QBYQm7g7nP6FL6Ggcp+MIRYd/ZYQtpthguFKNc/xO4ZBTGELCrrlfmk4r+T/ASV6 >dC+rUKNA3Lg89mFl44TPdIFBaRDFLf179vn5459/8soiB2SMN9SyVR2yMdRi5vn3 >r/tMjT9GmipZJ++9FE4TCahOAN1tnjnWImGluQKMkNN0JIqVI7OdlYmU5biYrTcu >ac1KDKpR31jDeQwZqHUpNx1vq2UqEGXKCJaptsGEc6R+rszisZb3qy0CG28Ibe5e >EhzxbZhhc5KK7XpDb5UyaTNJZFpnBaYkUx0CAwEAAaOBmTCBljAfBgNVHSMEGDAW >gBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUH >MAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29tOjgwL2NhL29jc3AwDgYD >VR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkq >hkiG9w0BAQsFAAOCAQEApWvw/dydqnaDeMkkPSP+Zh8Wbq3EMXwLw/VhEa4TFUcf >tapdHtkUDfw8ugx6SaO10kdPRma+GF7xWomX70GKe/LEavVi0OPOZ58zoI5GtWd+ >/W/OAHf3dt0quKnt7hu2KAsVJzVBth+g8ZWUQj8F5XJPLsGz5tyNOuZHoo9eb/1o >MG8huqvj7ZFvO8YoP8rmEyxCtw8ouF7aLWmFtXWEezDGQ1OSNp27JjdGN7KPY/34 >XFsudN6eMxmMacdE8wEWd3xwcnQhbVAztlb7CeSYOuWoWCvNX5/R3zi0Y6KfbjCE >BtQTC9GQtcAowEizex+13lb7Znai7w5vCkFKtjtBcTCCA5QwggJ8oAMCAQICAQEw >DQYJKoZIhvcNAQELBQAwNzEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR4wHAYDVQQD >ExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTMwMTE2MDg1NTU4WhcNMzMwMTE2 >MDg1NTU4WjA3MRUwEwYDVQQKEwxURVNUUkVMTS5DT00xHjAcBgNVBAMTFUNlcnRp >ZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB >ALLEJRHBmM6iujNrGvayvhhuDmP7dUOYb4FenbPgupwC8aVk1gV08t0tarGkfd6f >vM7MLiovNY0Kz18CI70ZTSINZW4vi/5RabS7TXiqfPn/wKE8KLMDkJxASntAASaw >riE8AMJq4SbFQW17OLtxq9+zFuhGeIszmNtFWQ8TDVp96KBYg7iM5Jstr0BE9Fup >FBhK0os1SSscNqh2TS30RdfTY7uYq3xOL2R7IJ4X+sLRonvP/QpFclLX6ceNf3lg >gAhb0+yCH3K72K+aP1s0JR5wDVGo2lPLJPydjCwTX7pzt6LWi3BVedxVgElF8EW5 >7CNj6Q2w+D6BFfigMVisimcCAwEAAaOBqjCBpzAfBgNVHSMEGDAWgBRD3jTdqtem >2TMMsB0OJ/kzIT1wFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAd >BgNVHQ4EFgQUQ9403arXptkzDLAdDif5MyE9cBYwRAYIKwYBBQUHAQEEODA2MDQG >CCsGAQUFBzABhihodHRwOi8vc2lkZXN3aXBlLnRlc3RyZWxtLmNvbTo4MC9jYS9v >Y3NwMA0GCSqGSIb3DQEBCwUAA4IBAQCkIXfshYjoM1UMmsV63t3qT37TOOQmk8EQ >+w4OKP8cAlW0PYbcPhje4lS3HHgWCsc6+qF3Xvm2QExfwLJ1FAJlG1DVl3uNUItE >4iX8WYiWuwlzcS7k789V26t7lOuF7XWzzNSYpTxJ9/X5ZjQvZtxji1LgBE+uHnRD >E2JHQ4WUrTrVkikK1o+HiTMl1PDaR+vxtXn8Onv3df8Sh5emruI1qqX8anVRdNuQ >W/4CYkZOiexlwHTGNOlfYmZQ6cMZNtxQzzcMpsD7xxwwXdcszPZjJvALp5UEZyGZ >jXRUhTQ+rcmOfMNUl0ZLTaXLsLefqe9UTprd16Oq62gqiHJ1VlLeMQA= >CRYPTO INIT WITH CERTDB:/tmp/tmp-2bMSnp >Crypto manager already initialized >importCert string: importing with nickname: ipa-ca-agent >Already logged into to DB >SUCCESS: imported admin user cert >############################################# >Attempting to connect to: sideswipe.testrelm.com:9445 >Connected. >Posting Query = https://sideswipe.testrelm.com:9445//ca/admin/console/config/wizard?p=17&op=next&xml=true&caHost=%2F&caPort=%2F >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Wed, 16 Jan 2013 08:56:07 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <port>443</port> > <panel>admin/console/config/donepanel.vm</panel> > <res/> > <initCommand>/sbin/service pki-cad</initCommand> > <showApplyButton/> > <host>sideswipe.testrelm.com</host> > <ca>true</ca> > <systemType>ca</systemType> > <caType>sdca</caType> > <instanceId>pki-ca</instanceId> > <updateStatus>success</updateStatus> > <lastpanel/> > <errorString/> > <size>19</size> > <info/> > <title>Done</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <externalCA>true</externalCA> > <p>18</p> > <name>CA Setup Wizard</name> > <req/> > <panelname>done</panelname> > <csstate>1</csstate> ></response> >caHost=sideswipe.testrelm.com >caPort=443 >systemType=ca >Certificate System - CA Instance Configured. > >####################################################################### > >2013-01-16T08:56:07Z DEBUG stderr= >2013-01-16T08:56:07Z DEBUG completed creating ca instance >2013-01-16T08:56:07Z DEBUG duration: 27 seconds >2013-01-16T08:56:07Z DEBUG [4/21]: disabling nonces >2013-01-16T08:56:07Z DEBUG duration: 0 seconds >2013-01-16T08:56:07Z DEBUG [5/21]: creating CA agent PKCS#12 file in /root >2013-01-16T08:56:07Z DEBUG args=/usr/bin/pk12util -n ipa-ca-agent -o /root/ca-agent.p12 -d /tmp/tmp-2bMSnp -k /tmp/tmpraOIO6 -w /tmp/tmpraOIO6 >2013-01-16T08:56:07Z DEBUG stdout=pk12util: PKCS12 EXPORT SUCCESSFUL > >2013-01-16T08:56:07Z DEBUG stderr= >2013-01-16T08:56:07Z DEBUG duration: 0 seconds >2013-01-16T08:56:07Z DEBUG [6/21]: creating RA agent certificate database >2013-01-16T08:56:07Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -N >2013-01-16T08:56:07Z DEBUG stdout= >2013-01-16T08:56:07Z DEBUG stderr= >2013-01-16T08:56:07Z DEBUG duration: 0 seconds >2013-01-16T08:56:07Z DEBUG [7/21]: importing CA chain to RA certificate database >2013-01-16T08:56:07Z DEBUG args=/usr/bin/openssl pkcs7 -inform DER -print_certs >2013-01-16T08:56:07Z DEBUG stdout=subject=/O=TESTRELM.COM/CN=Certificate Authority >issuer=/O=TESTRELM.COM/CN=Certificate Authority >-----BEGIN CERTIFICATE----- >MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNU >UkVMTS5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAx >MTYwODU1NThaFw0zMzAxMTYwODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNP >TTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B >AQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK+GG4OY/t1Q5hvgV6ds+C6 >nALxpWTWBXTy3S1qsaR93p+8zswuKi81jQrPXwIjvRlNIg1lbi+L/lFptLtNeKp8 >+f/AoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMN >Wn3ooFiDuIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6 >wtGie8/9CkVyUtfpx41/eWCACFvT7IIfcrvYr5o/WzQlHnANUajaU8sk/J2MLBNf >unO3otaLcFV53FWASUXwRbnsI2PpDbD4PoEV+KAxWKyKZwIDAQABo4GqMIGnMB8G >A1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA8GA1UdEwEB/wQFMAMBAf8w >DgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVz >dHJlbG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd+yFiOgz >VQyaxXre3epPftM45CaTwRD7Dg4o/xwCVbQ9htw+GN7iVLcceBYKxzr6oXde+bZA >TF/AsnUUAmUbUNWXe41Qi0TiJfxZiJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn3 >9flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrWj4eJMyXU8NpH6/G1efw6e/d1 >/xKHl6au4jWqpfxqdVF025Bb/gJiRk6J7GXAdMY06V9iZlDpwxk23FDPNwymwPvH >HDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5+p71ROmt3Xo6rr >aCqIcnVWUt4= >-----END CERTIFICATE----- > > >2013-01-16T08:56:07Z DEBUG stderr= >2013-01-16T08:56:07Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -A -t CT,C,C -n TESTRELM.COM IPA CA -a -i /tmp/tmp4EfRmm >2013-01-16T08:56:07Z DEBUG stdout= >2013-01-16T08:56:07Z DEBUG stderr= >2013-01-16T08:56:07Z DEBUG duration: 0 seconds >2013-01-16T08:56:07Z DEBUG [8/21]: fixing RA database permissions >2013-01-16T08:56:07Z DEBUG duration: 0 seconds >2013-01-16T08:56:07Z DEBUG [9/21]: setting up signing cert profile >2013-01-16T08:56:07Z DEBUG duration: 0 seconds >2013-01-16T08:56:07Z DEBUG [10/21]: set up CRL publishing >2013-01-16T08:56:07Z DEBUG args=/usr/sbin/selinuxenabled >2013-01-16T08:56:07Z DEBUG stdout= >2013-01-16T08:56:07Z DEBUG stderr= >2013-01-16T08:56:08Z DEBUG args=/sbin/restorecon /var/lib/ipa/pki-ca/publish >2013-01-16T08:56:08Z DEBUG stdout= >2013-01-16T08:56:08Z DEBUG stderr= >2013-01-16T08:56:08Z DEBUG duration: 0 seconds >2013-01-16T08:56:08Z DEBUG [11/21]: set certificate subject base >2013-01-16T08:56:08Z DEBUG duration: 0 seconds >2013-01-16T08:56:08Z DEBUG [12/21]: enabling Subject Key Identifier >2013-01-16T08:56:08Z DEBUG duration: 0 seconds >2013-01-16T08:56:08Z DEBUG [13/21]: setting audit signing renewal to 2 years >2013-01-16T08:56:08Z DEBUG caSignedLogCert.cfg profile validity range is 720 >2013-01-16T08:56:08Z DEBUG duration: 0 seconds >2013-01-16T08:56:08Z DEBUG [14/21]: configuring certificate server to start on boot >2013-01-16T08:56:08Z DEBUG args=/sbin/chkconfig pki-cad >2013-01-16T08:56:08Z DEBUG stdout= >2013-01-16T08:56:08Z DEBUG stderr= >2013-01-16T08:56:08Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:56:08Z DEBUG duration: 0 seconds >2013-01-16T08:56:08Z DEBUG [15/21]: restarting certificate server >2013-01-16T08:56:43Z DEBUG args=/sbin/service pki-cad restart pki-ca >2013-01-16T08:56:43Z DEBUG stdout=Stopping pki-ca: [60G[[0;32m OK [0;39m] >Starting pki-ca: [60G[[0;32m OK [0;39m] > >2013-01-16T08:56:43Z DEBUG stderr= >2013-01-16T08:56:43Z DEBUG args=/sbin/service pki-cad status pki-ca >2013-01-16T08:56:43Z DEBUG stdout=pki-ca (pid 27054) is running...[60G[[0;32m OK [0;39m] > Unsecure Port = http://sideswipe.testrelm.com:9180/ca/ee/ca > Secure Agent Port = https://sideswipe.testrelm.com:9443/ca/agent/ca > Secure EE Port = https://sideswipe.testrelm.com:9444/ca/ee/ca > Secure Admin Port = https://sideswipe.testrelm.com:9445/ca/services > EE Client Auth Port = https://sideswipe.testrelm.com:9446/ca/eeca/ca > PKI Console Port = pkiconsole https://sideswipe.testrelm.com:9445/ca > Tomcat Port = 9701 (for shutdown) > > PKI Instance Name: pki-ca > > PKI Subsystem Type: Root CA (Security Domain) > > Registered PKI Security Domain Information: > ========================================================================== > Name: IPA > URL: https://sideswipe.testrelm.com:443 > ========================================================================== > >2013-01-16T08:56:43Z DEBUG stderr= >2013-01-16T08:56:43Z DEBUG wait_for_open_ports: localhost [9180, 9443, 9444] timeout 120 >2013-01-16T08:56:44Z DEBUG duration: 35 seconds >2013-01-16T08:56:44Z DEBUG [16/21]: requesting RA certificate from CA >2013-01-16T08:56:45Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -R -k rsa -g 2048 -s CN=IPA RA,O=TESTRELM.COM -z /tmp/tmpFqmlu3 -a >2013-01-16T08:56:45Z DEBUG stdout= >Certificate request generated by Netscape certutil >Phone: (not specified) > >Common Name: IPA RA >Email: (not specified) >Organization: TESTRELM.COM >State: (not specified) >Country: (not specified) > >-----BEGIN NEW CERTIFICATE REQUEST----- >MIICbTCCAVUCAQAwKDEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMQ8wDQYDVQQDEwZJ >UEEgUkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeSeAYSiJCZ6JL >2V5+qV532ShN+ZFTwVcAoSYRHGHvdyOeR408RcL5oAVaA/+yDEbZbXDYivNhUZcN >AJ6uDFMj4Ry2uAjyjDwnv+B42NsGxlBvzkd5jAWbz1aIN8TeAML5EwsHp5F/JHrn >oyNbfkVdJhW04NhiAKNYmVrsnSxT3rOIW5L2S9/7QUsogvxkBGT/9M0rlCqdVm/B >SmYcFADzzZqurXXdzip8qzWlbEuIjnjwUOJKL/BgvKM0jg/XmAN1tJp2Ne/HvzlG >kgMg7mCqKfdws2WLgc/IKw7Mb3Z4hjf0Ay9HRc5h+OshYGuP1wjxFtBF8HzYJNai >OzjuuOnlAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAnomiwLf7EAqbsossNdLh >IeWxCndipXLyYHZnl38R5eXBd98KGFMNnZ07wX4EcFaaurUgIkjArj05MmRlS2JL >lJtjJvkj+96CTdlDf4a3vUm1LI9VwrVScu5MYWdAGvJ2MoYdk81HNSCxmsWsjfXB >qCqggRJtM9sboGepdIRTe8fQ7PCx2y101AJierR+809UBkR9CNOtfc64NYtfquDI >nImvm2pA0lAcKf+1v44bRhOsPdbJ5GO+kO6BYI1QeU7GppY1HqkG5GYwXR4zIS5w >ceHXWL8ISmW2mIoTsZ50lR0wiyn+nkN76R2BZtxvGDhVBN5yKB0H0Dzt/vQERuKw >eA== >-----END NEW CERTIFICATE REQUEST----- > >2013-01-16T08:56:45Z DEBUG stderr= > >Generating key. This may take a few moments... > > >2013-01-16T08:56:48Z DEBUG duration: 4 seconds >2013-01-16T08:56:48Z DEBUG [17/21]: issuing RA agent certificate >2013-01-16T08:56:48Z DEBUG args=/usr/bin/certutil -d /tmp/tmp-2bMSnp -f XXXXXXXX -M -t CT,C,C -n Certificate Authority - TESTRELM.COM >2013-01-16T08:56:48Z DEBUG stdout= >2013-01-16T08:56:48Z DEBUG stderr= >2013-01-16T08:56:48Z DEBUG args=/usr/bin/sslget -v -n ipa-ca-agent -p XXXXXXXX -d /tmp/tmp-2bMSnp -r /ca/agent/ca/profileReview?requestId=7 sideswipe.testrelm.com:9443 >2013-01-16T08:56:48Z DEBUG stdout=HTTP/1.1 200 OK >Server: Apache-Coyote/1.1 >Content-Type: text/html;charset=UTF-8 >Date: Wed, 16 Jan 2013 08:56:48 GMT >Connection: close > ><!-- --- BEGIN COPYRIGHT BLOCK --- > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > --- END COPYRIGHT BLOCK --- --> ><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> ><html> ><script type="text/javascript"> >requestNotes=""; >requestType="enrollment"; >recordSet = new Array; >record = new Object; >record.conDesc="This constraint accepts the subject name that matches .*CN=.*"; >record.policyId="1"; >record.defListSet = new Array; >defList = new Object; >defList.defId="name"; >defList.defConstraint="null"; >defList.defName="Subject Name"; >defList.defSyntax="string"; >defList.defVal="CN=IPA RA,O=TESTRELM.COM"; >record.defListSet[0] = defList; >record.defDesc="This default populates a User-Supplied Certificate Subject Name to the request."; >recordSet[0] = record; >record = new Object; >record.conDesc="This constraint rejects the validity that is not between 720 days."; >record.policyId="2"; >record.defListSet = new Array; >defList = new Object; >defList.defId="notBefore"; >defList.defConstraint="null"; >defList.defName="Not Before"; >defList.defSyntax="string"; >defList.defVal="2013-01-16 14:26:48"; >record.defListSet[0] = defList; >defList = new Object; >defList.defId="notAfter"; >defList.defConstraint="null"; >defList.defName="Not After"; >defList.defSyntax="string"; >defList.defVal="2015-01-06 14:26:48"; >record.defListSet[1] = defList; >record.defDesc="This default populates a Certificate Validity to the request. The default values are Range=720 in days"; >recordSet[1] = record; >record = new Object; >record.conDesc="This constraint accepts the key only if Key Type=RSA, Key Parameters =1024,2048,3072,4096"; >record.policyId="3"; >record.defListSet = new Array; >defList = new Object; >defList.defId="TYPE"; >defList.defConstraint="readonly"; >defList.defName="Key Type"; >defList.defSyntax="string"; >defList.defVal="RSA - 1.2.840.113549.1.1.1"; >record.defListSet[0] = defList; >defList = new Object; >defList.defId="LEN"; >defList.defConstraint="readonly"; >defList.defName="Key Length"; >defList.defSyntax="string"; >defList.defVal="2048"; >record.defListSet[1] = defList; >defList = new Object; >defList.defId="KEY"; >defList.defConstraint="readonly"; >defList.defName="Key"; >defList.defSyntax="string"; >defList.defVal="30:82:01:0A:02:82:01:01:00:DE:49:E0:18:4A:22:42:\n67:A2:4B:D9:5E:7E:A9:5E:77:D9:28:4D:F9:91:53:C1:\n57:00:A1:26:11:1C:61:EF:77:23:9E:47:8D:3C:45:C2:\nF9:A0:05:5A:03:FF:B2:0C:46:D9:6D:70:D8:8A:F3:61:\n51:97:0D:00:9E:AE:0C:53:23:E1:1C:B6:B8:08:F2:8C:\n3C:27:BF:E0:78:D8:DB:06:C6:50:6F:CE:47:79:8C:05:\n9B:CF:56:88:37:C4:DE:00:C2:F9:13:0B:07:A7:91:7F:\n24:7A:E7:A3:23:5B:7E:45:5D:26:15:B4:E0:D8:62:00:\nA3:58:99:5A:EC:9D:2C:53:DE:B3:88:5B:92:F6:4B:DF:\nFB:41:4B:28:82:FC:64:04:64:FF:F4:CD:2B:94:2A:9D:\n56:6F:C1:4A:66:1C:14:00:F3:CD:9A:AE:AD:75:DD:CE:\n2A:7C:AB:35:A5:6C:4B:88:8E:78:F0:50:E2:4A:2F:F0:\n60:BC:A3:34:8E:0F:D7:98:03:75:B4:9A:76:35:EF:C7:\nBF:39:46:92:03:20:EE:60:AA:29:F7:70:B3:65:8B:81:\nCF:C8:2B:0E:CC:6F:76:78:86:37:F4:03:2F:47:45:CE:\n61:F8:EB:21:60:6B:8F:D7:08:F1:16:D0:45:F0:7C:D8:\n24:D6:A2:3B:38:EE:B8:E9:E5:02:03:01:00:01\n"; >record.defListSet[2] = defList; >record.defDesc="This default populates a User-Supplied Certificate Key to the request."; >recordSet[2] = record; >record = new Object; >record.conDesc="No Constraint"; >record.policyId="4"; >record.defListSet = new Array; >defList = new Object; >defList.defId="critical"; >defList.defConstraint="readonly"; >defList.defName="Criticality"; >defList.defSyntax="string"; >defList.defVal="false"; >record.defListSet[0] = defList; >defList = new Object; >defList.defId="keyid"; >defList.defConstraint="readonly"; >defList.defName="Key ID"; >defList.defSyntax="string"; >defList.defVal="43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33:\n21:3D:70:16\n"; >record.defListSet[1] = defList; >record.defDesc="This default populates an Authority Key Identifier Extension (2.5.29.35) to the request."; >recordSet[3] = record; >record = new Object; >record.conDesc="No Constraint"; >record.policyId="5"; >record.defListSet = new Array; >defList = new Object; >defList.defId="authInfoAccessCritical"; >defList.defConstraint="null"; >defList.defName="Criticality"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[0] = defList; >defList = new Object; >defList.defId="authInfoAccessGeneralNames"; >defList.defConstraint="null"; >defList.defName="General Names"; >defList.defSyntax="string_list"; >defList.defVal="Record #0\r\nMethod:1.3.6.1.5.5.7.48.1\r\nLocation Type:URIName\r\nLocation:http://sideswipe.testrelm.com:80/ca/ocsp\r\nEnable:true\r\n\r\n"; >record.defListSet[1] = defList; >record.defDesc="This default populates a Authority Info Access Extension (1.3.6.1.5.5.7.1.1) to the request. The default values are Criticality=false, Record #0{Method:1.3.6.1.5.5.7.48.1,Location Type:URIName,Location:,Enable:true}"; >recordSet[4] = record; >record = new Object; >record.conDesc="This constraint accepts the Key Usage extension, if present, only when Criticality=true, Digital Signature=true, Non-Repudiation=true, Key Encipherment=true, Data Encipherment=true, Key Agreement=false, Key Certificate Sign=false, Key CRL Sign=false, Encipher Only=false, Decipher Only=false"; >record.policyId="6"; >record.defListSet = new Array; >defList = new Object; >defList.defId="keyUsageCritical"; >defList.defConstraint="null"; >defList.defName="Criticality"; >defList.defSyntax="boolean"; >defList.defVal="true"; >record.defListSet[0] = defList; >defList = new Object; >defList.defId="keyUsageDigitalSignature"; >defList.defConstraint="null"; >defList.defName="Digital Signature"; >defList.defSyntax="boolean"; >defList.defVal="true"; >record.defListSet[1] = defList; >defList = new Object; >defList.defId="keyUsageNonRepudiation"; >defList.defConstraint="null"; >defList.defName="Non-Repudiation"; >defList.defSyntax="boolean"; >defList.defVal="true"; >record.defListSet[2] = defList; >defList = new Object; >defList.defId="keyUsageKeyEncipherment"; >defList.defConstraint="null"; >defList.defName="Key Encipherment"; >defList.defSyntax="boolean"; >defList.defVal="true"; >record.defListSet[3] = defList; >defList = new Object; >defList.defId="keyUsageDataEncipherment"; >defList.defConstraint="null"; >defList.defName="Data Encipherment"; >defList.defSyntax="boolean"; >defList.defVal="true"; >record.defListSet[4] = defList; >defList = new Object; >defList.defId="keyUsageKeyAgreement"; >defList.defConstraint="null"; >defList.defName="Key Agreement"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[5] = defList; >defList = new Object; >defList.defId="keyUsageKeyCertSign"; >defList.defConstraint="null"; >defList.defName="Key CertSign"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[6] = defList; >defList = new Object; >defList.defId="keyUsageCrlSign"; >defList.defConstraint="null"; >defList.defName="CRL Sign"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[7] = defList; >defList = new Object; >defList.defId="keyUsageEncipherOnly"; >defList.defConstraint="null"; >defList.defName="Encipher Only"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[8] = defList; >defList = new Object; >defList.defId="keyUsageDecipherOnly"; >defList.defConstraint="null"; >defList.defName="Decipher Only"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[9] = defList; >record.defDesc="This default populates a Key Usage Extension (2.5.29.15) to the request. The default values are Criticality=true, Digital Signature=true, Non-Repudiation=true, Key Encipherment=true, Data Encipherment=true, Key Agreement=false, Key Certificate Sign=false, Key CRL Sign=false, Encipher Only=false, Decipher Only=false"; >recordSet[5] = record; >record = new Object; >record.conDesc="No Constraint"; >record.policyId="7"; >record.defListSet = new Array; >defList = new Object; >defList.defId="exKeyUsageCritical"; >defList.defConstraint="null"; >defList.defName="Criticality"; >defList.defSyntax="boolean"; >defList.defVal="false"; >record.defListSet[0] = defList; >defList = new Object; >defList.defId="exKeyUsageOIDs"; >defList.defConstraint="null"; >defList.defName="Comma-Separated list of Object Identifiers"; >defList.defSyntax="string_list"; >defList.defVal="1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2"; >record.defListSet[1] = defList; >record.defDesc="This default populates an Extended Key Usage Extension () to the request. The default values are Criticality=false, OIDs=1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2"; >recordSet[6] = record; >record = new Object; >record.conDesc="This constraint accepts only the Signing Algorithms of SHA1withRSA,SHA256withRSA,SHA512withRSA,MD5withRSA,MD2withRSA,SHA1withDSA,SHA1withEC,SHA256withEC,SHA384withEC,SHA512withEC"; >record.policyId="8"; >record.defListSet = new Array; >defList = new Object; >defList.defId="signingAlg"; >defList.defConstraint="SHA1withRSA,SHA256withRSA,SHA512withRSA,MD5withRSA,MD2withRSA"; >defList.defName="Signing Algorithm"; >defList.defSyntax="choice"; >defList.defVal="SHA256withRSA"; >record.defListSet[0] = defList; >record.defDesc="This default populates the Certificate Signing Algorithm. The default values are Algorithm=SHA256withRSA"; >recordSet[7] = record; >profileDesc="This certificate profile is for enrolling server certificates."; >inputListSet = new Array; >inputList = new Object; >inputList.inputId="cert_request_type"; >inputList.inputName="Certificate Request Type"; >inputList.inputVal="pkcs10"; >inputList.inputSyntax="cert_request_type"; >inputList.inputConstraint="null"; >inputListSet[0] = inputList; >inputList = new Object; >inputList.inputId="cert_request"; >inputList.inputName="Certificate Request"; >inputList.inputVal="MIICbTCCAVUCAQAwKDEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMQ8wDQYDVQQDEwZJ\r\nUEEgUkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeSeAYSiJCZ6JL\r\n2V5+qV532ShN+ZFTwVcAoSYRHGHvdyOeR408RcL5oAVaA/+yDEbZbXDYivNhUZcN\r\nAJ6uDFMj4Ry2uAjyjDwnv+B42NsGxlBvzkd5jAWbz1aIN8TeAML5EwsHp5F/JHrn\r\noyNbfkVdJhW04NhiAKNYmVrsnSxT3rOIW5L2S9/7QUsogvxkBGT/9M0rlCqdVm/B\r\nSmYcFADzzZqurXXdzip8qzWlbEuIjnjwUOJKL/BgvKM0jg/XmAN1tJp2Ne/HvzlG\r\nkgMg7mCqKfdws2WLgc/IKw7Mb3Z4hjf0Ay9HRc5h+OshYGuP1wjxFtBF8HzYJNai\r\nOzjuuOnlAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAnomiwLf7EAqbsossNdLh\r\nIeWxCndipXLyYHZnl38R5eXBd98KGFMNnZ07wX4EcFaaurUgIkjArj05MmRlS2JL\r\nlJtjJvkj+96CTdlDf4a3vUm1LI9VwrVScu5MYWdAGvJ2MoYdk81HNSCxmsWsjfXB\r\nqCqggRJtM9sboGepdIRTe8fQ7PCx2y101AJierR+809UBkR9CNOtfc64NYtfquDI\r\nnImvm2pA0lAcKf+1v44bRhOsPdbJ5GO+kO6BYI1QeU7GppY1HqkG5GYwXR4zIS5w\r\nceHXWL8ISmW2mIoTsZ50lR0wiyn+nkN76R2BZtxvGDhVBN5yKB0H0Dzt/vQERuKw\r\neA==\n"; >inputList.inputSyntax="cert_request"; >inputList.inputConstraint="null"; >inputListSet[1] = inputList; >inputList = new Object; >inputList.inputId="requestor_name"; >inputList.inputName="Requestor Name"; >inputList.inputVal="IPA Installer"; >inputList.inputSyntax="string"; >inputList.inputConstraint="null"; >inputListSet[2] = inputList; >inputList = new Object; >inputList.inputId="requestor_email"; >inputList.inputName="Requestor Email"; >inputList.inputVal="null"; >inputList.inputSyntax="string"; >inputList.inputConstraint="null"; >inputListSet[3] = inputList; >inputList = new Object; >inputList.inputId="requestor_phone"; >inputList.inputName="Requestor Phone"; >inputList.inputVal="null"; >inputList.inputSyntax="string"; >inputList.inputConstraint="null"; >inputListSet[4] = inputList; >errorCode="0"; >requestModificationTime="Wed Jan 16 14:26:48 IST 2013"; >profileRemoteAddr="2620:52:0:41ce:5054:ff:fe3b:c68b"; >profileName="Manual Server Certificate Enrollment"; >profileApprovedBy="admin"; >requestOwner=""; >profileId="caServerCert"; >profileRemoteHost="2620:52:0:41ce:5054:ff:fe3b:c68b"; >profileIsVisible="true"; >requestId="7"; >errorReason=""; >requestStatus="pending"; >requestCreationTime="Wed Jan 16 14:26:48 IST 2013"; >outputListSet = new Array; >outputList = new Object; >outputList.outputId="pretty_cert"; >outputList.outputSyntax="pretty_print"; >outputList.outputVal="null"; >outputList.outputName="Certificate Pretty Print"; >outputList.outputConstraint="null"; >outputListSet[0] = outputList; >outputList = new Object; >outputList.outputId="b64_cert"; >outputList.outputSyntax="pretty_print"; >outputList.outputVal="null"; >outputList.outputName="Certificate Base-64 Encoded"; >outputList.outputConstraint="null"; >outputListSet[1] = outputList; >profileSetId="serverCertSet"; ></script> ><style> >TABLE { border-spacing: 0 0; } ></style> > ><script type="text/javascript"> >function escapeValue(value) >{ > return value.replace(/"/g,'"'); >} > >function addEscapes(str) >{ > var outStr = str.replace(/</g, "<"); > outStr = outStr.replace(/>/g, ">"); > return outStr; >} > >document.writeln('<font size="+1" face="PrimaSans BT, Verdana, sans-serif">Request '); >document.writeln(requestId); >document.writeln('<br></font>'); ></script> ><font size="-1" face="PrimaSans BT, Verdana, sans-serif"></font> ><table border="0" cellspacing="0" cellpadding="0" background="/ca/agent/graphics/hr.gif" >width="100%"> > <tr> > <td> </td> > </tr> ></table> ><p> ><script type="text/javascript"> >if (requestStatus == 'pending') { > document.writeln('<form method=post action="profileProcess">'); > document.writeln('<input type=hidden name=requestId value=' + requestId + '>'); >} >document.writeln('<p>'); >document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Request Information</FONT></TD></TR></TABLE>'); >document.writeln('<table border=1 width=100%>'); >document.writeln('<tr>'); >document.writeln('<td width=20%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request ID:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestId); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request Type:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestType); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request Status:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestStatus); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Requestor Host:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileRemoteHost); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Assigned To:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestOwner); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Creation Time:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestCreationTime); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Modification Time:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestModificationTime); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('</table>'); >document.writeln('<p>'); >document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Certificate Profile Information</FONT></TD></TR></TABLE>'); >document.writeln('<table border=1 width=100%>'); >document.writeln('<tr>'); >document.writeln('<td width=20%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Certificate Profile Id:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileId); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td width=20%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Approved By:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileApprovedBy); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Certificate Profile Name:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileName); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Certificate Profile Description:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileDesc); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('</table>'); >document.writeln('<p>'); >if (requestStatus != 'pending') { > document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Additional Notes</FONT></TD></TR></TABLE>'); > document.writeln('<table width=100% border=1>'); > document.writeln('<tr>'); > document.writeln('<td>'); > document.writeln(requestNotes); > document.writeln('</td>'); > document.writeln('</tr>'); > document.writeln('</table>'); > document.writeln('<p>'); >} >if (profileIsVisible == 'true') { >document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Certificate Profile Inputs</FONT></TD></TR></TABLE>'); >document.writeln('<table border=1 width=100%>'); >document.writeln('<tr>'); >document.writeln('<td width=20%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Id</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td width=40%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Input Names</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Input Values</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >for (var i = 0; i < inputListSet.length; i++) { > document.writeln('<tr>'); > document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(inputListSet[i].inputId); >document.writeln('</FONT>'); > document.writeln('</td>'); > document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(inputListSet[i].inputName); >document.writeln('</FONT>'); > document.writeln('</td>'); > document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(addEscapes(inputListSet[i].inputVal)); >document.writeln('</FONT>'); > document.writeln('</td>'); > document.writeln('</tr>'); >} >document.writeln('</table>'); >document.writeln('<p>'); >} >if (requestStatus == 'complete') { >document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Certificate Profile Outputs</FONT></TD></TR></TABLE>'); >for (var i = 0; i < outputListSet.length; i++) { > document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">' >); > document.writeln('<li>'); > document.writeln(outputListSet[i].outputName); > document.writeln('</FONT>'); > document.writeln('<p>'); > if (outputListSet[i].outputSyntax == 'string') { > document.writeln(outputListSet[i].outputVal); > } else if (outputListSet[i].outputSyntax == 'pretty_print') { > document.writeln('<pre>'); > document.writeln(outputListSet[i].outputVal); > document.writeln('</pre>'); > } else if (outputListSet[i].outputSyntax == 'der_b64') { > document.writeln('<pre>'); > document.writeln('-----BEGIN CERTIFICATE-----'); > document.writeln(outputListSet[i].outputVal); > document.writeln('-----END CERTIFICATE-----'); > document.writeln('</pre>'); > } > document.writeln('</p>'); >} >} >if (requestStatus == 'pending') { >document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Policy Information</FONT></TD></TR></TABLE>'); >document.writeln('<table>'); >document.writeln('<tr>'); >document.writeln('<td width=20%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Certificate Profile Set Id:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileSetId); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >document.writeln('</table>'); >document.writeln('<table border=1 width=100%>'); >document.writeln('<tr>'); >document.writeln('<td width=10%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>#</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td width=45%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Extensions / Fields</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td width=45%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Constraints</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >for (var i = 0; i < recordSet.length; i++) { > document.writeln('<tr valign=top>'); > document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(recordSet[i].policyId); >document.writeln('</FONT>'); > document.writeln('</td>'); > document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(recordSet[i].defDesc); >document.writeln('</FONT>'); > document.writeln('<p>'); > document.writeln('<table width=100%>'); > for (var j = 0; j < recordSet[i].defListSet.length; j++) { > document.writeln('<tr valign=top>'); > if (typeof(recordSet[i].defListSet[j].defName) != 'undefined') { > document.writeln('<td width=30%><i>'); > document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(recordSet[i].defListSet[j].defName + ':'); > document.writeln('</FONT>'); > document.writeln('</i></td>'); > document.writeln('<td width=70%>'); > if (recordSet[i].defListSet[j].defConstraint == 'readonly') { > document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(recordSet[i].defListSet[j].defVal); > document.writeln('</FONT>'); > } else { > if (recordSet[i].defListSet[j].defSyntax == 'string') { > document.writeln('<input size=32 type=text name="' + recordSet[i].defListSet[j].defId + '" value="' + escapeValue(recordSet[i].defListSet[j].defVal) + '">'); > } else if (recordSet[i].defListSet[j].defSyntax == 'string_list') { > document.writeln('<textarea cols=40 rows=5 name="' + recordSet[i].defListSet[j].defId + '">' + recordSet[i].defListSet[j].defVal + '</textarea>'); > } else if (recordSet[i].defListSet[j].defSyntax == 'integer') { > document.writeln('<input size=6 type=text name="' + recordSet[i].defListSet[j].defId + '" value="' + recordSet[i].defListSet[j].defVal + '">'); > } else if (recordSet[i].defListSet[j].defSyntax == 'image_url') { > document.writeln('<img border=0 src="' + recordSet[i].defListSet[j].defVal + '">'); > document.writeln('<input type=hidden name="' + recordSet[i].defListSet[j].defId + '" value="' + recordSet[i].defListSet[j].defVal + '">'); > } else if (recordSet[i].defListSet[j].defSyntax == 'choice') { > document.writeln('<select name="' + recordSet[i].defListSet[j].defId + '">'); > var c = recordSet[i].defListSet[j].defConstraint.split(','); > for(var k = 0; k < c.length; k++) { > if (recordSet[i].defListSet[j].defVal == c[k]) { > document.writeln('<option selected value=' + c[k] + '>'); > } else { > document.writeln('<option value=' + c[k] + '>'); > } > document.writeln(c[k]); > document.writeln('</option>'); > } > > document.writeln('</select>'); > } else if (recordSet[i].defListSet[j].defSyntax == 'boolean') { > document.writeln('<select name="' + recordSet[i].defListSet[j].defId + '">'); > if (recordSet[i].defListSet[j].defVal == 'true') { > document.writeln('<option selected value=true>true</option>'); > document.writeln('<option value=false>false</option>'); > } else { > document.writeln('<option value=true>true</option>'); > document.writeln('<option selected value=false>false</option>'); > } > document.writeln('</select>'); > } > } > document.writeln('</td>'); > } > document.writeln('</tr>'); > } > document.writeln('</table>'); > document.writeln('</td>'); > document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); > document.writeln(recordSet[i].conDesc); >document.writeln('</FONT>'); > document.writeln('</td>'); > document.writeln('</tr>'); >} // for >document.writeln('</table>'); >document.writeln('<p>'); >document.writeln('<TABLE width=100%><TR><TD valign="top" align="left" colspan="3" bgcolor="#e5e5e5"><FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">Additional Notes</FONT></TD></TR></TABLE>'); >document.writeln('<textarea cols=40 rows=5 name="requestNotes">' + requestNotes + '</textarea>'); >document.writeln('<p>'); > document.writeln('<SELECT NAME="op">'); > document.writeln('<OPTION VALUE="update">Update request</OPTION>'); > document.writeln('<OPTION VALUE="validate">Validate request</OPTION>'); > document.writeln('<OPTION SELECTED VALUE="approve">Approve request</OPTION>'); > document.writeln('<OPTION VALUE="reject">Reject request</OPTION>'); > document.writeln('<OPTION VALUE="cancel">Cancel request</OPTION>'); > document.writeln('<OPTION VALUE="assign">Assign request</OPTION>'); > document.writeln('<OPTION VALUE="unassign">Unassign request</OPTION>'); > document.writeln('</SELECT>'); >if (typeof(nonce) != "undefined") { > document.writeln("<INPUT TYPE=hidden name=nonce value=\"" + nonce +"\">"); >} >document.writeln('<input type=submit name=submit value=submit>'); >document.writeln('</form>'); >} // if ></script> ></html> > >Subject: CN=sideswipe.testrelm.com,O=TESTRELM.COM >Issuer : CN=Certificate Authority,O=TESTRELM.COM >bulk cipher AES-256, 256 secret key bits, 256 key bits, status: 1 > >2013-01-16T08:56:48Z DEBUG stderr=GET /ca/agent/ca/profileReview?requestId=7 HTTP/1.0 > >port: 9443 >addr='sideswipe.testrelm.com' >family='10' >-- SSL3: Server Certificate Validated. >Called mygetclientauthdata - nickname = ipa-ca-agent > mygetclientauthdata - cert = b885b0 > mygetclientauthdata - privkey = bcca90 >PR_Write wrote 55 bytes from bigBuf >bytes: [GET /ca/agent/ca/profileReview?requestId=7 HTTP/1.0 > >] >do_writes shutting down send socket >do_writes exiting with (failure = 0) >connection 1 read 9000 bytes (9000 total). >these bytes read: >connection 1 read 9000 bytes (18000 total). >these bytes read: >connection 1 read 9000 bytes (27000 total). >these bytes read: >connection 1 read 3400 bytes (30400 total). >these bytes read: >connection 1 read 30400 bytes total. ----------------------------- > >2013-01-16T08:56:49Z DEBUG args=/usr/bin/sslget -v -n ipa-ca-agent -p XXXXXXXX -d /tmp/tmp-2bMSnp -e exKeyUsageCritical=false&keyUsageEncipherOnly=false&keyUsageNonRepudiation=true&keyUsageDataEncipherment=true¬Before=2013-01-16+14%3A26%3A48&keyUsageCritical=true&submit=submit¬After=2015-01-06+14%3A26%3A48&requestId=7&signingAlg=SHA256withRSA&keyUsageDigitalSignature=true&authInfoAccessGeneralNames=Record+%230%0D%0AMethod%3A1.3.6.1.5.5.7.48.1%0D%0ALocation+Type%3AURIName%0D%0ALocation%3Ahttp%3A%2F%2Fsideswipe.testrelm.com%3A80%2Fca%2Focsp%0D%0AEnable%3Atrue%0D%0A%0D%0A&keyUsageKeyEncipherment=true&authInfoAccessCritical=false&name=CN%3DIPA+RA%2CO%3DTESTRELM.COM&requestNotes=&keyUsageCrlSign=false&exKeyUsageOIDs=1.3.6.1.5.5.7.3.1%2C1.3.6.1.5.5.7.3.2&keyUsageKeyAgreement=false&keyUsageKeyCertSign=false&keyUsageDecipherOnly=false&op=approve -r /ca/agent/ca/profileProcess sideswipe.testrelm.com:9443 >2013-01-16T08:56:49Z DEBUG stdout=HTTP/1.1 200 OK >Server: Apache-Coyote/1.1 >Content-Type: text/html;charset=UTF-8 >Date: Wed, 16 Jan 2013 08:56:48 GMT >Connection: close > ><!-- --- BEGIN COPYRIGHT BLOCK --- > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > --- END COPYRIGHT BLOCK --- --> ><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> ><html> ><script type="text/javascript"> >outputListSet = new Array; >outputList = new Object; >outputList.outputId="pretty_cert"; >outputList.outputSyntax="pretty_print"; >outputList.outputVal=" Certificate: \n Data: \n Version: v3\n Serial Number: 0x7\n Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11\n Issuer: CN=Certificate Authority,O=TESTRELM.COM\n Validity: \n Not Before: Wednesday, January 16, 2013 2:26:48 PM IST Asia/Kolkata\n Not After: Tuesday, January 6, 2015 2:26:48 PM IST Asia/Kolkata\n Subject: CN=IPA RA,O=TESTRELM.COM\n Subject Public Key Info: \n Algorithm: RSA - 1.2.840.113549.1.1.1\n Public Key: \n Exponent: 65537\n Public Key Modulus: (2048 bits) :\n DE:49:E0:18:4A:22:42:67:A2:4B:D9:5E:7E:A9:5E:77:\n D9:28:4D:F9:91:53:C1:57:00:A1:26:11:1C:61:EF:77:\n 23:9E:47:8D:3C:45:C2:F9:A0:05:5A:03:FF:B2:0C:46:\n D9:6D:70:D8:8A:F3:61:51:97:0D:00:9E:AE:0C:53:23:\n E1:1C:B6:B8:08:F2:8C:3C:27:BF:E0:78:D8:DB:06:C6:\n 50:6F:CE:47:79:8C:05:9B:CF:56:88:37:C4:DE:00:C2:\n F9:13:0B:07:A7:91:7F:24:7A:E7:A3:23:5B:7E:45:5D:\n 26:15:B4:E0:D8:62:00:A3:58:99:5A:EC:9D:2C:53:DE:\n B3:88:5B:92:F6:4B:DF:FB:41:4B:28:82:FC:64:04:64:\n FF:F4:CD:2B:94:2A:9D:56:6F:C1:4A:66:1C:14:00:F3:\n CD:9A:AE:AD:75:DD:CE:2A:7C:AB:35:A5:6C:4B:88:8E:\n 78:F0:50:E2:4A:2F:F0:60:BC:A3:34:8E:0F:D7:98:03:\n 75:B4:9A:76:35:EF:C7:BF:39:46:92:03:20:EE:60:AA:\n 29:F7:70:B3:65:8B:81:CF:C8:2B:0E:CC:6F:76:78:86:\n 37:F4:03:2F:47:45:CE:61:F8:EB:21:60:6B:8F:D7:08:\n F1:16:D0:45:F0:7C:D8:24:D6:A2:3B:38:EE:B8:E9:E5\n Extensions: \n Identifier: Authority Key Identifier - 2.5.29.35\n Critical: no \n Key Identifier: \n 43:DE:34:DD:AA:D7:A6:D9:33:0C:B0:1D:0E:27:F9:33:\n 21:3D:70:16\n Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1\n Critical: no \n Access Description: \n Method #0: ocsp\n Location #0: URIName: http://sideswipe.testrelm.com:80/ca/ocsp\n Identifier: Key Usage: - 2.5.29.15\n Critical: yes \n Key Usage: \n Digital Signature \n Non Repudiation \n Key Encipherment \n Data Encipherment \n Identifier: Extended Key Usage: - 2.5.29.37\n Critical: no \n Extended Key Usage: \n 1.3.6.1.5.5.7.3.1\n 1.3.6.1.5.5.7.3.2\n Signature: \n Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11\n Signature: \n 4B:90:2C:3F:1B:EF:A1:EE:7E:DD:C8:8F:39:2D:AD:7A:\n F1:6E:31:30:D7:C2:E4:D1:9B:4A:92:4C:06:FB:AF:94:\n 06:50:D3:C1:CA:B9:79:88:95:2F:C3:89:05:CB:91:D0:\n 4C:A6:A7:53:A3:94:EB:51:07:61:E4:5D:25:C5:FF:4D:\n 08:AC:ED:9E:BF:EA:76:18:BB:32:07:2E:74:0E:C3:50:\n B9:A0:22:29:78:4B:E7:B1:CE:FD:AE:1E:FC:4D:EC:0D:\n C5:16:9D:37:09:9E:17:81:9A:FA:EB:ED:98:FE:DF:30:\n C5:75:E8:B8:30:D2:7B:AD:82:55:F0:55:14:2B:2C:2C:\n 9F:84:FA:2C:FC:30:C5:F1:57:75:5A:A4:B1:11:B4:1E:\n AC:A2:87:1A:B5:9C:0A:F5:91:64:25:BA:90:EF:AF:93:\n A8:80:91:19:FB:E1:51:FA:07:4F:07:5D:99:C5:A0:6E:\n 19:97:0C:C3:BD:8D:63:C0:C8:8D:98:C8:60:BD:B5:7E:\n 18:0F:02:6E:CA:6C:38:76:5A:D6:D0:AA:82:30:5B:5F:\n A5:CE:39:3B:3C:05:A7:42:5D:8F:15:9A:FF:22:01:B5:\n 1A:13:D7:8D:B7:26:FC:CE:D5:EF:E9:7E:D2:76:55:BF:\n 98:66:9B:11:88:BB:A6:44:1A:DE:10:58:3D:E7:DC:C1\n FingerPrint\n MD2:\n 8A:48:19:A9:39:00:E2:66:51:C5:1F:85:C5:4E:DA:5B\n MD5:\n 05:97:73:66:3B:09:93:7A:E7:E0:26:9D:D7:C5:37:7F\n SHA1:\n F3:8F:40:2F:E8:E9:4A:AA:C3:E4:CB:D6:2A:1A:DA:CA:\n BC:54:17:03\n SHA256:\n A8:C6:FE:E7:0D:54:60:1B:76:2F:CE:0A:A7:74:B5:37:\n 31:5C:3D:9B:9B:68:39:7C:8E:D7:96:B3:64:5C:76:9E\n SHA512:\n EB:71:C0:69:FE:0B:22:9E:F2:E2:6F:24:A6:3F:7F:3E:\n 6C:55:C7:A5:EF:3F:8F:93:3A:A3:84:E0:89:3D:F3:87:\n 0E:58:11:3E:74:B2:69:F8:80:08:CA:B5:3C:60:6D:EB:\n 03:2B:AE:9F:3E:2D:27:7A:EB:FE:ED:D3:3E:37:69:8E\n"; >outputList.outputName="Certificate Pretty Print"; >outputList.outputConstraint="null"; >outputListSet[0] = outputList; >outputList = new Object; >outputList.outputId="b64_cert"; >outputList.outputSyntax="pretty_print"; >outputList.outputVal="-----BEGIN CERTIFICATE-----\nMIIDdDCCAlygAwIBAgIBBzANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNU\r\nUkVMTS5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAx\r\nMTYwODU2NDhaFw0xNTAxMDYwODU2NDhaMCgxFTATBgNVBAoTDFRFU1RSRUxNLkNP\r\nTTEPMA0GA1UEAxMGSVBBIFJBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\r\nAQEA3kngGEoiQmeiS9lefqled9koTfmRU8FXAKEmERxh73cjnkeNPEXC+aAFWgP/\r\nsgxG2W1w2IrzYVGXDQCergxTI+EctrgI8ow8J7/geNjbBsZQb85HeYwFm89WiDfE\r\n3gDC+RMLB6eRfyR656MjW35FXSYVtODYYgCjWJla7J0sU96ziFuS9kvf+0FLKIL8\r\nZARk//TNK5QqnVZvwUpmHBQA882arq113c4qfKs1pWxLiI548FDiSi/wYLyjNI4P\r\n15gDdbSadjXvx785RpIDIO5gqin3cLNli4HPyCsOzG92eIY39AMvR0XOYfjrIWBr\r\nj9cI8RbQRfB82CTWojs47rjp5QIDAQABo4GZMIGWMB8GA1UdIwQYMBaAFEPeNN2q\r\n16bZMwywHQ4n+TMhPXAWMEQGCCsGAQUFBwEBBDgwNjA0BggrBgEFBQcwAYYoaHR0\r\ncDovL3NpZGVzd2lwZS50ZXN0cmVsbS5jb206ODAvY2Evb2NzcDAOBgNVHQ8BAf8E\r\nBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEB\r\nCwUAA4IBAQBLkCw/G++h7n7dyI85La168W4xMNfC5NGbSpJMBvuvlAZQ08HKuXmI\r\nlS/DiQXLkdBMpqdTo5TrUQdh5F0lxf9NCKztnr/qdhi7MgcudA7DULmgIil4S+ex\r\nzv2uHvxN7A3FFp03CZ4XgZr66+2Y/t8wxXXouDDSe62CVfBVFCssLJ+E+iz8MMXx\r\nV3VapLERtB6soocatZwK9ZFkJbqQ76+TqICRGfvhUfoHTwddmcWgbhmXDMO9jWPA\r\nyI2YyGC9tX4YDwJuymw4dlrW0KqCMFtfpc45OzwFp0JdjxWa/yIBtRoT1423JvzO\r\n1e/pftJ2Vb+YZpsRiLumRBreEFg959zB\n-----END CERTIFICATE-----\n"; >outputList.outputName="Certificate Base-64 Encoded"; >outputList.outputConstraint="null"; >outputListSet[1] = outputList; >errorReason=""; >requestType="enrollment"; >profileId="caServerCert"; >requestId="7"; >errorCode="0"; >requestStatus="complete"; >op="approve"; ></script> > ><script type="text/javascript"> >function addEscapes(str) >{ > var outStr = str.replace(/</g, "<"); > outStr = outStr.replace(/>/g, ">"); > return outStr; >} > >document.writeln('<font size="+1" face="PrimaSans BT, Verdana, sans-serif">Request '); >if (typeof(requestId) != "undefined") { > document.writeln(requestId); >} >document.writeln('<br></font>'); ></script> ><font size="-1" face="PrimaSans BT, Verdana, sans-serif"></font> ><table border="0" cellspacing="0" cellpadding="0" background="/ca/agent/graphics/hr.gif" width="100%"> > <tr> > <td> </td> > </tr> ></table> ><p> > ><script type="text/javascript"> >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request Information:</b>'); >document.writeln('</FONT>'); >document.writeln('<table border=1 width=100%>'); >if (typeof(requestId) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td width=30%>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request ID:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<a href="profileReview?requestId=' + requestId + '">'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestId); >document.writeln('</FONT>'); >document.writeln('</a>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >if (typeof(requestType) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request Type:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestType); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >if (typeof(requestStatus) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Request Status:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(requestStatus); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >if (typeof(profileId) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Certificate Profile Id:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(profileId); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >if (typeof(op) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Operation Requested:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(op); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >if (typeof(errorCode) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Error Code:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(errorCode); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >if (typeof(errorReason) != "undefined") { >document.writeln('<tr>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln('<b>Error Reason:</b>'); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('<td>'); >document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); >document.writeln(errorReason); >document.writeln('</FONT>'); >document.writeln('</td>'); >document.writeln('</tr>'); >} >document.writeln('</table>'); >document.writeln('<p>'); >document.writeln('</table>'); >if (typeof(requestStatus) != "undefined" && requestStatus == 'complete') { > document.writeln('<table width=100%>'); >for (var i = 0; i < outputListSet.length; i++) { > document.writeln('<tr valign=top>'); > document.writeln('<td>'); > document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">' >); > document.writeln('<li>'); > document.writeln(outputListSet[i].outputName); > document.writeln('</FONT>'); > document.writeln('</td>'); > document.writeln('<tr valign=top>'); > document.writeln('</tr>'); > document.writeln('<td>'); > if (outputListSet[i].outputSyntax == 'string') { > document.writeln(addEscapes(outputListSet[i].outputVal)); > } else if (outputListSet[i].outputSyntax == 'pretty_print') { > document.writeln('<pre>'); > document.writeln(addEscapes(outputListSet[i].outputVal)); > document.writeln('</pre>'); > } > document.writeln('</td>'); > document.writeln('</tr>'); >} > document.writeln('</table>'); >} ></script> ></html> > >Subject: CN=sideswipe.testrelm.com,O=TESTRELM.COM >Issuer : CN=Certificate Authority,O=TESTRELM.COM >bulk cipher AES-256, 256 secret key bits, 256 key bits, status: 1 > >2013-01-16T08:56:49Z DEBUG stderr=POST /ca/agent/ca/profileProcess HTTP/1.0 >Content-Length: 754 >Content-Type: application/x-www-form-urlencoded > >exKeyUsageCritical=false&keyUsageEncipherOnly=false&keyUsageNonRepudiation=true&keyUsageDataEncipherment=true¬Before=2013-01-16+14%3A26%3A48&keyUsageCritical=true&submit=submit¬After=2015-01-06+14%3A26%3A48&requestId=7&signingAlg=SHA256withRSA&keyUsageDigitalSignature=true&authInfoAccessGeneralNames=Record+%230%0D%0AMethod%3A1.3.6.1.5.5.7.48.1%0D%0ALocation+Type%3AURIName%0D%0ALocation%3Ahttp%3A%2F%2Fsideswipe.testrelm.com%3A80%2Fca%2Focsp%0D%0AEnable%3Atrue%0D%0A%0D%0A&keyUsageKeyEncipherment=true&authInfoAccessCritical=false&name=CN%3DIPA+RA%2CO%3DTESTRELM.COM&requestNotes=&keyUsageCrlSign=false&exKeyUsageOIDs=1.3.6.1.5.5.7.3.1%2C1.3.6.1.5.5.7.3.2&keyUsageKeyAgreement=false&keyUsageKeyCertSign=false&keyUsageDecipherOnly=false&op=approveport: 9443 >addr='sideswipe.testrelm.com' >family='10' >-- SSL3: Server Certificate Validated. >Called mygetclientauthdata - nickname = ipa-ca-agent > mygetclientauthdata - cert = 24c38e0 > mygetclientauthdata - privkey = 2507dc0 >PR_Write wrote 869 bytes from bigBuf >bytes: [POST /ca/agent/ca/profileProcess HTTP/1.0 >Content-Length: 754 >Content-Type: application/x-www-form-urlencoded > >exKeyUsageCritical=false&keyUsageEncipherOnly=false&keyUsageNonRepudiation=true&keyUsageDataEncipherment=true¬Before=2013-01-16+14%3A26%3A48&keyUsageCritical=true&submit=submit¬After=2015-01-06+14%3A26%3A48&requestId=7&signingAlg=SHA256withRSA&keyUsageDigitalSignature=true&authInfoAccessGeneralNames=Record+%230%0D%0AMethod%3A1.3.6.1.5.5.7.48.1%0D%0ALocation+Type%3AURIName%0D%0ALocation%3Ahttp%3A%2F%2Fsideswipe.testrelm.com%3A80%2Fca%2Focsp%0D%0AEnable%3Atrue%0D%0A%0D%0A&keyUsageKeyEncipherment=true&authInfoAccessCritical=false&name=CN%3DIPA+RA%2CO%3DTESTRELM.COM&requestNotes=&keyUsageCrlSign=false&exKeyUsageOIDs=1.3.6.1.5.5.7.3.1%2C1.3.6.1.5.5.7.3.2&keyUsageKeyAgreement=false&keyUsageKeyCertSign=false&keyUsageDecipherOnly=false&op=approve] >do_writes shutting down send socket >do_writes exiting with (failure = 0) >connection 1 read 9000 bytes (9000 total). >these bytes read: >connection 1 read 4576 bytes (13576 total). >these bytes read: >connection 1 read 13576 bytes total. ----------------------------- > >2013-01-16T08:56:49Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -A -t u,u,u -n ipaCert -a -i /tmp/tmp25LB9V >2013-01-16T08:56:49Z DEBUG stdout= >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG duration: 0 seconds >2013-01-16T08:56:49Z DEBUG [18/21]: adding RA agent as a trusted user >2013-01-16T08:56:49Z DEBUG duration: 0 seconds >2013-01-16T08:56:49Z DEBUG [19/21]: configure certificate renewals >2013-01-16T08:56:49Z DEBUG args=/sbin/chkconfig certmonger on >2013-01-16T08:56:49Z DEBUG stdout= >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/sbin/service messagebus start >2013-01-16T08:56:49Z DEBUG stdout=Starting system message bus: > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/sbin/service messagebus status >2013-01-16T08:56:49Z DEBUG stdout=messagebus (pid 4756) is running... > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/sbin/service certmonger start >2013-01-16T08:56:49Z DEBUG stdout=Starting certmonger: [60G[[0;32m OK [0;39m] > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/sbin/service certmonger status >2013-01-16T08:56:49Z DEBUG stdout=certmonger (pid 27317) is running... > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/usr/bin/certutil -L -d /var/lib/pki-ca/alias -n auditSigningCert cert-pki-ca >2013-01-16T08:56:49Z DEBUG stdout=Certificate: > Data: > Version: 3 (0x2) > Serial Number: 5 (0x5) > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: "CN=Certificate Authority,O=TESTRELM.COM" > Validity: > Not Before: Wed Jan 16 08:56:03 2013 > Not After : Tue Jan 06 08:56:03 2015 > Subject: "CN=CA Audit,O=TESTRELM.COM" > Subject Public Key Info: > Public Key Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > cb:34:5b:f6:12:a1:f7:c6:c7:4c:71:91:7f:06:db:28: > 3e:cf:28:b6:f5:7d:d5:b3:09:af:60:fd:f9:cb:72:ec: > b9:f1:67:e9:a3:f0:69:83:90:a8:18:45:ca:a6:5b:2f: > 8c:d5:af:e6:89:54:3f:59:0b:6f:f1:6d:79:aa:b7:6b: > 3e:8d:aa:e4:4a:53:56:b0:2b:c3:57:08:ee:bc:31:39: > 22:28:23:f8:7c:ea:de:ad:30:37:ac:9e:6b:db:73:d6: > 0b:39:1b:c2:7e:2f:c6:49:5e:f4:92:3c:47:7a:a7:9a: > 4e:b8:4f:04:ca:71:60:3b:6a:c4:0d:4f:2f:c6:a4:82: > 17:90:16:c3:96:fa:4f:ec:0d:98:eb:3f:b1:cc:7e:0a: > 83:46:13:6c:31:b7:ca:01:5c:a7:55:0e:c8:70:e4:b3: > 6a:a6:04:ba:cd:1f:29:c0:34:74:f3:8c:d9:30:59:3d: > 7f:67:77:cb:a9:07:08:fc:38:66:8d:c0:e9:f7:e3:e8: > e2:4d:43:90:6c:7d:09:ce:27:7b:7c:42:94:bb:07:60: > e4:c2:3b:c6:6c:8e:09:ac:1f:ee:36:95:0a:0d:44:dc: > 26:ea:9d:1b:b5:18:7c:a3:38:7d:d3:da:91:19:e0:b4: > 26:62:02:29:e5:97:8c:8f:15:5e:e0:18:f5:79:95:21 > Exponent: 65537 (0x10001) > Signed Extensions: > Name: Certificate Authority Key Identifier > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > > Name: Certificate Key Usage > Critical: True > Usages: Digital Signature > Non-Repudiation > > Name: Authority Information Access > Method: PKIX Online Certificate Status Protocol > Location: > URI: "http://sideswipe.testrelm.com:80/ca/ocsp" > > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 92:04:52:58:ae:f9:ed:ac:b3:1a:f2:36:f6:e6:d1:d1: > ef:97:9e:fe:bd:8b:41:d2:1d:10:86:86:ef:b5:a1:ff: > a1:a2:7b:83:6d:5d:5e:a2:c7:72:7f:16:f7:17:d8:f0: > 96:82:39:3e:69:6c:8e:d2:94:50:21:08:60:f1:a3:07: > d3:86:fb:4e:8d:50:b9:6a:91:de:62:36:ab:d2:40:17: > 74:f9:3b:f9:3a:db:4d:77:88:19:63:50:e9:5d:c7:b9: > 9c:b2:80:14:1a:38:84:1f:e9:54:75:67:e4:97:4f:bc: > 9c:3a:d1:d9:aa:3f:78:27:f3:31:09:00:69:49:26:83: > bf:c0:90:91:b4:9f:62:57:ee:eb:7d:5f:37:e0:43:25: > 59:aa:31:e4:50:db:29:e2:39:ef:a9:d0:23:52:11:7e: > 7b:27:33:64:b7:84:12:ee:a9:ec:1f:ea:12:3f:2c:58: > 7f:cd:60:cc:6f:4b:af:60:8b:2e:60:fc:12:cd:bc:90: > 97:1f:5d:92:28:f9:ef:45:0a:89:29:cb:08:2b:48:e9: > 51:07:89:95:9f:99:9c:9b:41:e2:67:49:ff:42:9c:c0: > 4c:81:f6:b4:34:70:5f:8a:fe:40:2b:a1:dc:94:b6:18: > fc:fc:88:73:76:0d:b5:6e:7b:5b:69:f4:f5:68:3a:18 > Fingerprint (MD5): > C0:0F:4D:03:BB:FE:95:F8:03:E8:87:BF:1F:EC:6B:B1 > Fingerprint (SHA1): > FC:8F:FD:49:A4:A5:EF:74:E1:4A:CE:A7:18:3D:4C:06:6B:25:66:CB > > Certificate Trust Flags: > SSL Flags: > User > Email Flags: > User > Object Signing Flags: > Terminal Record > Trusted > User > > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/usr/bin/getcert start-tracking -d /var/lib/pki-ca/alias -n auditSigningCert cert-pki-ca -c dogtag-ipa-renew-agent -C /usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca" -P XXXXXXXX >2013-01-16T08:56:49Z DEBUG stdout=New tracking request "20130116085649" added. > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:49Z DEBUG args=/usr/bin/certutil -L -d /var/lib/pki-ca/alias -n ocspSigningCert cert-pki-ca >2013-01-16T08:56:49Z DEBUG stdout=Certificate: > Data: > Version: 3 (0x2) > Serial Number: 2 (0x2) > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: "CN=Certificate Authority,O=TESTRELM.COM" > Validity: > Not Before: Wed Jan 16 08:56:01 2013 > Not After : Tue Jan 06 08:56:01 2015 > Subject: "CN=OCSP Subsystem,O=TESTRELM.COM" > Subject Public Key Info: > Public Key Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > ad:c1:24:8c:44:51:31:a7:91:57:11:b7:0a:e9:09:f5: > e7:2f:c4:47:ff:8c:bb:d8:aa:8e:97:c0:09:9a:1f:9a: > 08:7e:09:cc:f6:f3:ed:49:3a:57:b3:ee:e8:12:0a:b9: > 14:07:ed:af:47:8c:87:49:9e:6e:c4:7e:a7:47:30:f1: > 5a:10:25:59:95:a8:0c:57:18:a5:20:5f:ab:d3:84:93: > 50:dc:51:cd:1c:b7:51:1d:93:3e:6d:1a:b9:df:7c:ff: > 27:27:78:87:1f:7b:9b:22:3c:83:4d:28:d0:c5:c1:fc: > f0:66:39:03:79:df:f2:d1:9f:af:ba:96:b0:14:2b:4b: > 15:c4:01:96:3d:1a:20:d7:77:de:1b:38:71:d7:cd:7f: > 87:cc:74:fc:11:52:4d:1f:98:a3:30:b6:15:dd:7b:d1: > 10:b0:42:e7:5f:a7:07:19:15:25:07:30:22:ef:96:ac: > b4:8f:5f:c6:57:82:88:8c:d2:62:e1:b9:68:03:79:ec: > 36:84:02:7c:7f:6e:9d:cd:21:a3:d0:51:aa:65:75:79: > f8:ec:09:db:54:32:43:87:80:37:a1:41:de:3d:9c:cb: > 2d:80:de:f3:5f:2b:ee:eb:92:03:c2:d1:d2:b9:28:a3: > ae:3c:3e:c7:24:bd:a5:e7:6e:ce:6a:27:ac:fe:33:2b > Exponent: 65537 (0x10001) > Signed Extensions: > Name: Certificate Authority Key Identifier > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > > Name: Certificate Key Usage > Critical: True > Usages: Digital Signature > Non-Repudiation > Certificate Signing > CRL Signing > > Name: Authority Information Access > Method: PKIX Online Certificate Status Protocol > Location: > URI: "http://sideswipe.testrelm.com:80/ca/ocsp" > > Name: Extended Key Usage > OCSP Responder Certificate > > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 77:74:a3:c4:d7:cb:52:44:e4:be:e1:47:fe:62:32:30: > ba:2a:eb:49:9c:b9:4f:48:d2:b5:6c:d0:d3:4c:c3:4e: > dd:7c:16:7e:ae:05:86:6a:8c:07:66:ae:cb:ec:9a:ef: > 12:50:10:d9:5e:de:e6:4e:c6:d1:98:40:45:8a:ce:38: > 1c:f2:c2:b4:cb:b5:10:f1:c7:2d:bd:38:4b:03:2d:14: > 6b:73:7a:75:1a:12:96:51:e9:5d:98:a7:90:75:79:ea: > 7e:e7:89:4a:ba:57:16:56:6e:1c:79:e1:55:d5:7c:e4: > 74:bc:90:82:77:e7:17:b5:5c:2b:06:84:86:f9:4b:9d: > 89:c3:15:1f:f3:b2:63:92:73:dc:f5:16:44:c2:49:6d: > 31:6a:f3:f5:22:e3:31:37:29:f7:4a:4b:e7:02:3a:32: > d7:6c:1d:4c:d5:81:c6:89:f7:22:4b:6d:34:58:90:e7: > 05:cb:4e:17:16:8a:f1:18:e0:c6:6b:08:5b:aa:b5:3c: > cb:5f:0f:73:76:39:ee:54:09:72:cf:2b:5d:e0:c7:b7: > e7:4d:d2:df:57:9a:c9:a7:24:3b:66:c1:2d:56:10:93: > bc:64:22:c3:47:b3:1e:9d:9a:49:75:37:d9:4f:4a:d8: > 7c:62:1a:24:7c:94:1c:02:c9:4e:15:d6:0c:a7:5d:f0 > Fingerprint (MD5): > 87:4B:75:54:B9:EB:2E:15:5F:98:36:AE:2F:A1:02:1F > Fingerprint (SHA1): > FD:4A:C0:02:8D:54:22:93:77:75:59:97:B2:5F:4B:C0:4A:11:FA:24 > > Certificate Trust Flags: > SSL Flags: > User > Email Flags: > User > Object Signing Flags: > User > > >2013-01-16T08:56:49Z DEBUG stderr= >2013-01-16T08:56:50Z DEBUG args=/usr/bin/getcert start-tracking -d /var/lib/pki-ca/alias -n ocspSigningCert cert-pki-ca -c dogtag-ipa-renew-agent -C /usr/lib64/ipa/certmonger/renew_ca_cert "ocspSigningCert cert-pki-ca" -P XXXXXXXX >2013-01-16T08:56:50Z DEBUG stdout=New tracking request "20130116085650" added. > >2013-01-16T08:56:50Z DEBUG stderr= >2013-01-16T08:56:50Z DEBUG args=/usr/bin/certutil -L -d /var/lib/pki-ca/alias -n subsystemCert cert-pki-ca >2013-01-16T08:56:50Z DEBUG stdout=Certificate: > Data: > Version: 3 (0x2) > Serial Number: 4 (0x4) > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: "CN=Certificate Authority,O=TESTRELM.COM" > Validity: > Not Before: Wed Jan 16 08:56:02 2013 > Not After : Tue Jan 06 08:56:02 2015 > Subject: "CN=CA Subsystem,O=TESTRELM.COM" > Subject Public Key Info: > Public Key Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > b8:cb:85:0c:31:d5:ad:b6:b3:2d:e2:99:29:2b:60:39: > c0:ad:9a:d9:81:ec:26:8d:01:25:bd:28:62:6f:1d:c9: > bb:e1:d1:1e:f3:9a:67:42:36:77:ee:a3:7a:cf:73:9b: > fd:8f:ff:93:32:1e:e4:a2:2f:c0:64:24:35:c2:00:1b: > 1b:cb:b7:e1:d5:34:e6:54:b4:14:02:0a:db:41:c9:6f: > b8:c4:fa:e3:23:30:a2:90:9b:79:3c:ed:17:de:65:75: > 9b:fd:f4:0d:3c:3a:aa:9e:d0:e7:9c:76:c6:c2:bb:21: > b6:7c:e1:dc:e1:b8:f2:b7:3a:26:54:41:e2:fb:a3:c5: > c6:2f:0c:93:b7:7f:1c:d1:7c:3e:33:cc:62:74:57:76: > 13:66:0b:91:2a:88:eb:6a:e3:47:36:08:8b:09:27:ec: > b0:df:12:c3:e0:46:c3:fc:5c:5b:b3:58:64:95:71:49: > 91:23:a5:63:61:05:9b:a1:6d:8e:84:5c:42:2a:8b:e8: > f6:e6:ac:c9:08:3d:b3:e5:61:09:cc:ae:bc:e3:63:13: > 24:31:3a:56:ee:5b:5e:7a:26:eb:68:0c:aa:cb:f3:68: > b3:6c:eb:5a:1f:c6:dc:32:b0:15:9b:4b:f7:c5:ca:f5: > 7b:24:fd:88:be:5c:7b:38:b7:69:9e:ed:0f:ec:f3:9b > Exponent: 65537 (0x10001) > Signed Extensions: > Name: Certificate Authority Key Identifier > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > > Name: Authority Information Access > Method: PKIX Online Certificate Status Protocol > Location: > URI: "http://sideswipe.testrelm.com:80/ca/ocsp" > > Name: Certificate Key Usage > Critical: True > Usages: Digital Signature > Non-Repudiation > Key Encipherment > Data Encipherment > > Name: Extended Key Usage > TLS Web Server Authentication Certificate > TLS Web Client Authentication Certificate > > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 3f:98:62:44:86:0a:0e:43:68:08:0c:fe:61:08:62:73: > 4e:d5:7c:89:70:4e:80:02:d5:e3:50:7a:05:e1:8f:74: > 21:d8:45:3c:fb:c1:93:f5:69:34:5d:12:59:6d:d9:90: > b3:1b:e0:90:85:45:15:ec:55:a4:c6:8e:db:30:59:38: > 8a:c5:8c:b3:78:39:82:66:39:da:af:b9:37:f9:7e:4c: > 2b:4f:b1:3f:b2:81:f5:18:0a:27:89:c2:d2:c1:0e:6f: > e7:f1:e8:01:c3:bd:b2:26:cc:27:5d:bc:38:62:2f:e3: > de:2b:73:2d:cb:b9:36:37:4f:f8:05:74:77:1e:e0:bf: > 53:88:a6:82:7e:e0:6a:ab:c3:0a:16:26:ff:57:f1:ae: > 8a:4f:0c:20:9d:f7:90:13:50:82:04:86:e1:38:63:ca: > 9d:9e:a4:5d:b4:d8:93:9e:60:48:b8:38:50:8f:eb:84: > 57:03:e4:fd:1c:ca:31:bc:52:2f:98:ac:44:55:ab:63: > 0f:dd:cf:e8:7b:95:f1:f2:ba:70:e5:06:c3:ba:fe:40: > cf:a1:df:4a:a7:0d:1d:e9:a5:66:2c:30:54:07:44:76: > 04:3b:9b:76:6a:f7:f7:41:c1:e8:b3:61:82:53:2a:22: > 81:47:34:39:11:2c:fd:9c:ce:d2:bb:ff:45:21:5d:60 > Fingerprint (MD5): > B1:EB:5E:80:22:A7:1F:5D:E1:93:3C:02:A4:23:74:CE > Fingerprint (SHA1): > 35:66:7D:35:FC:9D:21:61:AC:B4:7D:A2:49:E8:99:B7:AF:02:FE:79 > > Certificate Trust Flags: > SSL Flags: > User > Email Flags: > User > Object Signing Flags: > User > > >2013-01-16T08:56:50Z DEBUG stderr= >2013-01-16T08:56:51Z DEBUG args=/usr/bin/getcert start-tracking -d /var/lib/pki-ca/alias -n subsystemCert cert-pki-ca -c dogtag-ipa-renew-agent -C /usr/lib64/ipa/certmonger/renew_ca_cert "subsystemCert cert-pki-ca" -P XXXXXXXX >2013-01-16T08:56:51Z DEBUG stdout=New tracking request "20130116085651" added. > >2013-01-16T08:56:51Z DEBUG stderr= >2013-01-16T08:56:51Z DEBUG args=/usr/bin/certutil -L -d /etc/httpd/alias -n ipaCert >2013-01-16T08:56:51Z DEBUG stdout=Certificate: > Data: > Version: 3 (0x2) > Serial Number: 7 (0x7) > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: "CN=Certificate Authority,O=TESTRELM.COM" > Validity: > Not Before: Wed Jan 16 08:56:48 2013 > Not After : Tue Jan 06 08:56:48 2015 > Subject: "CN=IPA RA,O=TESTRELM.COM" > Subject Public Key Info: > Public Key Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > de:49:e0:18:4a:22:42:67:a2:4b:d9:5e:7e:a9:5e:77: > d9:28:4d:f9:91:53:c1:57:00:a1:26:11:1c:61:ef:77: > 23:9e:47:8d:3c:45:c2:f9:a0:05:5a:03:ff:b2:0c:46: > d9:6d:70:d8:8a:f3:61:51:97:0d:00:9e:ae:0c:53:23: > e1:1c:b6:b8:08:f2:8c:3c:27:bf:e0:78:d8:db:06:c6: > 50:6f:ce:47:79:8c:05:9b:cf:56:88:37:c4:de:00:c2: > f9:13:0b:07:a7:91:7f:24:7a:e7:a3:23:5b:7e:45:5d: > 26:15:b4:e0:d8:62:00:a3:58:99:5a:ec:9d:2c:53:de: > b3:88:5b:92:f6:4b:df:fb:41:4b:28:82:fc:64:04:64: > ff:f4:cd:2b:94:2a:9d:56:6f:c1:4a:66:1c:14:00:f3: > cd:9a:ae:ad:75:dd:ce:2a:7c:ab:35:a5:6c:4b:88:8e: > 78:f0:50:e2:4a:2f:f0:60:bc:a3:34:8e:0f:d7:98:03: > 75:b4:9a:76:35:ef:c7:bf:39:46:92:03:20:ee:60:aa: > 29:f7:70:b3:65:8b:81:cf:c8:2b:0e:cc:6f:76:78:86: > 37:f4:03:2f:47:45:ce:61:f8:eb:21:60:6b:8f:d7:08: > f1:16:d0:45:f0:7c:d8:24:d6:a2:3b:38:ee:b8:e9:e5 > Exponent: 65537 (0x10001) > Signed Extensions: > Name: Certificate Authority Key Identifier > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > > Name: Authority Information Access > Method: PKIX Online Certificate Status Protocol > Location: > URI: "http://sideswipe.testrelm.com:80/ca/ocsp" > > Name: Certificate Key Usage > Critical: True > Usages: Digital Signature > Non-Repudiation > Key Encipherment > Data Encipherment > > Name: Extended Key Usage > TLS Web Server Authentication Certificate > TLS Web Client Authentication Certificate > > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 4b:90:2c:3f:1b:ef:a1:ee:7e:dd:c8:8f:39:2d:ad:7a: > f1:6e:31:30:d7:c2:e4:d1:9b:4a:92:4c:06:fb:af:94: > 06:50:d3:c1:ca:b9:79:88:95:2f:c3:89:05:cb:91:d0: > 4c:a6:a7:53:a3:94:eb:51:07:61:e4:5d:25:c5:ff:4d: > 08:ac:ed:9e:bf:ea:76:18:bb:32:07:2e:74:0e:c3:50: > b9:a0:22:29:78:4b:e7:b1:ce:fd:ae:1e:fc:4d:ec:0d: > c5:16:9d:37:09:9e:17:81:9a:fa:eb:ed:98:fe:df:30: > c5:75:e8:b8:30:d2:7b:ad:82:55:f0:55:14:2b:2c:2c: > 9f:84:fa:2c:fc:30:c5:f1:57:75:5a:a4:b1:11:b4:1e: > ac:a2:87:1a:b5:9c:0a:f5:91:64:25:ba:90:ef:af:93: > a8:80:91:19:fb:e1:51:fa:07:4f:07:5d:99:c5:a0:6e: > 19:97:0c:c3:bd:8d:63:c0:c8:8d:98:c8:60:bd:b5:7e: > 18:0f:02:6e:ca:6c:38:76:5a:d6:d0:aa:82:30:5b:5f: > a5:ce:39:3b:3c:05:a7:42:5d:8f:15:9a:ff:22:01:b5: > 1a:13:d7:8d:b7:26:fc:ce:d5:ef:e9:7e:d2:76:55:bf: > 98:66:9b:11:88:bb:a6:44:1a:de:10:58:3d:e7:dc:c1 > Fingerprint (MD5): > 05:97:73:66:3B:09:93:7A:E7:E0:26:9D:D7:C5:37:7F > Fingerprint (SHA1): > F3:8F:40:2F:E8:E9:4A:AA:C3:E4:CB:D6:2A:1A:DA:CA:BC:54:17:03 > > Certificate Trust Flags: > SSL Flags: > User > Email Flags: > User > Object Signing Flags: > User > > >2013-01-16T08:56:51Z DEBUG stderr= >2013-01-16T08:56:52Z DEBUG args=/usr/bin/getcert start-tracking -d /etc/httpd/alias -n ipaCert -c dogtag-ipa-renew-agent -C /usr/lib64/ipa/certmonger/renew_ra_cert -p /etc/httpd/alias/pwdfile.txt >2013-01-16T08:56:52Z DEBUG stdout=New tracking request "20130116085652" added. > >2013-01-16T08:56:52Z DEBUG stderr= >2013-01-16T08:56:52Z DEBUG duration: 2 seconds >2013-01-16T08:56:52Z DEBUG [20/21]: configure Server-Cert certificate renewal >2013-01-16T08:56:52Z DEBUG args=/usr/bin/certutil -L -d /var/lib/pki-ca/alias -n Server-Cert cert-pki-ca >2013-01-16T08:56:52Z DEBUG stdout=Certificate: > Data: > Version: 3 (0x2) > Serial Number: 3 (0x3) > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: "CN=Certificate Authority,O=TESTRELM.COM" > Validity: > Not Before: Wed Jan 16 08:56:02 2013 > Not After : Tue Jan 06 08:56:02 2015 > Subject: "CN=sideswipe.testrelm.com,O=TESTRELM.COM" > Subject Public Key Info: > Public Key Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > b1:9d:f8:31:fd:f0:e8:3f:5f:cd:25:c3:21:88:f7:b4: > ad:26:72:25:ca:a6:66:6a:ef:eb:9f:31:7c:b0:b5:89: > ef:35:b0:79:2f:39:97:3c:08:03:27:54:62:40:2d:bc: > 8e:06:2e:1b:e3:d6:a3:8e:74:7c:f6:48:b3:ea:af:4f: > cc:9c:e3:84:07:4b:a1:a0:a1:e9:ac:f9:b0:23:d8:c6: > 93:0c:f0:56:d8:38:e2:bd:fe:5c:72:24:cc:22:2b:8b: > ae:14:7a:13:ba:c9:5f:49:98:f2:27:75:c6:ea:0a:75: > 37:bb:a0:57:5f:e1:6e:0a:e5:11:59:22:39:59:a2:6f: > 60:1f:0e:a9:5e:15:bc:71:bd:f2:b2:f1:66:77:2d:79: > 5e:c8:8b:da:1c:d1:b1:2e:98:9d:63:c7:f7:dc:34:4c: > a4:b0:26:0b:53:d3:e4:48:a9:9f:69:0a:51:9f:2a:c0: > 4f:5b:a2:98:42:74:a9:9c:85:08:3a:3e:21:95:ce:d8: > 9c:82:97:88:e5:18:e5:b0:a0:7a:ee:48:d4:db:2b:eb: > d0:01:94:2c:75:e2:c3:1b:e1:ef:ad:49:ad:e3:22:a6: > 1e:0c:34:19:29:85:d9:57:66:e6:d6:80:da:01:5c:04: > 5a:90:41:5b:be:9d:41:ad:fb:23:25:14:48:00:38:27 > Exponent: 65537 (0x10001) > Signed Extensions: > Name: Certificate Authority Key Identifier > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > > Name: Authority Information Access > Method: PKIX Online Certificate Status Protocol > Location: > URI: "http://sideswipe.testrelm.com:80/ca/ocsp" > > Name: Certificate Key Usage > Critical: True > Usages: Digital Signature > Non-Repudiation > Key Encipherment > Data Encipherment > > Name: Extended Key Usage > TLS Web Server Authentication Certificate > > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 44:29:60:e4:c6:66:20:69:4a:2c:09:de:7f:28:31:f5: > 1e:c4:ec:1f:61:74:ba:4c:3f:08:6b:e5:1d:b5:5b:4a: > fc:dd:99:c2:d1:b2:c9:e0:1c:3b:6a:2c:49:00:28:90: > e2:4f:92:24:e9:1c:81:bb:d8:d6:dd:a4:14:73:db:aa: > 8a:d1:b2:6f:9d:f1:b5:a4:20:76:7b:13:a1:f8:f3:55: > 1c:03:e3:e6:d1:cc:6b:ba:a8:a0:15:78:bf:c8:8c:82: > c0:92:be:c3:d6:eb:e5:c1:78:24:ef:80:be:17:6d:9e: > 96:85:23:b9:b8:72:b2:5b:6a:68:21:ff:e6:c1:9a:cc: > bb:bc:01:61:1b:2f:a7:c0:4b:ee:05:bf:75:4e:40:ea: > 25:98:59:9d:60:d2:9c:9b:e8:3d:12:1f:44:18:f5:41: > dc:35:0f:ac:30:bb:da:90:1f:80:53:73:c8:21:7b:9f: > d3:0d:66:ff:16:e3:ab:b4:70:bc:c3:bf:47:4a:fe:b9: > 3d:54:eb:5b:5a:6d:86:3b:a1:a4:e7:04:3c:52:a9:d2: > 8b:02:eb:e2:a3:60:9d:72:39:8b:24:a6:94:ce:26:6a: > d3:cb:72:bc:1a:04:53:62:96:f1:d3:a1:a2:9d:ac:7f: > dd:7e:fa:63:ea:13:a4:03:ae:f4:c6:9c:da:dd:e0:c4 > Fingerprint (MD5): > A6:1C:53:9E:4D:2B:53:33:D1:E5:5C:92:9D:65:77:CA > Fingerprint (SHA1): > AC:53:2F:8B:A9:D5:93:3E:AB:1A:A0:EF:02:39:C9:1D:3A:32:FD:2C > > Certificate Trust Flags: > SSL Flags: > User > Email Flags: > User > Object Signing Flags: > User > > >2013-01-16T08:56:52Z DEBUG stderr= >2013-01-16T08:56:53Z DEBUG args=/usr/bin/getcert start-tracking -d /var/lib/pki-ca/alias -n Server-Cert cert-pki-ca -c dogtag-ipa-renew-agent -C /usr/lib64/ipa/certmonger/restart_pkicad "Server-Cert cert-pki-ca" -P XXXXXXXX >2013-01-16T08:56:53Z DEBUG stdout=New tracking request "20130116085653" added. > >2013-01-16T08:56:53Z DEBUG stderr= >2013-01-16T08:56:53Z DEBUG duration: 0 seconds >2013-01-16T08:56:53Z DEBUG [21/21]: Configure HTTP to proxy connections >2013-01-16T08:56:53Z DEBUG duration: 0 seconds >2013-01-16T08:56:53Z DEBUG Done configuring certificate server (pki-cad). >2013-01-16T08:56:53Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -f XXXXXXXX -L -n TESTRELM.COM IPA CA -a >2013-01-16T08:56:53Z DEBUG stdout=-----BEGIN CERTIFICATE----- >MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNU >UkVMTS5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAx >MTYwODU1NThaFw0zMzAxMTYwODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNP >TTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B >AQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK+GG4OY/t1Q5hvgV6ds+C6 >nALxpWTWBXTy3S1qsaR93p+8zswuKi81jQrPXwIjvRlNIg1lbi+L/lFptLtNeKp8 >+f/AoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMN >Wn3ooFiDuIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6 >wtGie8/9CkVyUtfpx41/eWCACFvT7IIfcrvYr5o/WzQlHnANUajaU8sk/J2MLBNf >unO3otaLcFV53FWASUXwRbnsI2PpDbD4PoEV+KAxWKyKZwIDAQABo4GqMIGnMB8G >A1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA8GA1UdEwEB/wQFMAMBAf8w >DgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVz >dHJlbG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd+yFiOgz >VQyaxXre3epPftM45CaTwRD7Dg4o/xwCVbQ9htw+GN7iVLcceBYKxzr6oXde+bZA >TF/AsnUUAmUbUNWXe41Qi0TiJfxZiJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn3 >9flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrWj4eJMyXU8NpH6/G1efw6e/d1 >/xKHl6au4jWqpfxqdVF025Bb/gJiRk6J7GXAdMY06V9iZlDpwxk23FDPNwymwPvH >HDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5+p71ROmt3Xo6rr >aCqIcnVWUt4= >-----END CERTIFICATE----- > >2013-01-16T08:56:53Z DEBUG stderr= >2013-01-16T08:56:53Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:56:53Z DEBUG Configuring directory server (dirsrv): Estimated time 31 minutes >2013-01-16T08:56:53Z DEBUG [1/38]: creating directory server user >2013-01-16T08:56:53Z DEBUG ds user dirsrv exists >2013-01-16T08:56:53Z DEBUG duration: 0 seconds >2013-01-16T08:56:53Z DEBUG [2/38]: creating directory server instance >2013-01-16T08:56:53Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2013-01-16T08:56:53Z DEBUG Backing up system configuration file '/etc/sysconfig/dirsrv' >2013-01-16T08:56:53Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:56:53Z DEBUG >dn: dc=testrelm,dc=com >objectClass: top >objectClass: domain >objectClass: pilotObject >dc: testrelm >info: IPA V2.0 > >2013-01-16T08:56:53Z DEBUG writing inf template >2013-01-16T08:56:53Z DEBUG >[General] >FullMachineName= sideswipe.testrelm.com >SuiteSpotUserID= dirsrv >SuiteSpotGroup= dirsrv >ServerRoot= /usr/lib64/dirsrv >[slapd] >ServerPort= 389 >ServerIdentifier= TESTRELM-COM >Suffix= dc=testrelm,dc=com >RootDN= cn=Directory Manager >InstallLdifFile= /var/lib/dirsrv/boot.ldif >inst_dir= /var/lib/dirsrv/scripts-TESTRELM-COM > >2013-01-16T08:56:53Z DEBUG calling setup-ds.pl >2013-01-16T08:57:03Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmp77sL_b >2013-01-16T08:57:03Z DEBUG stdout=[13/01/16:14:27:03] - [Setup] Info Your new DS instance 'TESTRELM-COM' was successfully created. >Your new DS instance 'TESTRELM-COM' was successfully created. >[13/01/16:14:27:03] - [Setup] Success Exiting . . . >Log file is '-' > >Exiting . . . >Log file is '-' > > >2013-01-16T08:57:03Z DEBUG stderr= >2013-01-16T08:57:03Z DEBUG completed creating ds instance >2013-01-16T08:57:03Z DEBUG restarting ds instance >2013-01-16T08:57:05Z DEBUG args=/sbin/service dirsrv restart TESTRELM-COM >2013-01-16T08:57:05Z DEBUG stdout=Shutting down dirsrv: > TESTRELM-COM...[60G[[0;32m OK [0;39m] >Starting dirsrv: > TESTRELM-COM...[60G[[0;32m OK [0;39m] > >2013-01-16T08:57:05Z DEBUG stderr= >2013-01-16T08:57:05Z DEBUG args=/sbin/service dirsrv status TESTRELM-COM >2013-01-16T08:57:05Z DEBUG stdout=dirsrv TESTRELM-COM (pid 27515) is running... > >2013-01-16T08:57:05Z DEBUG stderr= >2013-01-16T08:57:05Z DEBUG wait_for_open_ports: localhost [389] timeout 120 >2013-01-16T08:57:05Z DEBUG args=/sbin/service dirsrv status TESTRELM-COM >2013-01-16T08:57:05Z DEBUG stdout=dirsrv TESTRELM-COM (pid 27515) is running... > >2013-01-16T08:57:05Z DEBUG stderr= >2013-01-16T08:57:05Z DEBUG done restarting ds instance >2013-01-16T08:57:05Z DEBUG duration: 12 seconds >2013-01-16T08:57:05Z DEBUG [3/38]: adding default schema >2013-01-16T08:57:05Z DEBUG duration: 0 seconds >2013-01-16T08:57:05Z DEBUG [4/38]: enabling memberof plugin >2013-01-16T08:57:05Z DEBUG flushing ldap://sideswipe.testrelm.com:389 from SchemaCache >2013-01-16T08:57:05Z DEBUG retrieving schema for SchemaCache url=ldap://sideswipe.testrelm.com:389 conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x30c5a70> >2013-01-16T08:57:05Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/memberof-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpvHKiGx >2013-01-16T08:57:05Z DEBUG stdout=replace nsslapd-pluginenabled: > on >add memberofgroupattr: > memberUser >add memberofgroupattr: > memberHost >modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:05Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:05Z DEBUG duration: 0 seconds >2013-01-16T08:57:05Z DEBUG [5/38]: enabling winsync plugin >2013-01-16T08:57:05Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/ipa-winsync-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpMxTtrQ >2013-01-16T08:57:05Z DEBUG stdout=add objectclass: > top > nsSlapdPlugin > extensibleObject >add cn: > ipa-winsync >add nsslapd-pluginpath: > libipa_winsync >add nsslapd-plugininitfunc: > ipa_winsync_plugin_init >add nsslapd-pluginDescription: > Allows IPA to work with the DS windows sync feature >add nsslapd-pluginid: > ipa-winsync >add nsslapd-pluginversion: > 1.0 >add nsslapd-pluginvendor: > Red Hat >add nsslapd-plugintype: > preoperation >add nsslapd-pluginenabled: > on >add nsslapd-plugin-depends-on-type: > database >add ipaWinSyncRealmFilter: > (objectclass=krbRealmContainer) >add ipaWinSyncRealmAttr: > cn >add ipaWinSyncNewEntryFilter: > (cn=ipaConfig) >add ipaWinSyncNewUserOCAttr: > ipauserobjectclasses >add ipaWinSyncUserFlatten: > true >add ipaWinsyncHomeDirAttr: > ipaHomesRootDir >add ipaWinsyncLoginShellAttr: > ipaDefaultLoginShell >add ipaWinSyncDefaultGroupAttr: > ipaDefaultPrimaryGroup >add ipaWinSyncDefaultGroupFilter: > (gidNumber=*)(objectclass=posixGroup)(objectclass=groupOfNames) >add ipaWinSyncAcctDisable: > both >add ipaWinSyncForceSync: > true >add ipaWinSyncUserAttr: > uidNumber 999 > gidNumber 999 >adding new entry "cn=ipa-winsync,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:05Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:05Z DEBUG duration: 0 seconds >2013-01-16T08:57:05Z DEBUG [6/38]: configuring replication version plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/version-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpKgs83R >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > nsSlapdPlugin > extensibleObject >add cn: > IPA Version Replication >add nsslapd-pluginpath: > libipa_repl_version >add nsslapd-plugininitfunc: > repl_version_plugin_init >add nsslapd-plugintype: > preoperation >add nsslapd-pluginenabled: > off >add nsslapd-pluginid: > ipa_repl_version >add nsslapd-pluginversion: > 1.0 >add nsslapd-pluginvendor: > Red Hat, Inc. >add nsslapd-plugindescription: > IPA Replication version plugin >add nsslapd-plugin-depends-on-type: > database >add nsslapd-plugin-depends-on-named: > Multimaster Replication Plugin >adding new entry "cn=IPA Version Replication,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [7/38]: enabling IPA enrollment plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpt14nuj -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpkGlthq >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > nsSlapdPlugin > extensibleObject >add cn: > ipa_enrollment_extop >add nsslapd-pluginpath: > libipa_enrollment_extop >add nsslapd-plugininitfunc: > ipaenrollment_init >add nsslapd-plugintype: > extendedop >add nsslapd-pluginenabled: > on >add nsslapd-pluginid: > ipa_enrollment_extop >add nsslapd-pluginversion: > 1.0 >add nsslapd-pluginvendor: > RedHat >add nsslapd-plugindescription: > Enroll hosts into the IPA domain >add nsslapd-plugin-depends-on-type: > database >add nsslapd-realmTree: > dc=testrelm,dc=com >adding new entry "cn=ipa_enrollment_extop,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [8/38]: enabling ldapi >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpRm0y0y -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpR1WF1l >2013-01-16T08:57:06Z DEBUG stdout=replace nsslapd-ldapilisten: > on >modifying entry "cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [9/38]: disabling betxn plugins >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpkZZkZm -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmp8_pef8 >2013-01-16T08:57:06Z DEBUG stdout=replace nsslapd-pluginType: > preoperation >modifying entry "cn=7-bit check,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > preoperation >modifying entry "cn=attribute uniqueness,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > preoperation >modifying entry "cn=Auto Membership Plugin,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > preoperation >modifying entry "cn=Linked Attributes,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > preoperation >modifying entry "cn=Managed Entries,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > postoperation >modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginbetxn: > off >modifying entry "cn=Multimaster Replication Plugin,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > preoperation >modifying entry "cn=PAM Pass Through Auth,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > postoperation >modifying entry "cn=referential integrity postoperation,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginbetxn: > off >modifying entry "cn=Roles Plugin,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginType: > postoperation >modifying entry "cn=State Change Plugin,cn=plugins,cn=config" >modify complete > >replace nsslapd-pluginbetxn: > off >modifying entry "cn=USN,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [10/38]: configuring uniqueness plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpYiivEt -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmphWMjJP >2013-01-16T08:57:06Z DEBUG stdout=add objectClass: > top > nsSlapdPlugin > extensibleObject >add cn: > krbPrincipalName uniqueness >add nsslapd-pluginPath: > libattr-unique-plugin >add nsslapd-pluginInitfunc: > NSUniqueAttr_Init >add nsslapd-pluginType: > preoperation >add nsslapd-pluginEnabled: > on >add nsslapd-pluginarg0: > krbPrincipalName >add nsslapd-pluginarg1: > dc=testrelm,dc=com >add nsslapd-plugin-depends-on-type: > database >add nsslapd-pluginId: > NSUniqueAttr >add nsslapd-pluginVersion: > 1.1.0 >add nsslapd-pluginVendor: > Fedora Project >add nsslapd-pluginDescription: > Enforce unique attribute values >adding new entry "cn=krbPrincipalName uniqueness,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsSlapdPlugin > extensibleObject >add cn: > krbCanonicalName uniqueness >add nsslapd-pluginPath: > libattr-unique-plugin >add nsslapd-pluginInitfunc: > NSUniqueAttr_Init >add nsslapd-pluginType: > preoperation >add nsslapd-pluginEnabled: > on >add nsslapd-pluginarg0: > krbCanonicalName >add nsslapd-pluginarg1: > dc=testrelm,dc=com >add nsslapd-plugin-depends-on-type: > database >add nsslapd-pluginId: > NSUniqueAttr >add nsslapd-pluginVersion: > 1.1.0 >add nsslapd-pluginVendor: > Fedora Project >add nsslapd-pluginDescription: > Enforce unique attribute values >adding new entry "cn=krbCanonicalName uniqueness,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsSlapdPlugin > extensibleObject >add cn: > netgroup uniqueness >add nsslapd-pluginPath: > libattr-unique-plugin >add nsslapd-pluginInitfunc: > NSUniqueAttr_Init >add nsslapd-pluginType: > preoperation >add nsslapd-pluginEnabled: > on >add nsslapd-pluginarg0: > cn >add nsslapd-pluginarg1: > cn=ng,cn=alt,dc=testrelm,dc=com >add nsslapd-plugin-depends-on-type: > database >add nsslapd-pluginId: > NSUniqueAttr >add nsslapd-pluginVersion: > 1.1.0 >add nsslapd-pluginVendor: > Fedora Project >add nsslapd-pluginDescription: > Enforce unique attribute values >adding new entry "cn=netgroup uniqueness,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsSlapdPlugin > extensibleObject >add cn: > ipaUniqueID uniqueness >add nsslapd-pluginPath: > libattr-unique-plugin >add nsslapd-pluginInitfunc: > NSUniqueAttr_Init >add nsslapd-pluginType: > preoperation >add nsslapd-pluginEnabled: > on >add nsslapd-pluginarg0: > ipaUniqueID >add nsslapd-pluginarg1: > dc=testrelm,dc=com >add nsslapd-plugin-depends-on-type: > database >add nsslapd-pluginId: > NSUniqueAttr >add nsslapd-pluginVersion: > 1.1.0 >add nsslapd-pluginVendor: > Fedora Project >add nsslapd-pluginDescription: > Enforce unique attribute values >adding new entry "cn=ipaUniqueID uniqueness,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsSlapdPlugin > extensibleObject >add cn: > sudorule name uniqueness >add nsslapd-pluginDescription: > Enforce unique attribute values >add nsslapd-pluginPath: > libattr-unique-plugin >add nsslapd-pluginInitfunc: > NSUniqueAttr_Init >add nsslapd-pluginType: > preoperation >add nsslapd-pluginEnabled: > on >add nsslapd-pluginarg0: > cn >add nsslapd-pluginarg1: > cn=sudorules,cn=sudo,dc=testrelm,dc=com >add nsslapd-plugin-depends-on-type: > database >add nsslapd-pluginId: > NSUniqueAttr >add nsslapd-pluginVersion: > 1.1.0 >add nsslapd-pluginVendor: > Fedora Project >adding new entry "cn=sudorule name uniqueness,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [11/38]: configuring uuid plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/uuid-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmptRKT_V >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > nsSlapdPlugin > extensibleObject >add cn: > IPA UUID >add nsslapd-pluginpath: > libipa_uuid >add nsslapd-plugininitfunc: > ipauuid_init >add nsslapd-plugintype: > preoperation >add nsslapd-pluginenabled: > on >add nsslapd-pluginid: > ipauuid_version >add nsslapd-pluginversion: > 1.0 >add nsslapd-pluginvendor: > Red Hat, Inc. >add nsslapd-plugindescription: > IPA UUID plugin >add nsslapd-plugin-depends-on-type: > database >adding new entry "cn=IPA UUID,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmp5ngs5U -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpDQHYid >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > extensibleObject >add cn: > IPA Unique IDs >add ipaUuidAttr: > ipaUniqueID >add ipaUuidMagicRegen: > autogenerate >add ipaUuidFilter: > (|(objectclass=ipaObject)(objectclass=ipaAssociation)) >add ipaUuidScope: > dc=testrelm,dc=com >add ipaUuidEnforce: > TRUE >adding new entry "cn=IPA Unique IDs,cn=IPA UUID,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [12/38]: configuring modrdn plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/modrdn-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpU7cClE >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > nsSlapdPlugin > extensibleObject >add cn: > IPA MODRDN >add nsslapd-pluginpath: > libipa_modrdn >add nsslapd-plugininitfunc: > ipamodrdn_init >add nsslapd-plugintype: > postoperation >add nsslapd-pluginenabled: > on >add nsslapd-pluginid: > ipamodrdn_version >add nsslapd-pluginversion: > 1.0 >add nsslapd-pluginvendor: > Red Hat, Inc. >add nsslapd-plugindescription: > IPA MODRDN plugin >add nsslapd-plugin-depends-on-type: > database >add nsslapd-pluginPrecedence: > 60 >adding new entry "cn=IPA MODRDN,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /tmp/tmpPG0TJt -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpIF1qJP >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > extensibleObject >add cn: > Kerberos Principal Name >add ipaModRDNsourceAttr: > uid >add ipaModRDNtargetAttr: > krbPrincipalName >add ipaModRDNsuffix: > @TESTRELM.COM >add ipaModRDNfilter: > (&(objectclass=posixaccount)(objectclass=krbPrincipalAux)) >add ipaModRDNscope: > dc=testrelm,dc=com >adding new entry "cn=Kerberos Principal Name,cn=IPA MODRDN,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [13/38]: enabling entryUSN plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/entryusn.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpOkxHfA >2013-01-16T08:57:06Z DEBUG stdout=replace nsslapd-entryusn-global: > on >modifying entry "cn=config" >modify complete > >replace nsslapd-entryusn-import-initval: > next >modifying entry "cn=config" >modify complete > >replace nsslapd-pluginenabled: > on >modifying entry "cn=USN,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [14/38]: configuring lockout plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/lockout-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpjEGfoz >2013-01-16T08:57:06Z DEBUG stdout=add objectclass: > top > nsSlapdPlugin > extensibleObject >add cn: > IPA Lockout >add nsslapd-pluginpath: > libipa_lockout >add nsslapd-plugininitfunc: > ipalockout_init >add nsslapd-plugintype: > object >add nsslapd-pluginenabled: > on >add nsslapd-pluginid: > ipalockout_version >add nsslapd-pluginversion: > 1.0 >add nsslapd-pluginvendor: > Red Hat, Inc. >add nsslapd-plugindescription: > IPA Lockout plugin >add nsslapd-plugin-depends-on-type: > database >adding new entry "cn=IPA Lockout,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [15/38]: creating indices >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/indices.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmp4d6vAU >2013-01-16T08:57:06Z DEBUG stdout=add objectClass: > top > nsIndex >add cn: > krbPrincipalName >add nsSystemIndex: > false >add nsIndexType: > eq > sub >adding new entry "cn=krbPrincipalName,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > ou >add nsSystemIndex: > false >add nsIndexType: > eq > sub >adding new entry "cn=ou,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > carLicense >add nsSystemIndex: > false >add nsIndexType: > eq > sub >adding new entry "cn=carLicense,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > title >add nsSystemIndex: > false >add nsIndexType: > eq > sub >adding new entry "cn=title,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > manager >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=manager,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > secretary >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=secretary,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > displayname >add nsSystemIndex: > false >add nsIndexType: > eq > sub >adding new entry "cn=displayname,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add nsIndexType: > sub >modifying entry "cn=uid,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > uidnumber >add nsSystemIndex: > false >add nsIndexType: > eq >add nsMatchingRule: > integerOrderingMatch >adding new entry "cn=uidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add objectClass: > top > nsIndex >add cn: > gidnumber >add nsSystemIndex: > false >add nsIndexType: > eq >add nsMatchingRule: > integerOrderingMatch >adding new entry "cn=gidnumber,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >replace nsIndexType: > eq,pres >modifying entry "cn=ntUniqueId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >replace nsIndexType: > eq,pres >modifying entry "cn=ntUserDomainId,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add ObjectClass: > top > nsIndex >add cn: > fqdn >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=fqdn,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add ObjectClass: > top > nsIndex >add cn: > macAddress >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=macAddress,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > memberHost >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=memberHost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > memberUser >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=memberUser,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > sourcehost >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=sourcehost,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > memberservice >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=memberservice,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > managedby >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=managedby,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > memberallowcmd >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=memberallowcmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > memberdenycmd >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=memberdenycmd,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > ipasudorunas >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=ipasudorunas,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > ipasudorunasgroup >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq > pres >adding new entry "cn=ipasudorunasgroup,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > automountkey >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq >adding new entry "cn=automountkey,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > >add cn: > ipakrbprincipalalias >add ObjectClass: > top > nsIndex >add nsSystemIndex: > false >add nsIndexType: > eq >adding new entry "cn=ipakrbprincipalalias,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [16/38]: enabling referential integrity plugin >2013-01-16T08:57:06Z DEBUG args=/usr/bin/ldapmodify -v -f /usr/share/ipa/referint-conf.ldif -H ldap://sideswipe.testrelm.com:389 -x -D cn=Directory Manager -y /tmp/tmpyKxmpV >2013-01-16T08:57:06Z DEBUG stdout=replace nsslapd-pluginenabled: > on >add nsslapd-pluginArg7: > manager >add nsslapd-pluginArg8: > secretary >add nsslapd-pluginArg9: > memberuser >add nsslapd-pluginArg10: > memberhost >add nsslapd-pluginArg11: > sourcehost >add nsslapd-pluginArg12: > memberservice >add nsslapd-pluginArg13: > managedby >add nsslapd-pluginArg14: > memberallowcmd >add nsslapd-pluginArg15: > memberdenycmd >add nsslapd-pluginArg16: > ipasudorunas >add nsslapd-pluginArg17: > ipasudorunasgroup >modifying entry "cn=referential integrity postoperation,cn=plugins,cn=config" >modify complete > > >2013-01-16T08:57:06Z DEBUG stderr=ldap_initialize( ldap://sideswipe.testrelm.com:389/??base ) > >2013-01-16T08:57:06Z DEBUG duration: 0 seconds >2013-01-16T08:57:06Z DEBUG [17/38]: configuring ssl for ds instance >2013-01-16T08:57:06Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:57:06Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2013-01-16T08:57:06Z DEBUG args=/usr/bin/certutil -d /etc/httpd/alias -L -n TESTRELM.COM IPA CA -a >2013-01-16T08:57:06Z DEBUG stdout=-----BEGIN CERTIFICATE----- >MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNU >UkVMTS5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAx >MTYwODU1NThaFw0zMzAxMTYwODU1NThaMDcxFTATBgNVBAoTDFRFU1RSRUxNLkNP >TTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B >AQEFAAOCAQ8AMIIBCgKCAQEAssQlEcGYzqK6M2sa9rK+GG4OY/t1Q5hvgV6ds+C6 >nALxpWTWBXTy3S1qsaR93p+8zswuKi81jQrPXwIjvRlNIg1lbi+L/lFptLtNeKp8 >+f/AoTwoswOQnEBKe0ABJrCuITwAwmrhJsVBbXs4u3Gr37MW6EZ4izOY20VZDxMN >Wn3ooFiDuIzkmy2vQET0W6kUGErSizVJKxw2qHZNLfRF19Nju5irfE4vZHsgnhf6 >wtGie8/9CkVyUtfpx41/eWCACFvT7IIfcrvYr5o/WzQlHnANUajaU8sk/J2MLBNf >unO3otaLcFV53FWASUXwRbnsI2PpDbD4PoEV+KAxWKyKZwIDAQABo4GqMIGnMB8G >A1UdIwQYMBaAFEPeNN2q16bZMwywHQ4n+TMhPXAWMA8GA1UdEwEB/wQFMAMBAf8w >DgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBE >BggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVz >dHJlbG0uY29tOjgwL2NhL29jc3AwDQYJKoZIhvcNAQELBQADggEBAKQhd+yFiOgz >VQyaxXre3epPftM45CaTwRD7Dg4o/xwCVbQ9htw+GN7iVLcceBYKxzr6oXde+bZA >TF/AsnUUAmUbUNWXe41Qi0TiJfxZiJa7CXNxLuTvz1Xbq3uU64XtdbPM1JilPEn3 >9flmNC9m3GOLUuAET64edEMTYkdDhZStOtWSKQrWj4eJMyXU8NpH6/G1efw6e/d1 >/xKHl6au4jWqpfxqdVF025Bb/gJiRk6J7GXAdMY06V9iZlDpwxk23FDPNwymwPvH >HDBd1yzM9mMm8AunlQRnIZmNdFSFND6tyY58w1SXRktNpcuwt5+p71ROmt3Xo6rr >aCqIcnVWUt4= >-----END CERTIFICATE----- > >2013-01-16T08:57:06Z DEBUG stderr= >2013-01-16T08:57:06Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-TESTRELM-COM/ -L -n TESTRELM.COM IPA CA -a >2013-01-16T08:57:06Z DEBUG stdout= >2013-01-16T08:57:06Z DEBUG stderr=certutil: Could not find cert: TESTRELM.COM IPA CA >: File not found > >2013-01-16T08:57:06Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-TESTRELM-COM/ -N -f /etc/dirsrv/slapd-TESTRELM-COM//pwdfile.txt >2013-01-16T08:57:06Z DEBUG stdout= >2013-01-16T08:57:06Z DEBUG stderr= >2013-01-16T08:57:06Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-TESTRELM-COM/ -A -n TESTRELM.COM IPA CA -t CT,,C -a >2013-01-16T08:57:06Z DEBUG stdout= >2013-01-16T08:57:06Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-TESTRELM-COM/ -R -s CN=sideswipe.testrelm.com,O=TESTRELM.COM -o /var/lib/ipa/ipa-GBkalx/tmpcertreq -k rsa -g 2048 -z /etc/dirsrv/slapd-TESTRELM-COM//noise.txt -f /etc/dirsrv/slapd-TESTRELM-COM//pwdfile.txt -a >2013-01-16T08:57:07Z DEBUG stdout= >2013-01-16T08:57:07Z DEBUG stderr= > >Generating key. This may take a few moments... > > >2013-01-16T08:57:07Z DEBUG https_request 'https://sideswipe.testrelm.com:9444/ca/ee/ca/profileSubmitSSLClient' >2013-01-16T08:57:07Z DEBUG https_request post 'profileId=caIPAserviceCert&requestor_name=IPA+Installer&cert_request=MIICfTCCAWUCAQAwODEVMBMGA1UEChMMVEVTVFJFTE0uQ09NMR8wHQYDVQQDExZz%0D%0AaWRlc3dpcGUudGVzdHJlbG0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB%0D%0ACgKCAQEAr1QGPlH9P8BLmWqskmmlH15P99V6Yd4jtATIrMyNXvoHHZZZf01SuZwF%0D%0ARXUrq1JqLxwj2%2Bz%2Bw2edxLLNzgc9VTZWfQgi15Ta70LMeTg5V3zfpa2puVfCa%2FZ3%0D%0A3Out%2FUe9k84HRpKSJk%2BsNSdlLwkKradV0FOpus1o9wdEwr3RIxxcJTTT1jRhqj1V%0D%0AcZv%2FSpAc5reMXrve4wHuecpnQtWstqkRLO9GpNLcW%2FEm3r05gk9o5wqKIPWAZkB1%0D%0ALzL6%2BTnUS1vMHWA3eXUaUJWzciucJX6Tvj83DESuGWstu1wl1qvUHqSD%2FEasfxgq%0D%0ADu7r4k8hV068uViZzdYM6QdeviZFuwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEB%0D%0AAA%2FMyWdHYq4g1hAIzChQJ9l%2FW4PfFwmWXyGxZryiRyb2CXDjElqwiBBSkEsmVvZM%0D%0AqnXykvijuDCjcX3z8uZowLwtzgTbYVW79V3RWjHDogqmYmgp5GadTyW21vfGM2yS%0D%0Art2OydnbNsqKM1RoWVMSdtntHot37fw4XNwxCucqxZDgrUtrB06BRlG3IM5Pt8q6%0D%0AhJT6i5ni%2FU94xR%2F39q6KfuY2WEnTcq49pdIp9tqQF%2FxCpxKh2kjrP%2BSyvkoStqlU%0D%0Al6cTfmZgtGb7ZTYKUK0GmGWzy%2FsnHVlpNgjWiX5guAt40Cw5CxaxqMai5PpFtbGM%0D%0AlrVywlN6PJF6rGYqmOp0J%2FY%3D%0A&cert_request_type=pkcs10&xmlOutput=true' >2013-01-16T08:57:07Z DEBUG NSSConnection init sideswipe.testrelm.com >2013-01-16T08:57:07Z DEBUG Connecting: [2620:52:0:41ce:5054:ff:fe3b:c68b]:0 >2013-01-16T08:57:07Z DEBUG auth_certificate_callback: check_sig=True is_server=False >Data: > Version: 3 (0x2) > Serial Number: 3 (0x3) > Signature Algorithm: > Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wed Jan 16 08:56:02 2013 UTC > Not After: Tue Jan 06 08:56:02 2015 UTC > Subject: CN=sideswipe.testrelm.com,O=TESTRELM.COM > Subject Public Key Info: > Public Key Algorithm: > Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > b1:9d:f8:31:fd:f0:e8:3f:5f:cd:25:c3:21:88:f7:b4: > ad:26:72:25:ca:a6:66:6a:ef:eb:9f:31:7c:b0:b5:89: > ef:35:b0:79:2f:39:97:3c:08:03:27:54:62:40:2d:bc: > 8e:06:2e:1b:e3:d6:a3:8e:74:7c:f6:48:b3:ea:af:4f: > cc:9c:e3:84:07:4b:a1:a0:a1:e9:ac:f9:b0:23:d8:c6: > 93:0c:f0:56:d8:38:e2:bd:fe:5c:72:24:cc:22:2b:8b: > ae:14:7a:13:ba:c9:5f:49:98:f2:27:75:c6:ea:0a:75: > 37:bb:a0:57:5f:e1:6e:0a:e5:11:59:22:39:59:a2:6f: > 60:1f:0e:a9:5e:15:bc:71:bd:f2:b2:f1:66:77:2d:79: > 5e:c8:8b:da:1c:d1:b1:2e:98:9d:63:c7:f7:dc:34:4c: > a4:b0:26:0b:53:d3:e4:48:a9:9f:69:0a:51:9f:2a:c0: > 4f:5b:a2:98:42:74:a9:9c:85:08:3a:3e:21:95:ce:d8: > 9c:82:97:88:e5:18:e5:b0:a0:7a:ee:48:d4:db:2b:eb: > d0:01:94:2c:75:e2:c3:1b:e1:ef:ad:49:ad:e3:22:a6: > 1e:0c:34:19:29:85:d9:57:66:e6:d6:80:da:01:5c:04: > 5a:90:41:5b:be:9d:41:ad:fb:23:25:14:48:00:38:27 > Exponent: > 65537 (0x10001) > Signed Extensions: (4) > Name: Certificate Authority Key Identifier > Critical: False > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > Serial Number: None > General Names: [0 total] > > Name: Authority Information Access > Critical: False > > Name: Certificate Key Usage > Critical: True > Usages: > Digital Signature > Non-Repudiation > Key Encipherment > Data Encipherment > > Name: Extended Key Usage > Critical: False > Usages: > TLS Web Server Authentication Certificate > > Signature: > Signature Algorithm: > Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 44:29:60:e4:c6:66:20:69:4a:2c:09:de:7f:28:31:f5: > 1e:c4:ec:1f:61:74:ba:4c:3f:08:6b:e5:1d:b5:5b:4a: > fc:dd:99:c2:d1:b2:c9:e0:1c:3b:6a:2c:49:00:28:90: > e2:4f:92:24:e9:1c:81:bb:d8:d6:dd:a4:14:73:db:aa: > 8a:d1:b2:6f:9d:f1:b5:a4:20:76:7b:13:a1:f8:f3:55: > 1c:03:e3:e6:d1:cc:6b:ba:a8:a0:15:78:bf:c8:8c:82: > c0:92:be:c3:d6:eb:e5:c1:78:24:ef:80:be:17:6d:9e: > 96:85:23:b9:b8:72:b2:5b:6a:68:21:ff:e6:c1:9a:cc: > bb:bc:01:61:1b:2f:a7:c0:4b:ee:05:bf:75:4e:40:ea: > 25:98:59:9d:60:d2:9c:9b:e8:3d:12:1f:44:18:f5:41: > dc:35:0f:ac:30:bb:da:90:1f:80:53:73:c8:21:7b:9f: > d3:0d:66:ff:16:e3:ab:b4:70:bc:c3:bf:47:4a:fe:b9: > 3d:54:eb:5b:5a:6d:86:3b:a1:a4:e7:04:3c:52:a9:d2: > 8b:02:eb:e2:a3:60:9d:72:39:8b:24:a6:94:ce:26:6a: > d3:cb:72:bc:1a:04:53:62:96:f1:d3:a1:a2:9d:ac:7f: > dd:7e:fa:63:ea:13:a4:03:ae:f4:c6:9c:da:dd:e0:c4 > Fingerprint (MD5): > a6:1c:53:9e:4d:2b:53:33:d1:e5:5c:92:9d:65:77:ca > Fingerprint (SHA1): > ac:53:2f:8b:a9:d5:93:3e:ab:1a:a0:ef:02:39:c9:1d: > 3a:32:fd:2c >2013-01-16T08:57:07Z DEBUG approved_usage = SSLServer intended_usage = SSLServer >2013-01-16T08:57:07Z DEBUG cert valid True for "CN=sideswipe.testrelm.com,O=TESTRELM.COM" >2013-01-16T08:57:07Z DEBUG handshake complete, peer = [2620:52:0:41ce:5054:ff:fe3b:c68b]:9444 >2013-01-16T08:57:07Z DEBUG auth_certificate_callback: check_sig=True is_server=False >Data: > Version: 3 (0x2) > Serial Number: 3 (0x3) > Signature Algorithm: > Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: CN=Certificate Authority,O=TESTRELM.COM > Validity: > Not Before: Wed Jan 16 08:56:02 2013 UTC > Not After: Tue Jan 06 08:56:02 2015 UTC > Subject: CN=sideswipe.testrelm.com,O=TESTRELM.COM > Subject Public Key Info: > Public Key Algorithm: > Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > b1:9d:f8:31:fd:f0:e8:3f:5f:cd:25:c3:21:88:f7:b4: > ad:26:72:25:ca:a6:66:6a:ef:eb:9f:31:7c:b0:b5:89: > ef:35:b0:79:2f:39:97:3c:08:03:27:54:62:40:2d:bc: > 8e:06:2e:1b:e3:d6:a3:8e:74:7c:f6:48:b3:ea:af:4f: > cc:9c:e3:84:07:4b:a1:a0:a1:e9:ac:f9:b0:23:d8:c6: > 93:0c:f0:56:d8:38:e2:bd:fe:5c:72:24:cc:22:2b:8b: > ae:14:7a:13:ba:c9:5f:49:98:f2:27:75:c6:ea:0a:75: > 37:bb:a0:57:5f:e1:6e:0a:e5:11:59:22:39:59:a2:6f: > 60:1f:0e:a9:5e:15:bc:71:bd:f2:b2:f1:66:77:2d:79: > 5e:c8:8b:da:1c:d1:b1:2e:98:9d:63:c7:f7:dc:34:4c: > a4:b0:26:0b:53:d3:e4:48:a9:9f:69:0a:51:9f:2a:c0: > 4f:5b:a2:98:42:74:a9:9c:85:08:3a:3e:21:95:ce:d8: > 9c:82:97:88:e5:18:e5:b0:a0:7a:ee:48:d4:db:2b:eb: > d0:01:94:2c:75:e2:c3:1b:e1:ef:ad:49:ad:e3:22:a6: > 1e:0c:34:19:29:85:d9:57:66:e6:d6:80:da:01:5c:04: > 5a:90:41:5b:be:9d:41:ad:fb:23:25:14:48:00:38:27 > Exponent: > 65537 (0x10001) > Signed Extensions: (4) > Name: Certificate Authority Key Identifier > Critical: False > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > Serial Number: None > General Names: [0 total] > > Name: Authority Information Access > Critical: False > > Name: Certificate Key Usage > Critical: True > Usages: > Digital Signature > Non-Repudiation > Key Encipherment > Data Encipherment > > Name: Extended Key Usage > Critical: False > Usages: > TLS Web Server Authentication Certificate > > Signature: > Signature Algorithm: > Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > 44:29:60:e4:c6:66:20:69:4a:2c:09:de:7f:28:31:f5: > 1e:c4:ec:1f:61:74:ba:4c:3f:08:6b:e5:1d:b5:5b:4a: > fc:dd:99:c2:d1:b2:c9:e0:1c:3b:6a:2c:49:00:28:90: > e2:4f:92:24:e9:1c:81:bb:d8:d6:dd:a4:14:73:db:aa: > 8a:d1:b2:6f:9d:f1:b5:a4:20:76:7b:13:a1:f8:f3:55: > 1c:03:e3:e6:d1:cc:6b:ba:a8:a0:15:78:bf:c8:8c:82: > c0:92:be:c3:d6:eb:e5:c1:78:24:ef:80:be:17:6d:9e: > 96:85:23:b9:b8:72:b2:5b:6a:68:21:ff:e6:c1:9a:cc: > bb:bc:01:61:1b:2f:a7:c0:4b:ee:05:bf:75:4e:40:ea: > 25:98:59:9d:60:d2:9c:9b:e8:3d:12:1f:44:18:f5:41: > dc:35:0f:ac:30:bb:da:90:1f:80:53:73:c8:21:7b:9f: > d3:0d:66:ff:16:e3:ab:b4:70:bc:c3:bf:47:4a:fe:b9: > 3d:54:eb:5b:5a:6d:86:3b:a1:a4:e7:04:3c:52:a9:d2: > 8b:02:eb:e2:a3:60:9d:72:39:8b:24:a6:94:ce:26:6a: > d3:cb:72:bc:1a:04:53:62:96:f1:d3:a1:a2:9d:ac:7f: > dd:7e:fa:63:ea:13:a4:03:ae:f4:c6:9c:da:dd:e0:c4 > Fingerprint (MD5): > a6:1c:53:9e:4d:2b:53:33:d1:e5:5c:92:9d:65:77:ca > Fingerprint (SHA1): > ac:53:2f:8b:a9:d5:93:3e:ab:1a:a0:ef:02:39:c9:1d: > 3a:32:fd:2c >2013-01-16T08:57:07Z DEBUG approved_usage = SSLServer intended_usage = SSLServer >2013-01-16T08:57:07Z DEBUG cert valid True for "CN=sideswipe.testrelm.com,O=TESTRELM.COM" >2013-01-16T08:57:07Z DEBUG handshake complete, peer = [2620:52:0:41ce:5054:ff:fe3b:c68b]:9444 >2013-01-16T08:57:07Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-TESTRELM-COM/ -A -n Server-Cert -t u,u,u -i /var/lib/ipa/ipa-GBkalx/tmpcert.der -f /etc/dirsrv/slapd-TESTRELM-COM//pwdfile.txt >2013-01-16T08:57:07Z DEBUG stdout= >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/sbin/chkconfig certmonger on >2013-01-16T08:57:07Z DEBUG stdout= >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/sbin/service messagebus start >2013-01-16T08:57:07Z DEBUG stdout=Starting system message bus: > >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/sbin/service messagebus status >2013-01-16T08:57:07Z DEBUG stdout=messagebus (pid 4756) is running... > >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/sbin/service certmonger start >2013-01-16T08:57:07Z DEBUG stdout= >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/sbin/service certmonger status >2013-01-16T08:57:07Z DEBUG stdout=certmonger (pid 27317) is running... > >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/usr/bin/certutil -L -d /etc/dirsrv/slapd-TESTRELM-COM -n Server-Cert >2013-01-16T08:57:07Z DEBUG stdout=Certificate: > Data: > Version: 3 (0x2) > Serial Number: 8 (0x8) > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Issuer: "CN=Certificate Authority,O=TESTRELM.COM" > Validity: > Not Before: Wed Jan 16 08:57:07 2013 > Not After : Sat Jan 17 08:57:07 2015 > Subject: "CN=sideswipe.testrelm.com,O=TESTRELM.COM" > Subject Public Key Info: > Public Key Algorithm: PKCS #1 RSA Encryption > RSA Public Key: > Modulus: > af:54:06:3e:51:fd:3f:c0:4b:99:6a:ac:92:69:a5:1f: > 5e:4f:f7:d5:7a:61:de:23:b4:04:c8:ac:cc:8d:5e:fa: > 07:1d:96:59:7f:4d:52:b9:9c:05:45:75:2b:ab:52:6a: > 2f:1c:23:db:ec:fe:c3:67:9d:c4:b2:cd:ce:07:3d:55: > 36:56:7d:08:22:d7:94:da:ef:42:cc:79:38:39:57:7c: > df:a5:ad:a9:b9:57:c2:6b:f6:77:dc:eb:ad:fd:47:bd: > 93:ce:07:46:92:92:26:4f:ac:35:27:65:2f:09:0a:ad: > a7:55:d0:53:a9:ba:cd:68:f7:07:44:c2:bd:d1:23:1c: > 5c:25:34:d3:d6:34:61:aa:3d:55:71:9b:ff:4a:90:1c: > e6:b7:8c:5e:bb:de:e3:01:ee:79:ca:67:42:d5:ac:b6: > a9:11:2c:ef:46:a4:d2:dc:5b:f1:26:de:bd:39:82:4f: > 68:e7:0a:8a:20:f5:80:66:40:75:2f:32:fa:f9:39:d4: > 4b:5b:cc:1d:60:37:79:75:1a:50:95:b3:72:2b:9c:25: > 7e:93:be:3f:37:0c:44:ae:19:6b:2d:bb:5c:25:d6:ab: > d4:1e:a4:83:fc:46:ac:7f:18:2a:0e:ee:eb:e2:4f:21: > 57:4e:bc:b9:58:99:cd:d6:0c:e9:07:5e:be:26:45:bb > Exponent: 65537 (0x10001) > Signed Extensions: > Name: Certificate Authority Key Identifier > Key ID: > 43:de:34:dd:aa:d7:a6:d9:33:0c:b0:1d:0e:27:f9:33: > 21:3d:70:16 > > Name: Authority Information Access > Method: PKIX Online Certificate Status Protocol > Location: > URI: "http://sideswipe.testrelm.com:80/ca/ocsp" > > Name: Certificate Key Usage > Critical: True > Usages: Digital Signature > Non-Repudiation > Key Encipherment > Data Encipherment > > Name: Extended Key Usage > TLS Web Server Authentication Certificate > TLS Web Client Authentication Certificate > > Name: Certificate Subject Key ID > Data: > 26:a4:7e:08:c9:77:24:60:93:9f:89:06:a4:d8:0c:f4: > 6a:66:a0:ef > > Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption > Signature: > a3:36:81:e7:48:7a:21:4b:62:5e:7d:8a:21:2d:c9:bd: > 54:37:43:c0:74:42:5d:83:8f:88:6f:c0:4f:fa:bd:7e: > 84:d4:be:04:c0:9b:14:f0:1e:01:6e:36:54:3b:6f:ed: > 4d:7b:6a:3f:5b:3b:65:62:25:2b:f0:0a:60:0d:38:f2: > 4d:ce:14:50:cc:7b:cd:2f:3f:30:56:49:04:73:11:2f: > 65:41:b5:16:00:fa:50:26:94:40:5c:af:9f:05:34:18: > 2e:eb:74:29:6a:dd:d8:42:a0:9b:8e:f7:af:fc:60:43: > fd:c7:ef:30:72:bd:e4:a2:b1:7d:5a:24:42:da:82:64: > c7:f0:dc:a6:fb:9e:4a:76:24:2c:f0:2d:86:ff:f6:6c: > 7d:b9:39:e8:35:73:95:60:96:7d:65:7f:bf:19:f9:68: > 59:7d:b6:cf:b7:87:a2:8e:33:a4:1d:2d:50:41:e5:56: > ff:81:00:c7:4d:66:bc:bf:f9:97:a4:92:62:3e:fd:9f: > 75:87:3a:bf:d2:28:07:d6:37:e2:d1:f7:47:86:df:41: > 21:ae:3e:8a:07:0c:16:81:66:c5:7b:2a:a0:0d:84:9b: > df:f6:93:db:f0:c8:69:4e:f9:f3:69:ba:3f:f5:2d:68: > 2d:65:99:e3:92:2d:65:3c:7d:d3:bc:bb:9b:06:d6:fe > Fingerprint (MD5): > CC:17:06:E4:46:2F:CB:93:24:91:F7:73:9A:DE:3E:2E > Fingerprint (SHA1): > 7A:0C:A0:2A:50:77:6A:8B:32:4D:F8:FE:8D:6C:2E:B8:46:2F:DF:05 > > Certificate Trust Flags: > SSL Flags: > User > Email Flags: > User > Object Signing Flags: > User > > >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:07Z DEBUG args=/usr/bin/ipa-getcert start-tracking -d /etc/dirsrv/slapd-TESTRELM-COM -n Server-Cert -p /etc/dirsrv/slapd-TESTRELM-COM/pwdfile.txt -C /usr/lib64/ipa/certmonger/restart_dirsrv TESTRELM-COM >2013-01-16T08:57:07Z DEBUG stdout=New tracking request "20130116085707" added. > >2013-01-16T08:57:07Z DEBUG stderr= >2013-01-16T08:57:08Z DEBUG args=/sbin/service certmonger stop >2013-01-16T08:57:08Z DEBUG stdout=Stopping certmonger: [60G[[0;32m OK [0;39m] > >2013-01-16T08:57:08Z DEBUG stderr= >2013-01-16T08:57:08Z DEBUG args=/usr/bin/certutil -d /etc/dirsrv/slapd-TESTRELM-COM/ -L -n Server-Cert -a >2013-01-16T08:57:08Z DEBUG stdout=-----BEGIN CERTIFICATE----- >MIIDozCCAougAwIBAgIBCDANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKEwxURVNU >UkVMTS5DT00xHjAcBgNVBAMTFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xMzAx >MTYwODU3MDdaFw0xNTAxMTcwODU3MDdaMDgxFTATBgNVBAoTDFRFU1RSRUxNLkNP >TTEfMB0GA1UEAxMWc2lkZXN3aXBlLnRlc3RyZWxtLmNvbTCCASIwDQYJKoZIhvcN >AQEBBQADggEPADCCAQoCggEBAK9UBj5R/T/AS5lqrJJppR9eT/fVemHeI7QEyKzM >jV76Bx2WWX9NUrmcBUV1K6tSai8cI9vs/sNnncSyzc4HPVU2Vn0IIteU2u9CzHk4 >OVd836WtqblXwmv2d9zrrf1HvZPOB0aSkiZPrDUnZS8JCq2nVdBTqbrNaPcHRMK9 >0SMcXCU009Y0Yao9VXGb/0qQHOa3jF673uMB7nnKZ0LVrLapESzvRqTS3FvxJt69 >OYJPaOcKiiD1gGZAdS8y+vk51EtbzB1gN3l1GlCVs3IrnCV+k74/NwxErhlrLbtc >Jdar1B6kg/xGrH8YKg7u6+JPIVdOvLlYmc3WDOkHXr4mRbsCAwEAAaOBuDCBtTAf >BgNVHSMEGDAWgBRD3jTdqtem2TMMsB0OJ/kzIT1wFjBEBggrBgEFBQcBAQQ4MDYw >NAYIKwYBBQUHMAGGKGh0dHA6Ly9zaWRlc3dpcGUudGVzdHJlbG0uY29tOjgwL2Nh >L29jc3AwDgYDVR0PAQH/BAQDAgTwMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF >BQcDAjAdBgNVHQ4EFgQUJqR+CMl3JGCTn4kGpNgM9GpmoO8wDQYJKoZIhvcNAQEL >BQADggEBAKM2gedIeiFLYl59iiEtyb1UN0PAdEJdg4+Ib8BP+r1+hNS+BMCbFPAe >AW42VDtv7U17aj9bO2ViJSvwCmANOPJNzhRQzHvNLz8wVkkEcxEvZUG1FgD6UCaU >QFyvnwU0GC7rdClq3dhCoJuO96/8YEP9x+8wcr3korF9WiRC2oJkx/DcpvueSnYk >LPAthv/2bH25Oeg1c5Vgln1lf78Z+WhZfbbPt4eijjOkHS1QQeVW/4EAx01mvL/5 >l6SSYj79n3WHOr/SKAfWN+LR90eG30Ehrj6KBwwWgWbFeyqgDYSb3/aT2/DIaU75 >82m6P/UtaC1lmeOSLWU8fdO8u5sG1v4= >-----END CERTIFICATE----- > >2013-01-16T08:57:08Z DEBUG stderr= >2013-01-16T08:57:26Z DEBUG args=/sbin/service certmonger start >2013-01-16T08:57:26Z DEBUG stdout=Starting certmonger: [60G[[0;32m OK [0;39m] > >2013-01-16T08:57:26Z DEBUG stderr= >2013-01-16T08:57:26Z DEBUG args=/sbin/service certmonger status >2013-01-16T08:57:26Z DEBUG stdout=certmonger (pid 27727) is running... > >2013-01-16T08:57:26Z DEBUG stderr= >2013-01-16T08:57:26Z INFO File "/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line 614, in run_script > return_value = main_function() > > File "/usr/sbin/ipa-server-install", line 990, in main > hbac_allow=not options.hbac_allow) > > File "/usr/lib/python2.6/site-packages/ipaserver/install/dsinstance.py", line 266, in create_instance > self.start_creation(runtime=60) > > File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 358, in start_creation > method() > > File "/usr/lib/python2.6/site-packages/ipaserver/install/dsinstance.py", line 564, in __enable_ssl > conn.simple_bind_s(DN(('cn', 'directory manager')), self.dm_password) > > File "/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py", line 617, in simple_bind_s > return self.conn.simple_bind_s(who, cred, serverctrls, clientctrls) > > File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 206, in simple_bind_s > msgid = self.simple_bind(who,cred,serverctrls,clientctrls) > > File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 200, in simple_bind > return self._ldap_call(self._l.simple_bind,who,cred,EncodeControlTuples(serverctrls),EncodeControlTuples(clientctrls)) > > File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call > result = func(*args,**kwargs) > >2013-01-16T08:57:26Z INFO The ipa-server-install command failed, exception: SERVER_DOWN: {'desc': "Can't contact LDAP server"}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=679427">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 895561
: 679427