Re: [Pki-devel] "PKI Subsystem Configuration" help (RD@WoSign)

kashyap, Thank you for help.I have tried serval times by your advises on fedora12 or fedora13,but still failed. Install Dogtag Certificate System on fedora12, if I choose "Create a New Security Domain",whatever we enter, there is nothing to display, if choose "Join an Existing Security Domain ",it display error "org.xml.sax.SAXParseException: The string "--" is not permitted within comments.

There are also several doubts at the installation process: 1. On fedora 12, download the Binary Packages of Dogtag Certificate System 1.3 and later, include header(dir),repodata(dir) and *.rpm, but i don't known how to use.

2. if i install the dogtag-pki, the SubSystem(pki-ca pki-kra and so on) will be setup, Both methods are equivalent?

Look forward to your help, jeff 2010/7/13 Kashyap Chamarthy <kchamart(a)redhat.com <mailto:kchamart@redhat.com>> On 07/13/2010 08:06 AM, RD@WoSign wrote: Hi, all, I am trying to install Dogtag Certificate System, but at the "PKI Subsystem Configuration", we have the problem at step: "Creat e a New Securit y Domain", whatever we enter, it display error "$errorString", and if we choose the "*Join an Existing Security Domain *", it display error "org.xml.sax.SAXParseException: The string "--" is not permitted within comments. Maybe some components or configure is error, but I setup and configure pki subsystem(include Requirements and runtime tool) by the site:http://pki.fedoraproject.org/wiki/PKI_Install_Guide , the infomation of my configure and environment: hostname: wotestca.com <http://wotestca.com/> <http://wotestca.com <http://wotestca.com/>> step 1: ============================================================ Starting pki-ca: [OK] pki-ca (pid 2817) is running ... 'pki-ca' must still be CONFIGURED! (see /var/log/pki-ca-install.log) Before proceeding with the configuration, make sure the firewall settings of this machine permit proper access to this subsystem. Please start the configuration by accessing: https://wotestca.com:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYk... After configuration, the server can be operated by the command: /sbin/service pki-cad restart pki-ca ------------------------------------------------------------------------------------------------------------------------ step 2: open : "https://wotestca.com:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYkSpJg6Qz" to CA Setup Wizard step 3: choose "Create a New Security Domain", enter " testwosecdomain" and click "NEXT>" button, I tried same value you used above (_without_ the double quotes) on Fedora-12 for a 'New Security domain' and I was able to proceed perfectly fine. return errror"Invalid characters found in Security Domain Name testwosecdomain. Valid characters are A-Z, a-z, 0-9, dash and space" This clearly mentions what characters are 'valid'. Maybe you want to double-check that you're not inadvertently entering invalid characters(like ""). hope that helps, /kashyap choose "Join an Existing Security Domain " , if enter "https://wotestca.com:9445 <https://wotestca.com:9445/> <https://wotestca.com:9445/>" return error "org.xml.sax.SAXParseException: The string "--" is not permitted within comments" if enter" https://wotestca.com:9443 <https://wotestca.com:9443/> <https://wotestca.com:9443/>" or " https://wotestca.com:9446 <https://wotestca.com:9446/> <https://wotestca.com:9446/>" return error "Illegal SSL Admin HTTPS url value for the security domain " check the directory server: #service dirsrv status #dirsrv testca (pid 3342) is running...... So, we can't go on, please tell me what's the problem, and how to do? thanks a lot. -- Best Regards, jeff _______________________________________________ Pki-devel mailing list Pki-devel(a)redhat.com <mailto:Pki-devel@redhat.com> https://www.redhat.com/mailman/listinfo/pki-devel