Bug 249412 - CA reports error to Auto Enrollment Proxy on certificate request attempt
CA reports error to Auto Enrollment Proxy on certificate request attempt
Status: CLOSED NOTABUG
Product: Red Hat Certificate System
Classification: Red Hat
Component: CA (Show other bugs)
7.1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Christina Fu
Chandrasekar Kannan
: FutureFeature
Depends On:
Blocks: 445047
  Show dependency treegraph
 
Reported: 2007-07-24 11:44 EDT by Issue Tracker
Modified: 2015-01-04 18:27 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-12-11 15:18:04 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Issue Tracker 2007-07-24 11:44:12 EDT
Escalated to Bugzilla from IssueTracker
Comment 1 Issue Tracker 2007-07-24 11:44:23 EDT
Description of problem:
The auto enrollment proxy (v1.0.0) is set up and it appears that we are connecting to August Schell's Red Hat 7.1 CA. A manual request is submitted to the CA (right-click in Personal(Local Computer) Store and select Request New Certificate) When 'Finish' is clicked, a message is presented that says: "The certificate request cannot be created. The requested property value is empty."  The error log on the Microsoft console (included as log0601407.txt) indicates that a HTTP message was received back that says "The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it." 

The Red Hat CA error log file contains the following information:

[14/Jun/2007:12:43:55] security ( 5979): get_auth_user_ssl: unable to map cert to LDAP entry. Reason: No such object, Issuer: "CN=ASE-test DOD CA-17,OU=PKI,OU=DoD,O=U.S. Government,C=US", User: "CN=ASE-test DOD CA-17 Agent,UID=rh-admin,OU="PKI, OU=DoD",O=U.S. Government,C=US"
[14/Jun/2007:12:43:55] warning ( 5979): for host 10.10.10.200 trying to POST /ca/profileSubmitSSLClient, send-file reports: can't find /opt/redhat-cs/cert-id/web-apps/agent/ca/profileSubmitSSLClient (File not found)


How reproducible:
Submit a manual request to the CA from the proxy.

Steps to Reproduce:

Actual results:
says "The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it." 

Expected results:
A domain controller certificate.

Additional info:
This event sent from IssueTracker by ble  [SEG - Certificate System Engineering]
 issue 124069
Comment 2 Issue Tracker 2007-07-24 11:44:28 EDT
This is a feature request, so I would like to keep it open to document the
customers requirement to have 7.1 support.  I only have privelges to set
it to w/o seg.  I can't set it to w/o product management nor can I set it
to w/o engineering.  Could you please set it to either  one of those.

Internal Status set to 'Waiting on SEG'

This event sent from IssueTracker by ble  [SEG - Certificate System
Engineering]
 issue 124069
Comment 3 Red Hat Bugzilla 2007-10-27 11:33:21 EDT
User nkwan@redhat.com's account has been closed

Note You need to log in before you can comment on or make changes to this bug.