Bug 249412 - CA reports error to Auto Enrollment Proxy on certificate request attempt
Summary: CA reports error to Auto Enrollment Proxy on certificate request attempt
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Certificate System
Classification: Red Hat
Component: CA   
(Show other bugs)
Version: 7.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Christina Fu
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks: 445047
TreeView+ depends on / blocked
 
Reported: 2007-07-24 15:44 UTC by Issue Tracker
Modified: 2018-10-19 19:56 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-12-11 20:18:04 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Issue Tracker 2007-07-24 15:44:12 UTC
Escalated to Bugzilla from IssueTracker

Comment 1 Issue Tracker 2007-07-24 15:44:23 UTC
Description of problem:
The auto enrollment proxy (v1.0.0) is set up and it appears that we are connecting to August Schell's Red Hat 7.1 CA. A manual request is submitted to the CA (right-click in Personal(Local Computer) Store and select Request New Certificate) When 'Finish' is clicked, a message is presented that says: "The certificate request cannot be created. The requested property value is empty."  The error log on the Microsoft console (included as log0601407.txt) indicates that a HTTP message was received back that says "The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it." 

The Red Hat CA error log file contains the following information:

[14/Jun/2007:12:43:55] security ( 5979): get_auth_user_ssl: unable to map cert to LDAP entry. Reason: No such object, Issuer: "CN=ASE-test DOD CA-17,OU=PKI,OU=DoD,O=U.S. Government,C=US", User: "CN=ASE-test DOD CA-17 Agent,UID=rh-admin,OU="PKI, OU=DoD",O=U.S. Government,C=US"
[14/Jun/2007:12:43:55] warning ( 5979): for host 10.10.10.200 trying to POST /ca/profileSubmitSSLClient, send-file reports: can't find /opt/redhat-cs/cert-id/web-apps/agent/ca/profileSubmitSSLClient (File not found)


How reproducible:
Submit a manual request to the CA from the proxy.

Steps to Reproduce:

Actual results:
says "The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it." 

Expected results:
A domain controller certificate.

Additional info:
This event sent from IssueTracker by ble  [SEG - Certificate System Engineering]
 issue 124069

Comment 2 Issue Tracker 2007-07-24 15:44:28 UTC
This is a feature request, so I would like to keep it open to document the
customers requirement to have 7.1 support.  I only have privelges to set
it to w/o seg.  I can't set it to w/o product management nor can I set it
to w/o engineering.  Could you please set it to either  one of those.

Internal Status set to 'Waiting on SEG'

This event sent from IssueTracker by ble  [SEG - Certificate System
Engineering]
 issue 124069

Comment 3 Red Hat Bugzilla 2007-10-27 15:33:21 UTC
User nkwan@redhat.com's account has been closed


Note You need to log in before you can comment on or make changes to this bug.