Hi Alee
I used firefox's keymanager plugin to do some simple test. Just connect to RA server
and click next and next ,then encontered this error.
But I did't go through any source about pkiclient.cgi ,so I 'm not sure where
introduce the file pkiclient.xml.
another question,
If the client request can choose some file which used by server cgi internally, is there
any security risk?
Best Regards
sbaa
------------------ 原始邮件 ------------------
发件人: "alee"<alee(a)redhat.com>;
发送时间: 2013年4月30日(星期二) 中午1:06
收件人: "骷髅猫"<sbaa(a)vip.qq.com>;
抄送: "Pki-users"<Pki-users(a)redhat.com>;
主题: Re: 回复: 回复: [Pki-users] "SecurityDomain HTTPSAdmin URL not found "
I don't see anything in the code about pkiclient.xml.
Can you detail exactly what you did to test SCEP?
Thanks,
Ade
On Sun, 2013-04-28 at 15:13 +0800, 骷髅猫 wrote:
Hi Alee
Thank you, I finished the configuration for RA server by disable
SElinux
But when I test the SCEP feature, I got such error:
In error log:
[Sun Apr 28 03:05:56.891164 2013] [:error] [pid 1822:tid
140696560207616] [Sun Apr 28 03:05:56 2013] -e: Could not find
pkiclient.xml in /var/lib/pki-ra/docroot/ee/scep/
at /var/lib/pki-ra/docroot/ee/scep/pkiclient.cgi line 81.\n
on firefox:
Software error:
Could not find pkiclient.xml in /var/lib/pki-ra/docroot/ee/scep/ at
/var/lib/pki-ra/docroot/ee/scep/pkiclient.cgi line 81.
For help, please send mail to the webmaster (you(a)example.com), giving
this error message and the time and date of the error.
Thanks
sbaa
------------------ 原始邮件 ------------------
发件人: "alee"<alee(a)redhat.com>;
发送时间: 2013年4月28日(星期天) 下午2:00
收件人: "骷髅猫"<sbaa(a)vip.qq.com>;
抄送: "Pki-users"<Pki-users(a)redhat.com>;
主题: Re: 回复: [Pki-users] "SecurityDomain HTTPS Admin URL not found
"
I ran into the same problem:
The one you want is
https://localhost.domain:8443
I resolved this by setting selinux in permissive mode. I will file a
bug against selinux policy on Monday.
Ade
On Sun, 2013-04-28 at 02:27 +0800, 骷髅猫 wrote:
> Hi alee
>
>
> I tried following urls
>
>
>
https://localhost.localdomain:8443
>
https://localhost.localdomain:8443/ca
>
http://localhost.localdomain:8080
>
http://localhost.localdomain:8080/ca
>
>
> but all failed.
>
>
> and i found some info in error log (/var/log/pki-ra/error_log )
> GET /ca/admin/ca/getStatus HTTP/1.0
>
>
> port: 8443
> addr='localhost.localdomain'
> family='2'
> IP='127.0.0.1'
> exit after PR_Connect with error -5985:
> GET /ca/admin/ca/getStatus HTTP/1.0
>
>
> port: 9445
> addr='localhost.localdomain'
> family='2'
> IP='127.0.0.1'
> exit after PR_Connect with error -5961:
>
>
> ------------------ 原始邮件 ------------------
> 发件人: "Ade Lee"<alee(a)redhat.com>;
> 发送时间: 2013年4月28日(星期天) 凌晨1:04
> 收件人: "骷髅猫"<sbaa(a)vip.qq.com>;
> 抄送: "Pki-users"<Pki-users(a)redhat.com>;
> 主题: Re: [Pki-users] "Security Domain HTTPS Admin URL not found "
>
>
> What value are you putting in for your security domain?
>
> Ade
> On Sat, 2013-04-27 at 23:39 +0800, 骷髅猫 wrote:
> > Hi All
> > I'am a new user of dogtag.
> > I try the latest build 10.0.2.
> > I install ca server success,but when I configure a ra subsystem,
> >
> >
> > url :
> >
https://localhost.localdomain:12890/ra/admin/console/config/wizard
> >
> >
> > it alwarys show error "Security Domain HTTPS Admin URL not found"
> and
> > " Create a New Security Domai" cannot be choose.
> > any ideas?
> >
> >
> > thanks
> >
> >
> > _______________________________________________
> > Pki-users mailing list
> > Pki-users(a)redhat.com
> >
https://www.redhat.com/mailman/listinfo/pki-users
>
>
> .
>
.