Thanks a lot for your response. In the meanwhile I managed to get some code working to get this approval done but somehow when I do this for a number of times it hangs. I then checked with the PKI CLI and the approval call is indeed at times very slow (giving a hang perception but does work after some time) and that's the reason my code breaks with an exception - see below. So I have 2 queries:
- Why Approval calls so slow? Can these be made faster. I am running fedora 32 as VM with 6 GB RAM and 4 vCPUs.
- Is there a way to set the timeout period in the client to ensure the calling application doesn't close the session too soon.
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Client certificate: PKI Administrator for localhost.localdomain
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - HTTP request: POST /ca/rest/agent/certrequests/68/approve HTTP/1.1
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Accept: application/xml
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Content-Type: application/xml
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Content-Length: 21606
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Host:
192.168.56.103:8443[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Connection: Keep-Alive
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - User-Agent: Apache-HttpClient/4.5.10 (Java/1.8.0_242)
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Cookie: JSESSIONID=BF20B9C354788A712389E9FBF920651C
pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - HTTP response: HTTP/1.1 400
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Content-Type: text/html;charset=UTF-8
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Content-Length: 243
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Date: Thu, 12 Nov 2020 09:25:04 GMT
[pool-3-thread-4] INFO com.netscape.certsrv.client.PKIConnection - Connection: close
[pool-3-thread-4] ERROR com.netscape.certsrv.client.PKIConnection - WARNING: SSL alert sent: CLOSE_NOTIFYcom.netscape.certsrv.base.PKIException: Bad Request
at com.netscape.certsrv.client.PKIConnection.handleErrorResponse(PKIConnection.java:469)
at com.netscape.certsrv.client.PKIConnection.getEntity(PKIConnection.java:432)
at com.netscape.certsrv.client.PKIClient.getEntity(PKIClient.java:106)
at com.netscape.certsrv.ca.CACertClient.approveRequest(CACertClient.java:127)