Hello,
I’ve got a Problem at the Cloning of
a CA.
At the Web GUI when I import the CA
Certificate file (savepkcs12) the WebGui showed me an error like “PKI not
active”
In the debug-file there are the following
entries:
[20/Oct/2008:18:32:11][http-9443-Processor21]:
WizardServlet: process
[20/Oct/2008:18:32:11][http-9443-Processor21]:
WizardServlet:serice() uri = /ca/admin/console/config/wizard
[20/Oct/2008:18:32:11][http-9443-Processor21]:
CMSServlet::service() param name='password' value='xxxxxxxx'
[20/Oct/2008:18:32:11][http-9443-Processor21]:
CMSServlet::service() param name='path' value='/tmp/savepkcs12'
[20/Oct/2008:18:32:11][http-9443-Processor21]:
CMSServlet::service() param name='p' value='5'
[20/Oct/2008:18:32:11][http-9443-Processor21]:
CMSServlet::service() param name='op' value='next'
[20/Oct/2008:18:32:11][http-9443-Processor21]:
WizardServlet: op=next
[20/Oct/2008:18:32:11][http-9443-Processor21]:
WizardServlet: size=19
[20/Oct/2008:18:32:11][http-9443-Processor21]:
WizardServlet: in next 5
[20/Oct/2008:18:32:11][http-9443-Processor21]:
RestoreKeyCertPanel: this is the clone subsystem
[20/Oct/2008:18:32:11][http-9443-Processor21]:
RestoreKeyCertPanel update: clone does not have all the certificates.
[20/Oct/2008:18:32:11][http-9443-Processor21]:
panel no=5
[20/Oct/2008:18:32:11][http-9443-Processor21]:
panel name=restorekeys
[20/Oct/2008:18:32:11][http-9443-Processor21]:
total number of panels=19
I have bypass it by importing the
Certificates with the pk12util at the same time. What can be the Problem because
of not reading the file. The contains all necessary certificate (CA, Subsystem
and OCSP). This was the export file of the generation of the first instance.
The next
Problem which I can’t avoid, is that the Clone can’t finish the LDAP
configuration. The Debug-File shows the following:
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel createChangeLog: Changelog entry has already used
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel enableReplication: replicadn:
cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping tree,cn=config
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel enableReplication: Successfully create
cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping
tree,cn=config entry.
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel enableReplication: replicadn:
cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping
tree,cn=config
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel enableReplication: Successfully create
cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping tree,cn=config
entry.
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel setupReplication: Finished enabling replication
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel createReplicationAgreement: dn: cn=masterAgreement1-linux2.tampam.de-ca-clone2,cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping
tree,cn=config
[20/Oct/2008:19:23:51][http-9443-Processor19]:
About to set description attr to masterAgreement1-linux2.tampam.de-ca-clone2
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel createReplicationAgreement: Successfully create replication
agreement masterAgreement1-linux2.tampam.de-ca-clone2
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel createReplicationAgreement: dn:
cn=cloneAgreement1-linux2.tampam.de-ca-clone2,cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping
tree,cn=config
[20/Oct/2008:19:23:51][http-9443-Processor19]:
About to set description attr to cloneAgreement1-linux2.tampam.de-ca-clone2
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel createReplicationAgreement: Successfully create replication
agreement cloneAgreement1-linux2.tampam.de-ca-clone2
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel initializeConsumer: initializeConsumer dn:
cn=masterAgreement1-linux2.tampam.de-ca-clone2,cn=replica,cn="dc=linux1.tampam.de-ca-master",cn=mapping
tree,cn=config
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel initializeConsumer: initializeConsumer host: linux1.tampam.de
port: 389
[20/Oct/2008:19:23:51][http-9443-Processor19]:
DatabasePanel initializeConsumer: start modifying
[20/Oct/2008:19:23:52][http-9443-Processor19]:
DatabasePanel initializeConsumer: Finish modification.
[20/Oct/2008:19:23:52][http-9443-Processor19]:
DatabasePanel initializeConsumer: thread sleeping for 5 seconds.
[20/Oct/2008:19:23:57][http-9443-Processor19]:
DatabasePanel initializeConsumer: finish sleeping.
[20/Oct/2008:19:23:57][http-9443-Processor19]:
DatabasePanel initializeConsumer: Successfully initialize consumer
[20/Oct/2008:19:23:57][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries checking
ou=people,dc=linux1.tampam.de-ca-master
[20/Oct/2008:19:23:57][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries ou=people,dc=linux1.tampam.de-ca-master
not found, let's wait!
[20/Oct/2008:19:24:02][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries checking
ou=people,dc=linux1.tampam.de-ca-master
[20/Oct/2008:19:24:02][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries ou=people,dc=linux1.tampam.de-ca-master
not found, let's wait!
[20/Oct/2008:19:24:07][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries checking
ou=people,dc=linux1.tampam.de-ca-master
[20/Oct/2008:19:24:07][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries ou=people,dc=linux1.tampam.de-ca-master
not found, let's wait!
[20/Oct/2008:19:24:13][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries checking
ou=people,dc=linux1.tampam.de-ca-master
[20/Oct/2008:19:24:13][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries ou=people,dc=linux1.tampam.de-ca-master
not found, let's wait!
[20/Oct/2008:19:24:18][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries checking
ou=people,dc=linux1.tampam.de-ca-master
[20/Oct/2008:19:24:18][http-9443-Processor19]:
DatabasePanel comparetAndWaitEntries ou=people,dc=linux1.tampam.de-ca-master
not found, let's wait!
etc… at the last entries it repeats
ever 5 seconds and the WebGUI “Internal Database” stops there
waiting….
Perhaps some can help me
Regard Klaus Heyden