Testing Dogtag with softHSM
by amaury.siharath@gmail.com
Hello,
I'm testing Dogtag PKI integration with softHSM. Versions used for integration are the following :
dogtag-pki-10.10.6-1.fc34.x86_64
softhsm-2.6.1-5.fc34.1.x86_64
On Fedora 34.
I used the very standard config file and pkispawn fails as shown below (hsm is emptied before every run) :
==============================================
DEBUG: Command: certutil -A -d /etc/pki/pki-tomcat/alias -h test -P test -f /tmp/tmpirkyntkt/password.txt -n sslserver -a -i /tmp/tmp9_q5qm_b/sslserver.crt -t
certutil: could not decode certificate: SEC_ERROR_REUSED_ISSUER_AND_SERIAL: You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert.
WARNING: certutil returned non-zero exit code (bug #1393668)
INFO: Starting server
DEBUG: Command: systemctl start pki-tomcatd(a)pki-tomcat.service
Job for pki-tomcatd(a)pki-tomcat.service failed because the control process exited with error code.
See "systemctl status pki-tomcatd(a)pki-tomcat.service" and "journalctl -xeu pki-tomcatd(a)pki-tomcat.service" for details.
ERROR: CalledProcessError: Command '['systemctl', 'start', 'pki-tomcatd(a)pki-tomcat.service']' returned non-zero exit status 1.
File "/usr/lib/python3.9/site-packages/pki/server/pkispawn.py", line 577, in main
scriptlet.spawn(deployer)
File "/usr/lib/python3.9/site-packages/pki/server/deployment/scriptlets/configuration.py", line 1178, in spawn
instance.start()
File "/usr/lib/python3.9/site-packages/pki/server/__init__.py", line 263, in start
subprocess.check_call(cmd)
File "/usr/lib64/python3.9/subprocess.py", line 373, in check_call
raise CalledProcessError(retcode, cmd)
===============================================
Does this sounds familiar to anyone ?
Thanks in advance.
A.