Description of problem: This problem occurs due to port separation changes. The message received back from the CA is as follows: HTTP/1.1 404 Not Found^M Server: Apache-Coyote/1.1^M Content-Type: text/html;charset=utf-8^M Content-Length: 1156^M Date: Tue, 09 Jun 2009 12:57:40 GMT^M Connection: close^M ^M <html><head><title>Apache Tomcat/5.5.23 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - Use HTTPS port '9443' instead of '9444' when performing Agent tasks!</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Use HTTPS port '9443' instead of '9444' when performing Agent tasks!</u></p><p><b>description</b> <u>The requested resource (Use HTTPS port '9443' instead of '9444' when performing Agent tasks!) is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.23</h3></body></html> Subject: CN=oliver.dsdev.sjc.redhat.com,O=oliver pki-ca domain 05282 Issuer : CN=Certificate Authority,O=oliver pki-ca domain 05282 bulk cipher RC4, 128 secret key bits, 128 key bits, status: 1 Note the message: The requested resource (Use HTTPS port '9443' instead of '9444' when performing Agent tasks!) is not available Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 347255 [details] patch to fix mharmsen, please review
attachment (id=347255) +mharmsen CAVEAT: For the line: $domain_xml = get_domain_xml($host, $https_ee_port); Please check for an empty value before proceeding, something like the following: if( $domain_xml eq "" ) $::symbol{errorString} = "missing security domain. CA must be installed prior to RA installation"; return 0; } COMMENT: For the most part, we have always tried to keep RA and TPS pages in sync, it might be best if the corresponding TPS pages were changed to this logic as well, presuming, of course, that it won't break anything in the TPS.
done on both. Tested TPS installation is ok. [builder@dhcp231-124 pki]$ svn ci -m "Bugzilla Bug #504898 - RA: agent unable to revoke a cert" Sending base/ra/lib/perl/PKI/Conn/CA.pm Sending base/ra/lib/perl/PKI/RA/CAInfoPanel.pm Sending base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm Sending dogtag/ra/pki-ra.spec Sending dogtag/tps/pki-tps.spec Transmitting file data ..... Committed revision 578.
Verified. RA was able to revoke user certificates.