"PKI Subsystem Configuration" help (RD@WoSign)
by wosign .cn
Hi, all,
I am trying to install Dogtag Certificate System, but at the
"PKI Subsystem Configuration", we have the problem at step: "Creat e a New
Securit y Domain", whatever we enter, it display error "$errorString", and
if we choose the "*Join an Existing Security Domain *", it display error
"org.xml.sax.SAXParseException: The string "--" is not permitted within
comments.
Maybe some components or configure is error, but I setup and configure pki
subsystem(include Requirements and runtime tool) by the site:
http://pki.fedoraproject.org/wiki/PKI_Install_Guide ,
the infomation of my configure and environment:
hostname: wotestca.com
step 1:
============================================================
Starting pki-ca: [OK]
pki-ca (pid 2817) is running ...
'pki-ca' must still be CONFIGURED!
(see /var/log/pki-ca-install.log)
Before proceeding with the configuration, make sure
the firewall settings of this machine permit proper
access to this subsystem.
Please start the configuration by accessing:
https://wotestca.com
:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYkSpJg6Qz<https://wosignfedora:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYk...>
After configuration, the server can be operated by the command:
/sbin/service pki-cad restart pki-ca
------------------------------------------------------------------------------------------------------------------------
step 2:
open : "https://wotestca.com
:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYkSpJg6Qz<https://wofedora:9445/ca/admin/console/config/login?pin=HPQkcbu71yCYkSpJg6Qz>
"
to CA Setup Wizard
step 3:
choose* "Create a New Security Domain", * enter " testwosecdomain" and
click "NEXT>" button,
return errror"Invalid characters found in Security Domain Name
testwosecdomain. Valid characters are A-Z, a-z, 0-9, dash and space"
choose "*Join an Existing Security Domain *" ,
if enter "https://wotestca.com:9445 <https://wofedora:9445/>"
return error "org.xml.sax.SAXParseException: The string "--" is not
permitted within comments"
if enter" https://wotestca.com:9443" or " https://wotestca.com:9446"
return error "Illegal SSL Admin HTTPS url value for the security domain "
check the directory server:
#service dirsrv status
#dirsrv testca (pid 3342) is running......
So, we can't go on, please tell me what's the problem, and how to do?
thanks a lot.
--
Best Regards,
jeff
14 years, 2 months
- 2
- 1
Fwd: Dogtag - subjectAltName not correctly substituted: $request.requestor_email$
by Frederic d'Huart
Dears,
Already submitted few days ago to the pki-user list.
Could you help me dealing with this issue ?
Thank you.
-------- Original Message --------
Subject: Dogtag - subjectAltName not correctly substituted:
$request.requestor_email$
Date: Mon, 20 Sep 2010 23:28:54 +0200
From: Frederic d'Huart <fdh(a)x-zone.org>
To: pki-users(a)redhat.com
FC12 latest update.
pki-ca v1.3.6-1.fc12 and pki-ra v 1.3.1-1.fc12
yum repo fetch from: http://pki.fedoraproject.org/pki/download/pki/pki.repo
When trying to generate a user certificate using the RA end user
interface, I have notice the subjectAltName was not substituted correctly.
My user certs always display:
X509v3 Subject Alternative Name:
email:$request.requestor_email$
The only reference found was related to RH Cert Manager on the following
link:
http://www.redhat.com/docs/manuals/cert-system/8.0/rel-notes/html/Release...
defined as Bug N° 238039 but no workaround proposed.
Does somebody knows how to fix this issue ?
Thank you.
15 years, 1 month
- 1
- 0
NOTICE: Access to legacy Dogtag Subversion Repositories on 'pki.fedoraproject.org' has been disabled
by Matthew Harmsen
Everyone,
This is to notify everyone that access to the Dogtag "pki" and
"tomcatjss" subversion source repositories that were originally hosted
on 'pki.fedoraproject.org' has now been disabled.
Per previous email notification, the current Dogtag "pki" and
"tomcatjss" repositories now exist on 'fedorahosted.org'.
The URLs referenced below provide check-out details for these new
repositories:
* http://pki.fedoraproject.org/wiki/PKI_Subversion_Instructions (pki)
* http://pki.fedoraproject.org/wiki/PKI_Pre-Built_Support_Components
(tomcatjss)
As previously reported, the Dogtag Wiki as well as the PKI and TOMCATJSS
source tarballs will remain located at 'pki.fedoraproject.org'.
Thanks,
-- Matt
15 years, 2 months
- 1
- 0
- ← Newer
- 1
- Older →