Bug 689858

Summary: service status may return incorrect state if there are 2 pki instance installed on single system
Product: [Retired] Dogtag Certificate System Reporter: Andrew Wnuk <awnuk>
Component: ScriptsAssignee: RHCS Maintainers <rhcs-maint>
Status: CLOSED EOL QA Contact: Ben Levenson <benl>
Severity: unspecified Docs Contact:
Priority: high    
Version: 9.0CC: alee, cfu, dpal, jmagne
Target Milestone: 9.0   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-27 20:10:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 697504    
Bug Blocks: 530474    

Description Andrew Wnuk 2011-03-22 16:49:59 UTC 
Service status may return incorrect state if there are 2 pki instance installed on single system. In example below, we have CA and OCSP installed on the same system. 

Steps to reproduce:
 1. Install and configure CA and OCSP
 2. stop directory, CA, and OCSP
 3. start directory
 4. start OCSP
 5. check CA status


service dirsrv status
dirsrv a-f8 is stopped

service dirsrv restart
Shutting down dirsrv: 
    a-f8... server already stopped                         [FAILED]
  *** Error: 1 instance(s) unsuccessfully stopped          [FAILED]
Starting dirsrv: 
    a-f8...                                                [  OK  ]


service pki-ocspd status pki-ocsp
pki-ocsp is stopped                                        [  OK  ]

service pki-cad status pki-ca
pki-ca is stopped                                          [  OK  ]


service pki-ocspd restart pki-ocsp
Stopping pki-ocsp:                                         [  OK  ]
Starting pki-ocsp:                                         [  OK  ]

service pki-ocspd status pki-ocsp
pki-ocsp (pid 3249) is running...                          [  OK  ]
    Unsecure Port       = http://a-f8.sjc.redhat.com:11180/ocsp/ee/ocsp
    Secure Agent Port   = https://a-f8.sjc.redhat.com:11443/ocsp/agent/ocsp
    Secure EE Port      = https://a-f8.sjc.redhat.com:11444/ocsp/ee/ocsp
    Secure Admin Port   = https://a-f8.sjc.redhat.com:11445/ocsp/services
    PKI Console Port    = pkiconsole https://a-f8.sjc.redhat.com:11445/ocsp
    Tomcat Port         = 11701 (for shutdown)

    PKI Instance Name:   pki-ocsp

    PKI Subsystem Type:  OCSP

    Registered PKI Security Domain Information:
    ==========================================================================
    Name:  SjcRedhat Domain
    URL:   https://a-f8.sjc.redhat.com:9445
    ==========================================================================
 
service pki-cad status pki-ca
pki-ca (pid 3249) is running...                            [  OK  ]
    Unsecure Port       = http://a-f8.sjc.redhat.com:9180/ca/ee/ca
    Secure Agent Port   = https://a-f8.sjc.redhat.com:9443/ca/agent/ca
    Secure EE Port      = https://a-f8.sjc.redhat.com:9444/ca/ee/ca
    Secure Admin Port   = https://a-f8.sjc.redhat.com:9445/ca/services
    EE Client Auth Port = https://a-f8.sjc.redhat.com:9446/ca/eeca/ca
    PKI Console Port    = pkiconsole https://a-f8.sjc.redhat.com:9445/ca
    Tomcat Port         = 9701 (for shutdown)

    PKI Instance Name:   pki-ca

    PKI Subsystem Type:  Root CA (Security Domain)

    Registered PKI Security Domain Information:
    ==========================================================================
    Name:  SjcRedhat Domain
    URL:   https://a-f8.sjc.redhat.com:9445
    ==========================================================================


NOTE: Reported PIDs for CA and OCSP are the same (3249).
      Starting CA clears this issue.



service pki-cad restart pki-ca
Stopping pki-ca:                                           [  OK  ]
Starting pki-ca:                                           [  OK  ]

service pki-ocspd status pki-ocsp
pki-ocsp (pid 3249) is running...                          [  OK  ]
    Unsecure Port       = http://a-f8.sjc.redhat.com:11180/ocsp/ee/ocsp
    Secure Agent Port   = https://a-f8.sjc.redhat.com:11443/ocsp/agent/ocsp
    Secure EE Port      = https://a-f8.sjc.redhat.com:11444/ocsp/ee/ocsp
    Secure Admin Port   = https://a-f8.sjc.redhat.com:11445/ocsp/services
    PKI Console Port    = pkiconsole https://a-f8.sjc.redhat.com:11445/ocsp
    Tomcat Port         = 11701 (for shutdown)

    PKI Instance Name:   pki-ocsp

    PKI Subsystem Type:  OCSP

    Registered PKI Security Domain Information:
    ==========================================================================
    Name:  SjcRedhat Domain
    URL:   https://a-f8.sjc.redhat.com:9445
    ==========================================================================

service pki-cad status pki-ca
pki-ca (pid 3695) is running...                            [  OK  ]
    Unsecure Port       = http://a-f8.sjc.redhat.com:9180/ca/ee/ca
    Secure Agent Port   = https://a-f8.sjc.redhat.com:9443/ca/agent/ca
    Secure EE Port      = https://a-f8.sjc.redhat.com:9444/ca/ee/ca
    Secure Admin Port   = https://a-f8.sjc.redhat.com:9445/ca/services
    EE Client Auth Port = https://a-f8.sjc.redhat.com:9446/ca/eeca/ca
    PKI Console Port    = pkiconsole https://a-f8.sjc.redhat.com:9445/ca
    Tomcat Port         = 9701 (for shutdown)

    PKI Instance Name:   pki-ca

    PKI Subsystem Type:  Root CA (Security Domain)

    Registered PKI Security Domain Information:
    ==========================================================================
    Name:  SjcRedhat Domain
    URL:   https://a-f8.sjc.redhat.com:9445
    ==========================================================================
Comment 1 John Dennis 2011-04-28 17:55:18 UTC 
opened bug 700581 against tomcat6 and provided fix, set this bug to depend on 700581.