Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 936673 Details for
Bug 1140855
ipa-server-install fails when configuring CA
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
ipa server install log
ipaserver-install.log (text/plain), 27.83 KB, created by
Namita Soman
on 2014-09-11 20:59:38 UTC
(
hide
)
Description:
ipa server install log
Filename:
MIME Type:
Creator:
Namita Soman
Created:
2014-09-11 20:59:38 UTC
Size:
27.83 KB
patch
obsolete
>2014-09-11T20:44:55Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:55Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2014-09-11T20:44:55Z DEBUG httpd is not configured >2014-09-11T20:44:55Z DEBUG kadmin is not configured >2014-09-11T20:44:55Z DEBUG dirsrv is not configured >2014-09-11T20:44:55Z DEBUG pki-cad is not configured >2014-09-11T20:44:55Z DEBUG pki-tomcatd is not configured >2014-09-11T20:44:55Z DEBUG pkids is not configured >2014-09-11T20:44:55Z DEBUG install is not configured >2014-09-11T20:44:55Z DEBUG krb5kdc is not configured >2014-09-11T20:44:55Z DEBUG ntpd is not configured >2014-09-11T20:44:55Z DEBUG named is not configured >2014-09-11T20:44:55Z DEBUG ipa_memcached is not configured >2014-09-11T20:44:55Z DEBUG filestore is tracking no files >2014-09-11T20:44:55Z DEBUG Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' >2014-09-11T20:44:55Z DEBUG /usr/sbin/ipa-server-install was invoked with options: {'zone_refresh': 0, 'reverse_zone': None, 'realm_name': 'TESTRELM.TEST', 'create_sshfp': True, 'conf_sshd': True, 'conf_ntp': True, 'subject': None, 'no_forwarders': False, 'persistent_search': True, 'ui_redirect': True, 'domain_name': 'testrelm.test', 'idmax': 0, 'hbac_allow': False, 'no_reverse': False, 'dirsrv_pkcs12': None, 'unattended': True, 'selfsign': False, 'trust_sshfp': False, 'external_ca_file': None, 'no_host_dns': False, 'http_pkcs12': None, 'zone_notif': False, 'forwarders': [CheckedIPAddress('10.11.5.19')], 'idstart': 1235000000, 'external_ca': False, 'ip_address': None, 'conf_ssh': True, 'serial_autoincrement': True, 'zonemgr': None, 'setup_dns': True, 'host_name': 'cloud-qe-18.testrelm.test', 'debug': False, 'external_cert_file': None, 'uninstall': False} >2014-09-11T20:44:55Z DEBUG missing options might be asked for interactively later > >2014-09-11T20:44:55Z DEBUG Loading Index file from '/var/lib/ipa/sysrestore/sysrestore.index' >2014-09-11T20:44:55Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:55Z DEBUG args=/usr/sbin/httpd -t -D DUMP_VHOSTS >2014-09-11T20:44:55Z DEBUG stdout=VirtualHost configuration: >wildcard NameVirtualHosts and _default_ servers: >_default_:8443 cloud-qe-18.testrelm.test (/etc/httpd/conf.d/nss.conf:84) > >2014-09-11T20:44:55Z DEBUG stderr=Syntax OK > >2014-09-11T20:44:55Z DEBUG Check if cloud-qe-18.testrelm.test is a primary hostname for localhost >2014-09-11T20:44:55Z DEBUG Primary hostname for localhost: cloud-qe-18.testrelm.test >2014-09-11T20:44:55Z DEBUG will use host_name: cloud-qe-18.testrelm.test > >2014-09-11T20:44:55Z DEBUG args=/sbin/ip -family inet -oneline address show >2014-09-11T20:44:55Z DEBUG stdout=1: lo inet 127.0.0.1/8 scope host lo >3: eth0 inet 10.16.96.134/22 brd 10.16.99.255 scope global eth0 > >2014-09-11T20:44:55Z DEBUG stderr= >2014-09-11T20:44:55Z DEBUG will use dns_forwarders: [CheckedIPAddress('10.11.5.19')] > >2014-09-11T20:44:55Z DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipalib/plugins'... >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automember.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/automount.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/batch.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/cert.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/config.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/delegation.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/group.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacrule.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvc.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvcgroup.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hbactest.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/host.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/hostgroup.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/idrange.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/internal.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/kerberos.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/krbtpolicy.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/migration.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/misc.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/passwd.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/permission.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/ping.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/privilege.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/pwpolicy.py' >2014-09-11T20:44:55Z DEBUG args=klist -V >2014-09-11T20:44:55Z DEBUG stdout=Kerberos 5 version 1.10.3 > >2014-09-11T20:44:55Z DEBUG stderr= >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/role.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/selfservice.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/selinuxusermap.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/service.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmd.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudocmdgroup.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/sudorule.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/trust.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/user.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/virtual.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipalib/plugins/xmlclient.py' >2014-09-11T20:44:55Z DEBUG importing all plugin modules in '/usr/lib/python2.6/site-packages/ipaserver/install/plugins'... >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/adtrust.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/baseupdate.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/dns.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/fix_replica_agreements.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/rename_managed.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/update_anonymous_aci.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/update_services.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/updateclient.py' >2014-09-11T20:44:55Z DEBUG importing plugin module '/usr/lib/python2.6/site-packages/ipaserver/install/plugins/upload_cacrt.py' >2014-09-11T20:44:55Z DEBUG ds group dirsrv exists >2014-09-11T20:44:55Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:55Z DEBUG Configuring NTP daemon (ntpd) >2014-09-11T20:44:55Z DEBUG [1/4]: stopping ntpd >2014-09-11T20:44:56Z DEBUG args=/sbin/service ntpd status >2014-09-11T20:44:56Z DEBUG stdout=ntpd is stopped > >2014-09-11T20:44:56Z DEBUG stderr= >2014-09-11T20:44:56Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:56Z DEBUG args=/sbin/service ntpd stop >2014-09-11T20:44:56Z DEBUG stdout=Shutting down ntpd: [FAILED] > >2014-09-11T20:44:56Z DEBUG stderr= >2014-09-11T20:44:56Z DEBUG duration: 0 seconds >2014-09-11T20:44:56Z DEBUG [2/4]: writing configuration >2014-09-11T20:44:56Z DEBUG Backing up system configuration file '/etc/ntp.conf' >2014-09-11T20:44:56Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2014-09-11T20:44:56Z DEBUG Backing up system configuration file '/etc/sysconfig/ntpd' >2014-09-11T20:44:56Z DEBUG Saving Index File to '/var/lib/ipa/sysrestore/sysrestore.index' >2014-09-11T20:44:56Z DEBUG duration: 0 seconds >2014-09-11T20:44:56Z DEBUG [3/4]: configuring ntpd to start on boot >2014-09-11T20:44:56Z DEBUG args=/sbin/chkconfig ntpd >2014-09-11T20:44:56Z DEBUG stdout= >2014-09-11T20:44:56Z DEBUG stderr= >2014-09-11T20:44:56Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:56Z DEBUG args=/sbin/chkconfig ntpd on >2014-09-11T20:44:56Z DEBUG stdout= >2014-09-11T20:44:56Z DEBUG stderr= >2014-09-11T20:44:56Z DEBUG duration: 0 seconds >2014-09-11T20:44:56Z DEBUG [4/4]: starting ntpd >2014-09-11T20:44:56Z DEBUG args=/sbin/service ntpd start >2014-09-11T20:44:56Z DEBUG stdout=Starting ntpd: [ OK ] > >2014-09-11T20:44:56Z DEBUG stderr= >2014-09-11T20:44:56Z DEBUG args=/sbin/service ntpd status >2014-09-11T20:44:56Z DEBUG stdout=ntpd (pid 31343) is running... > >2014-09-11T20:44:56Z DEBUG stderr= >2014-09-11T20:44:56Z DEBUG duration: 0 seconds >2014-09-11T20:44:56Z DEBUG Done configuring NTP daemon (ntpd). >2014-09-11T20:44:56Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:56Z DEBUG Configuring directory server for the CA (pkids): Estimated time 30 seconds >2014-09-11T20:44:56Z DEBUG [1/3]: creating directory server user >2014-09-11T20:44:56Z DEBUG ds user pkisrv exists >2014-09-11T20:44:56Z DEBUG duration: 0 seconds >2014-09-11T20:44:56Z DEBUG [2/3]: creating directory server instance >2014-09-11T20:44:56Z DEBUG Saving StateFile to '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:44:56Z DEBUG writing inf template >2014-09-11T20:44:56Z DEBUG >[General] >FullMachineName= cloud-qe-18.testrelm.test >SuiteSpotUserID= pkisrv >SuiteSpotGroup= dirsrv >ServerRoot= /usr/lib64/dirsrv >[slapd] >ServerPort= 7389 >ServerIdentifier= PKI-IPA >Suffix= dc=testrelm,dc=test >RootDN= cn=Directory Manager >ConfigFile = /usr/share/pki/ca/conf/database.ldif > >2014-09-11T20:44:56Z DEBUG calling setup-ds.pl >2014-09-11T20:45:03Z DEBUG args=/usr/sbin/setup-ds.pl --silent --logfile - -f /tmp/tmpQ1tsTY >2014-09-11T20:45:03Z DEBUG stdout=[14/09/11:16:45:03] - [Setup] Info Your new DS instance 'PKI-IPA' was successfully created. >Your new DS instance 'PKI-IPA' was successfully created. >[14/09/11:16:45:03] - [Setup] Success Exiting . . . >Log file is '-' > >Exiting . . . >Log file is '-' > > >2014-09-11T20:45:03Z DEBUG stderr= >2014-09-11T20:45:03Z DEBUG completed creating ds instance >2014-09-11T20:45:03Z DEBUG duration: 7 seconds >2014-09-11T20:45:03Z DEBUG [3/3]: restarting directory server >2014-09-11T20:45:06Z DEBUG args=/sbin/service dirsrv restart PKI-IPA >2014-09-11T20:45:06Z DEBUG stdout=Shutting down dirsrv: > PKI-IPA...[ OK ] >Starting dirsrv: > PKI-IPA...[ OK ] > >2014-09-11T20:45:06Z DEBUG stderr= >2014-09-11T20:45:06Z DEBUG args=/sbin/service dirsrv status PKI-IPA >2014-09-11T20:45:06Z DEBUG stdout=dirsrv PKI-IPA (pid 31517) is running... > >2014-09-11T20:45:06Z DEBUG stderr= >2014-09-11T20:45:06Z DEBUG wait_for_open_ports: localhost [7389] timeout 300 >2014-09-11T20:45:06Z DEBUG args=/sbin/service dirsrv status PKI-IPA >2014-09-11T20:45:06Z DEBUG stdout=dirsrv PKI-IPA (pid 31517) is running... > >2014-09-11T20:45:06Z DEBUG stderr= >2014-09-11T20:45:06Z DEBUG duration: 2 seconds >2014-09-11T20:45:06Z DEBUG Done configuring directory server for the CA (pkids). >2014-09-11T20:45:06Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' >2014-09-11T20:45:06Z DEBUG Configuring certificate server (pki-cad): Estimated time 3 minutes 30 seconds >2014-09-11T20:45:06Z DEBUG [1/20]: creating certificate server user >2014-09-11T20:45:06Z DEBUG ca user pkiuser exists >2014-09-11T20:45:06Z DEBUG duration: 0 seconds >2014-09-11T20:45:06Z DEBUG [2/20]: configuring certificate server instance >2014-09-11T20:45:07Z DEBUG args=/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname cloud-qe-18.testrelm.test -cs_port 9445 -client_certdb_dir /tmp/tmp-OPtf1q -client_certdb_pwd XXXXXXXX -preop_pin FEWqtdQE7gzYWO3KcGJc -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject CN=ipa-ca-agent,O=TESTRELM.TEST -ldap_host cloud-qe-18.testrelm.test -ldap_port 7389 -bind_dn cn=Directory Manager -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name CN=CA Subsystem,O=TESTRELM.TEST -ca_subsystem_cert_subject_name CN=CA Subsystem,O=TESTRELM.TEST -ca_ocsp_cert_subject_name CN=OCSP Subsystem,O=TESTRELM.TEST -ca_server_cert_subject_name CN=cloud-qe-18.testrelm.test,O=TESTRELM.TEST -ca_audit_signing_cert_subject_name CN=CA Audit,O=TESTRELM.TEST -ca_sign_cert_subject_name CN=Certificate Authority,O=TESTRELM.TEST -external false -clone false >2014-09-11T20:45:07Z DEBUG stdout=libpath=/usr/lib64 >####################################################################### >CRYPTO INIT WITH CERTDB:/tmp/tmp-OPtf1q >tokenpwd:XXXXXXXX >############################################# >Attempting to connect to: cloud-qe-18.testrelm.test:9445 >in TestCertApprovalCallback.approve() >Peer cert details: > subject: CN=cloud-qe-18.testrelm.test,O=2014-09-11 15:42:03 > issuer: CN=cloud-qe-18.testrelm.test,O=2014-09-11 15:42:03 > serial: 0 >item 1 reason=-8156 depth=1 > cert details: > subject: CN=cloud-qe-18.testrelm.test,O=2014-09-11 15:42:03 > issuer: CN=cloud-qe-18.testrelm.test,O=2014-09-11 15:42:03 > serial: 0 >item 2 reason=-8172 depth=1 > cert details: > subject: CN=cloud-qe-18.testrelm.test,O=2014-09-11 15:42:03 > issuer: CN=cloud-qe-18.testrelm.test,O=2014-09-11 15:42:03 > serial: 0 >importing certificate. >Connected. >Posting Query = https://cloud-qe-18.testrelm.test:9445//ca/admin/console/config/login?pin=FEWqtdQE7gzYWO3KcGJc&xml=true >RESPONSE STATUS: HTTP/1.1 302 Moved Temporarily >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Set-Cookie: JSESSIONID=EAB8D51CE9A1BFCBE2564B99BE1BB72F; Path=/ca; Secure >RESPONSE HEADER: Location: https://cloud-qe-18.testrelm.test:9445/ca/admin/console/config/wizard >RESPONSE HEADER: Content-Type: text/html;charset=UTF-8 >RESPONSE HEADER: Content-Length: 0 >RESPONSE HEADER: Date: Thu, 11 Sep 2014 20:45:06 GMT >RESPONSE HEADER: Connection: keep-alive >xml returned: >cookie list: JSESSIONID=EAB8D51CE9A1BFCBE2564B99BE1BB72F; Path=/ca; Secure >############################################# >Attempting to connect to: cloud-qe-18.testrelm.test:9445 >Connected. >Posting Query = https://cloud-qe-18.testrelm.test:9445//ca/admin/console/config/wizard?p=0&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 11 Sep 2014 20:45:06 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <panel>admin/console/config/modulepanel.vm</panel> > <res/> > <showApplyButton/> > <status>display</status> > <subpanelno>2</subpanelno> > <sms> > <Vector> > <Module> > <CommonName>NSS Internal PKCS #11 Module</CommonName> > <UserFriendlyName>NSS Internal PKCS #11 Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > <Module> > <CommonName>nfast</CommonName> > <UserFriendlyName>nCipher's nFast Token Hardware Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > <Module> > <CommonName>lunasa</CommonName> > <UserFriendlyName>SafeNet's LunaSA Token Hardware Module</UserFriendlyName> > <ImagePath>../img/clearpixel.gif</ImagePath> > </Module> > </Vector> > </sms> > <errorString/> > <size>19</size> > <title>Key Store</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <p>1</p> > <name>CA Setup Wizard</name> > <oms> > <Vector/> > </oms> > <defTok>Internal Key Storage Token</defTok> > <req/> > <panelname>module</panelname> ></response> >############################################# >Attempting to connect to: cloud-qe-18.testrelm.test:9445 >Connected. >Posting Query = https://cloud-qe-18.testrelm.test:9445//ca/admin/console/config/wizard?p=1&op=next&xml=true&choice=Internal+Key+Storage+Token >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: application/xml;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 11 Sep 2014 20:45:06 GMT >RESPONSE HEADER: Connection: close ><?xml version="1.0" encoding="UTF-8"?> ><!-- BEGIN COPYRIGHT BLOCK > This program is free software; you can redistribute it and/or modify > it under the terms of the GNU General Public License as published by > the Free Software Foundation; version 2 of the License. > > This program is distributed in the hope that it will be useful, > but WITHOUT ANY WARRANTY; without even the implied warranty of > MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along > with this program; if not, write to the Free Software Foundation, Inc., > 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. > > Copyright (C) 2007 Red Hat, Inc. > All rights reserved. > END COPYRIGHT BLOCK --> ><response> > <machineName>cloud-qe-18.testrelm.test</machineName> > <panel>admin/console/config/securitydomainpanel.vm</panel> > <res/> > <initCommand>/sbin/service pki-cad</initCommand> > <showApplyButton/> > <sdomainName>Testrelm Domain</sdomainName> > <sdomainURL>https://cloud-qe-18.testrelm.test:9445</sdomainURL> > <http_ee_port>80</http_ee_port> > <systemname>CA</systemname> > <title>Security Domain</title> > <panels> > <Vector> > <Panel> > <Id>welcome</Id> > <Name>Welcome</Name> > </Panel> > <Panel> > <Id>module</Id> > <Name>Key Store</Name> > </Panel> > <Panel> > <Id>confighsmlogin</Id> > <Name>ConfigHSMLogin</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Security Domain</Name> > </Panel> > <Panel> > <Id>securitydomain</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>subsystem</Id> > <Name>Subsystem Type</Name> > </Panel> > <Panel> > <Id>clone</Id> > <Name>Display Certificate Chain</Name> > </Panel> > <Panel> > <Id>restorekeys</Id> > <Name>Import Keys and Certificates</Name> > </Panel> > <Panel> > <Id>cahierarchy</Id> > <Name>PKI Hierarchy</Name> > </Panel> > <Panel> > <Id>database</Id> > <Name>Internal Database</Name> > </Panel> > <Panel> > <Id>size</Id> > <Name>Key Pairs</Name> > </Panel> > <Panel> > <Id>subjectname</Id> > <Name>Subject Names</Name> > </Panel> > <Panel> > <Id>certrequest</Id> > <Name>Requests and Certificates</Name> > </Panel> > <Panel> > <Id>backupkeys</Id> > <Name>Export Keys and Certificates</Name> > </Panel> > <Panel> > <Id>savepk12</Id> > <Name>Save Keys and Certificates</Name> > </Panel> > <Panel> > <Id>importcachain</Id> > <Name>Import CA's Certificate Chain</Name> > </Panel> > <Panel> > <Id>admin</Id> > <Name>Administrator</Name> > </Panel> > <Panel> > <Id>importadmincert</Id> > <Name>Import Administrator's Certificate</Name> > </Panel> > <Panel> > <Id>done</Id> > <Name>Done</Name> > </Panel> > </Vector> > </panels> > <sdomainAdminURL>https://cloud-qe-18.testrelm.test:9445</sdomainAdminURL> > <check_existingdomain/> > <name>CA Setup Wizard</name> > <https_ee_port>443</https_ee_port> > <https_admin_port>443</https_admin_port> > <panelname>securitydomain</panelname> > <https_agent_port>443</https_agent_port> > <cstype>CA</cstype> > <instanceId><security_domain_instance_name></instanceId> > <updateStatus>success</updateStatus> > <errorString/> > <size>19</size> > <p>3</p> > <check_newdomain>checked</check_newdomain> > <req/> > <wizardname>CA Setup Wizard</wizardname> ></response> >############################################# >Attempting to connect to: cloud-qe-18.testrelm.test:9445 >Connected. >Posting Query = https://cloud-qe-18.testrelm.test:9445//ca/admin/console/config/wizard?sdomainURL=https%3A%2F%2Fcloud-qe-18.testrelm.test%3A9445&sdomainName=IPA&choice=newdomain&p=3&op=next&xml=true >RESPONSE STATUS: HTTP/1.1 200 OK >RESPONSE HEADER: Server: Apache-Coyote/1.1 >RESPONSE HEADER: Content-Type: text/html;charset=UTF-8 >RESPONSE HEADER: Date: Thu, 11 Sep 2014 20:45:06 GMT >RESPONSE HEADER: Connection: close >ERROR: unable to parse xml >ERROR XML = >ERROR: Tag='updateStatus' has no values >Error in DomainPanel(): updateStatus value is null >ERROR: ConfigureCA: DomainPanel() failure >ERROR: unable to create CA > >####################################################################### > >2014-09-11T20:45:07Z DEBUG stderr=[Fatal Error] :1:8: The string "--" is not permitted within comments. >org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 8; The string "--" is not permitted within comments. > at org.apache.xerces.parsers.DOMParser.parse(DOMParser.java:239) > at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:283) > at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:121) > at ParseXML.parse(ParseXML.java:258) > at ConfigureCA.getStatus(ConfigureCA.java:205) > at ConfigureCA.checkStatus(ConfigureCA.java:221) > at ConfigureCA.checkStatus(ConfigureCA.java:216) > at ConfigureCA.DomainPanel(ConfigureCA.java:332) > at ConfigureCA.ConfigureCAInstance(ConfigureCA.java:1173) > at ConfigureCA.main(ConfigureCA.java:1672) > >2014-09-11T20:45:07Z CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname cloud-qe-18.testrelm.test -cs_port 9445 -client_certdb_dir /tmp/tmp-OPtf1q -client_certdb_pwd XXXXXXXX -preop_pin FEWqtdQE7gzYWO3KcGJc -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject CN=ipa-ca-agent,O=TESTRELM.TEST -ldap_host cloud-qe-18.testrelm.test -ldap_port 7389 -bind_dn cn=Directory Manager -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name CN=CA Subsystem,O=TESTRELM.TEST -ca_subsystem_cert_subject_name CN=CA Subsystem,O=TESTRELM.TEST -ca_ocsp_cert_subject_name CN=OCSP Subsystem,O=TESTRELM.TEST -ca_server_cert_subject_name CN=cloud-qe-18.testrelm.test,O=TESTRELM.TEST -ca_audit_signing_cert_subject_name CN=CA Audit,O=TESTRELM.TEST -ca_sign_cert_subject_name CN=Certificate Authority,O=TESTRELM.TEST -external false -clone false' returned non-zero exit status 255 >2014-09-11T20:45:07Z INFO File "/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line 614, in run_script > return_value = main_function() > > File "/usr/sbin/ipa-server-install", line 942, in main > subject_base=options.subject) > > File "/usr/lib/python2.6/site-packages/ipaserver/install/cainstance.py", line 626, in configure_instance > self.start_creation(runtime=210) > > File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 358, in start_creation > method() > > File "/usr/lib/python2.6/site-packages/ipaserver/install/cainstance.py", line 888, in __configure_instance > raise RuntimeError('Configuration of CA failed') > >2014-09-11T20:45:07Z INFO The ipa-server-install command failed, exception: RuntimeError: Configuration of CA failed
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=936673">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1140855
: 936673