1:39 a.m.
Everyone,
Please provide Karma for the following Dogtag 10.2.4 packages for Fedora 22:
* dogtag-pki-theme-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/dogtag-pki-theme-10.2.4-1.fc22>
* pki-core-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/pki-core-10.2.4-1.fc22>
* pki-console-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/pki-console-10.2.4-1.fc22>
* dogtag-pki-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/dogtag-pki-10.2.4-1.fc22>
Thanks,
-- Matt
8:13 p.m.
A few TPS issues (is there a workaround for #2 below?):
1. maybe not enough to respin, but for TPS, a simple format will fail
due to an extra space at the end of the following in CS.cfg:
op.format.tokenKey.validateCardKeyInfoAgainstTokenDB=true
workaround is to remove the space and restart.
2. once formatted a token, getting to the admin interface resulted in
the following error on ui:
"Authentication method not allowed"
in debug log, I see
[28/May/2015:13:51:29][http-bio-8443-exec-16]:
SessionContextInterceptor: principal: tpsadmin
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
TokenResource.findTokens()
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
mapping: tokens
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
loading /usr/share/pki/tps/conf/auth-method.properties
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
checking /var/lib/pki/pki-tomcat/tps/conf/auth-method.properties
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
required auth methods: [certUserDBAuthMgr]
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
authentication manager: passwdUserDBAuthMgr
I couldn't get past that. Is there a workaround?
I also tried to set up a TPS on an independent tomcat instance. Although
the installation seems successful, a simple format always ends with the
following (with nothing after that):
TPSProcessor.getSharedSecretTransportKey: calculated key name:
sharedSecretInd
This issue is part of the ticket I am working on for 10.2.5, so it can
wait: https://fedorahosted.org/pki/ticket/867
Christina
On 05/26/2015 11:39 PM, Matthew Harmsen wrote:
Everyone,
Please provide Karma for the following Dogtag 10.2.4 packages for
Fedora 22:
* dogtag-pki-theme-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/dogtag-pki-theme-10.2.4-1.fc22>
* pki-core-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/pki-core-10.2.4-1.fc22>
* pki-console-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/pki-console-10.2.4-1.fc22>
* dogtag-pki-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/dogtag-pki-10.2.4-1.fc22>
Thanks,
-- Matt
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
11:34 a.m.
For #2, after some investigation, it turns out that my admin cert wasn't
imported into the browser properly that's what caused the authentication
mishap. I have no problem accessing the TPS admin interface now. The
simple enrollment of a token was also successful.
Consider #2 resolved.
thanks,
Christina
On 05/28/2015 06:13 PM, Christina Fu wrote:
A few TPS issues (is there a workaround for #2 below?):
1. maybe not enough to respin, but for TPS, a simple format will fail
due to an extra space at the end of the following in CS.cfg:
op.format.tokenKey.validateCardKeyInfoAgainstTokenDB=true
workaround is to remove the space and restart.
2. once formatted a token, getting to the admin interface resulted in
the following error on ui:
"Authentication method not allowed"
in debug log, I see
[28/May/2015:13:51:29][http-bio-8443-exec-16]:
SessionContextInterceptor: principal: tpsadmin
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
TokenResource.findTokens()
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
mapping: tokens
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
loading /usr/share/pki/tps/conf/auth-method.properties
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
checking /var/lib/pki/pki-tomcat/tps/conf/auth-method.properties
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
required auth methods: [certUserDBAuthMgr]
[28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
authentication manager: passwdUserDBAuthMgr
I couldn't get past that. Is there a workaround?
I also tried to set up a TPS on an independent tomcat instance.
Although the installation seems successful, a simple format always
ends with the following (with nothing after that):
TPSProcessor.getSharedSecretTransportKey: calculated key name:
sharedSecretInd
This issue is part of the ticket I am working on for 10.2.5, so it can
wait: https://fedorahosted.org/pki/ticket/867
Christina
On 05/26/2015 11:39 PM, Matthew Harmsen wrote:
> Everyone,
>
> Please provide Karma for the following Dogtag 10.2.4 packages for
> Fedora 22:
>
> * dogtag-pki-theme-10.2.4-1.fc22
> <https://admin.fedoraproject.org/updates/dogtag-pki-theme-10.2.4-1.fc22>
> * pki-core-10.2.4-1.fc22
> <https://admin.fedoraproject.org/updates/pki-core-10.2.4-1.fc22>
> * pki-console-10.2.4-1.fc22
> <https://admin.fedoraproject.org/updates/pki-console-10.2.4-1.fc22>
> * dogtag-pki-10.2.4-1.fc22
> <https://admin.fedoraproject.org/updates/dogtag-pki-10.2.4-1.fc22>
>
> Thanks,
> -- Matt
>
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
7:17 p.m.
Everyone,
Please note that testing revealed that an update was necessary for the
'pki-core' package:
On 05/27/15 00:39, Matthew Harmsen wrote:
Everyone,
Please provide Karma for the following Dogtag 10.2.4 packages for
Fedora 22:
* dogtag-pki-theme-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/dogtag-pki-theme-10.2.4-1.fc22>
* pki-core-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/pki-core-10.2.4-1.fc22>
* pki-core-10.2.4-2.fc22
<https://admin.fedoraproject.org/updates/pki-core-10.2.4-2.fc22>
* pki-console-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/pki-console-10.2.4-1.fc22>
* dogtag-pki-10.2.4-1.fc22
<https://admin.fedoraproject.org/updates/dogtag-pki-10.2.4-1.fc22>
Thanks,
-- Matt
Thanks,
-- Matt
3493
days inactive
3496
days old
3 comments
2 participants
participants (2)
-
Christina Fu -
Matthew Harmsen