I have an install that fails at the following stage:importing CA chain to RA certificate database[error] RuntimeError: Unable to retrieve CA chain: request failed with HTTP status 500the logs are not showing anything obvious22/Aug/2017:17:02:52][http-bio-8443-exec-3]: importLDIFS(): LDAP Errors in importing /var/lib/pki/pki-tomcat/ca/ conf/manager.ldif [22/Aug/2017:17:02:52][http-bio-8443-exec-3]: LDAPUtil:importLDIF: exception in adding entry ou=csusers,cn=config:netscape. ldap.LDAPException: error result (68) [22/Aug/2017:17:02:52][http-bio-8443-exec-3]: LDAPUtil:importLDIF: exception in modifying entry o=ipaca:netscape.ldap. LDAPException: error result (20) [22/Aug/2017:17:02:52][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:02:52][http-bio-8443-exec-3]: makeConnection: errorIfDown false [22/Aug/2017:17:02:57][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is true [22/Aug/2017:17:02:57][http-bio-8443-exec-3]: makeConnection: errorIfDown true [22/Aug/2017:17:02:57][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:02:57][http-bio-8443-exec-3]: makeConnection: errorIfDown false [22/Aug/2017:17:02:57][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:02:57][http-bio-8443-exec-3]: makeConnection: errorIfDown false [22/Aug/2017:17:02:58][http-bio-8443-exec-3]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:02:58][http-bio-8443-exec-3]: makeConnection: errorIfDown false [22/Aug/2017:17:03:07][localhost-startStop-1]: init: before makeConnection errorIfDown is true [22/Aug/2017:17:03:07][localhost-startStop-1]: makeConnection: errorIfDown true [22/Aug/2017:17:03:07][localhost-startStop-1]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:03:07][localhost-startStop-1]: makeConnection: errorIfDown false [22/Aug/2017:17:03:08][localhost-startStop-1]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:03:08][localhost-startStop-1]: makeConnection: errorIfDown false [22/Aug/2017:17:03:08][localhost-startStop-1]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:03:08][localhost-startStop-1]: makeConnection: errorIfDown false [22/Aug/2017:17:03:08][profileChangeMonitor]: Start Profile Creation - caDirUserRenewal caEnrollImpl com.netscape.cms.profile. common.CAEnrollProfile [22/Aug/2017:17:03:08][profileChangeMonitor]: Done Profile Creation - caDirUserRenewal [22/Aug/2017:17:03:08][profileChangeMonitor]: Start Profile Creation - IECUserRoles caEnrollImpl com.netscape.cms.profile. common.CAEnrollProfile [22/Aug/2017:17:03:08][profileChangeMonitor]: Done Profile Creation - IECUserRoles [22/Aug/2017:17:03:08][localhost-startStop-1]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:03:08][localhost-startStop-1]: makeConnection: errorIfDown false [22/Aug/2017:17:03:09][localhost-startStop-1]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:03:09][localhost-startStop-1]: makeConnection: errorIfDown false [22/Aug/2017:17:03:09][localhost-startStop-1]: init: before makeConnection errorIfDown is false [22/Aug/2017:17:03:09][localhost-startStop-1]: makeConnection: errorIfDown false [22/Aug/2017:17:03:09][localhost-startStop-1]: DBSubsystem: getNextRange. Unable to provide next range :netscape.ldap.LDAPException: error result (68) [22/Aug/2017:17:13:08][SerialNumberUpdateTask]: DBSubsystem: getNextRange. Unable to provide next range :netscape.ldap.LDAPException: error result (68) and[23/Aug/2017:15:24:09][CertStatusUpdateTask]: returnConn: mNumConns now 5 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: DBVirtualList: searching for entry 20170823152409Z [23/Aug/2017:15:24:09][CertStatusUpdateTask]: DBVirtualList.getEntries() [23/Aug/2017:15:24:09][CertStatusUpdateTask]: DBVirtualList: entries: 1 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: DBVirtualList: top: 0 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: DBVirtualList: size: 640 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: transitRevokedExpiredCertifica tes: list size: 640 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: transitRevokedExpiredCertifica tes: ltSize 1 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: transitRevokedExpired: curRec: 0 CertRecord: 76 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: Record does not qualify,notAfter Mon Aug 28 16:47:53 UTC 2017 date Wed Aug 23 15:24:09 UTC 2017 [23/Aug/2017:15:24:09][CertStatusUpdateTask]: transitCertList REVOKED_EXPIRED [23/Aug/2017:15:24:09][CertStatusUpdateTask]: updateCertStatus done I have full logs if necessary. but I'm unable to determine the cause for the failure. Asking on freeipa forums this is a problem on the CA server but thats as far as I got with this.
_______________________________________________
Pki-users mailing list
Pki-users@redhat.com
https://www.redhat.com/mailman/listinfo/pki-users