Nacho wrote: I think this last line give us a hint. It seems that internaldb.ldapconn.port is not set - it controls the port for internal LDAP connection. What port is your LDAP that holds CMS's internal database listening on? I have my LDAP server listening on localhost on port 389, so in /etc/pki-ca/CS.cfg I have: authz.instance.DirAclAuthz.ldap.ldapconn.port=389 .... internaldb.ldapconn.port=389 Make sure all the .*ldapconn.* settings are correctly set and then restart pki-ca. In case of further problems, analyze /var/log/pki-ca/debug first, because catalina.out only contains servlet container's errors and servlet container is quite unlikely to malfunction (its role is quite simple here). -- Best Regards, Aleksander Adamowski GG#: 274614 ICQ UIN: 19780575 http://olo.org.pl