Bug 501699 - Renewal request in RA throws error - certificate not found in database"
Renewal request in RA throws error - certificate not found in database"
Status: CLOSED ERRATA
Product: Dogtag Certificate System
Classification: Community
Component: RA (Show other bugs)
unspecified
All Linux
high Severity medium
: ---
: ---
Assigned To: Ade Lee
Chandrasekar Kannan
:
Depends On:
Blocks: 443788
  Show dependency treegraph
 
Reported: 2009-05-20 07:58 EDT by Kashyap Chamarthy
Modified: 2015-01-04 18:38 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-22 19:35:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to fix (4.34 KB, patch)
2009-06-08 02:13 EDT, Ade Lee
no flags Details | Diff

  None (edit)
Description Kashyap Chamarthy 2009-05-20 07:58:30 EDT
Description of problem:

Renewal request in RA throws error 

Request process error
Error: certificate not found in database"



Steps to Reproduce:

1. Submit a user certificate request in the RA Services: User Enrollment
2. Go to the Agent pages, and approve the certificate request
3. Go to "SSL End user services" pages and import the certificate into the browser
4. Now, try to submit a renewal request in the End User pages. User Enrollment -> Renewal - User and click on the "Renewal" button
  
Actual results:

The below error is thrown:

Request process error
Error: certificate not found in database"

Expected results:
A window should be prompted to choose the certificate from the browser list to be renewed

=====================================================

Log info: pki-ra error_log

[root@rhel5t pki-ra]# tail -f error_log 
[Wed May 20 17:20:01 2009] [info] Subsequent (No.2) HTTPS request received for child 10 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:01 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:01 2009] [info] Subsequent (No.2) HTTPS request received for child 9 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:01 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:01 2009] [info] Subsequent (No.2) HTTPS request received for child 7 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:01 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:01 2009] [info] Subsequent (No.3) HTTPS request received for child 62 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:01 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:01 2009] [info] Subsequent (No.2) HTTPS request received for child 60 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:01 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:16 2009] [info] Connection to child 1 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:16 2009] [info] Connection to child 10 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:16 2009] [info] Connection to child 9 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:16 2009] [info] Connection to child 7 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:16 2009] [info] Connection to child 62 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:16 2009] [info] Connection to child 60 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Connection to child 4 established (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Initial (No.1) HTTPS request received for child 4 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [info] Connection to child 8 established (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Initial (No.1) HTTPS request received for child 8 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:22 2009] [info] Connection to child 14 established (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Initial (No.1) HTTPS request received for child 14 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:22 2009] [info] Connection to child 15 established (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Initial (No.1) HTTPS request received for child 15 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:22 2009] [info] Connection to child 6 established (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Initial (No.1) HTTPS request received for child 6 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:22 2009] [info] Subsequent (No.2) HTTPS request received for child 4 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:22 2009] [info] Connection to child 0 established (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:22 2009] [info] Initial (No.1) HTTPS request received for child 0 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:22 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:24 2009] [info] Subsequent (No.2) HTTPS request received for child 8 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [info] Subsequent (No.2) HTTPS request received for child 14 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:24 2009] [info] Subsequent (No.2) HTTPS request received for child 15 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:24 2009] [info] Subsequent (No.2) HTTPS request received for child 6 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:24 2009] [info] Subsequent (No.3) HTTPS request received for child 8 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:24 2009] [info] Subsequent (No.3) HTTPS request received for child 4 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:24 2009] [info] Subsequent (No.2) HTTPS request received for child 0 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:24 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:27 2009] [info] Subsequent (No.3) HTTPS request received for child 14 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [info] Subsequent (No.3) HTTPS request received for child 15 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [info] Subsequent (No.3) HTTPS request received for child 6 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:27 2009] [info] Subsequent (No.4) HTTPS request received for child 8 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:27 2009] [info] Subsequent (No.4) HTTPS request received for child 6 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:27 2009] [info] Subsequent (No.4) HTTPS request received for child 14 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:27 2009] [info] Subsequent (No.4) HTTPS request received for child 4 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:27 2009] [info] Subsequent (No.3) HTTPS request received for child 0 (server rhel5t.pnq.redhat.com:12890)
[Wed May 20 17:20:27 2009] [error] [client 10.65.1.29] File does not exist: /var/lib/pki-ra/docroot/img, referer: https://rhel5t.pnq.redhat.com:12890/css/pki-360.css
[Wed May 20 17:20:42 2009] [info] Connection to child 8 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:42 2009] [info] Connection to child 6 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:43 2009] [info] Connection to child 15 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:43 2009] [info] Connection to child 14 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:43 2009] [info] Connection to child 4 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
[Wed May 20 17:20:43 2009] [info] Connection to child 0 closed (server rhel5t.pnq.redhat.com:12890, client 10.65.1.29)
Comment 1 Ade Lee 2009-06-01 12:18:05 EDT
This is a port separation issue.

We call get_cert_record() in ../../base/ra/lib/perl/PKI/Service/Op.pm
which in turn uses the cert presented for authentication to populate the cert.

Problem is - this page 
(https://oliver.dsdev.sjc.redhat.com:12890/ee/user/renewal.cgi) is no longer on the client auth pages.
Comment 2 Ade Lee 2009-06-08 02:13:25 EDT
Created attachment 346819 [details]
patch to fix

mharmsen, please review
Comment 4 Matthew Harmsen 2009-06-08 12:29:39 EDT
attachment (id=346819) +mharmsen
Comment 6 Ade Lee 2009-06-08 13:05:09 EDT
[builder@oliver pki]$ svn ci -m "Bugzilla Bug #501699 - Renewal request in RA throws error - certificate not found in database" base
Sending        base/ra/forms/ee/user/renew.cgi
Sending        base/ra/forms/ee/user/renewal.cgi
Transmitting file data ..
Committed revision 566.

[builder@oliver pki]$ svn ci -m "Bugzilla Bug #501699 - Renewal request in RA throws error - certificate not found in database" redhat
Sending        redhat/ra-ui/redhat-pki-ra-ui.el4sol9.spec
Sending        redhat/ra-ui/redhat-pki-ra-ui.spec
Sending        redhat/ra-ui/shared/docroot/ee/user/renew.vm
Transmitting file data ...
Committed revision 15540.

[builder@oliver pki]$ svn ci -m "Bugzilla Bug #501699 - Renewal request in RA throws error - certificate not found in database" dogtag
Sending        dogtag/ra/pki-ra.spec
Sending        dogtag/ra-ui/dogtag-pki-ra-ui.spec
Sending        dogtag/ra-ui/shared/docroot/ee/user/renew.vm
Transmitting file data ...
Committed revision 567.
Comment 7 Kashyap Chamarthy 2009-06-10 02:21:20 EDT
Verified(June-9-build). We need to clear the browser cache before clicking "Renew"

Note You need to log in before you can comment on or make changes to this bug.