george he wrote:
both of the commands "service dirsrv restart" and "service pki-cad
restart" reported:
stopping ... OK
starting ... OK
but host-del still has the same error.
More suggestions?


Check the logs again. The service starting does not mean it kept running.

rob

Thanks,
George

    ------------------------------------------------------------------------
    *From:* Rob Crittenden <rcrit...@redhat.com>
    *To:* george he <george_...@yahoo.com>
    *Cc:* John Dennis <jden...@redhat.com>; "freeipa-users@redhat.com"
    <freeipa-users@redhat.com>
    *Sent:* Tuesday, September 4, 2012 4:20 PM
    *Subject:* Re: [Freeipa-users] ipa host-del

    george he wrote:
     > I'm running centos 6.3
     > # uname -r
     > 2.6.32-279.5.2.el6.x86_64
     >
     > pki-ca: unrecognized service
     >
     > There are tons of errors in /var/log/pki-ca/*, some of them are:
     > /var/log/pki-ca/system:11605.main - [30/Aug/2012:16:34:56 EDT]
    [3] [3]
     > Cannot build CA chain. Error java.security.cert.CertificateException:
     > Certificate is not a PKCS #11 certificate
     > /var/log/pki-ca/system:11605.main - [30/Aug/2012:16:34:56 EDT]
    [13] [3]
     > authz instance DirAclAuthz initialization failed and skipped,
     > error=Property internaldb.ldapconn.port missing value
     > /var/log/pki-ca/system:11605.http-9445-1 - [30/Aug/2012:16:35:01 EDT]
     > [3] [3] Cannot build CA chain. Error
     > java.security.cert.CertificateException: Certificate is not a
    PKCS #11
     > certificate
     > /var/log/pki-ca/system:11605.http-9445-1 - [30/Aug/2012:16:35:10 EDT]
     > [3] [3] CASigningUnit: Object certificate not found. Error
     > org.mozilla.jss.crypto.ObjectNotFoundException
     > /var/log/pki-ca/system:3281.main - [31/Aug/2012:17:54:28 EDT] [8]
    [3] In
     > Ldap (bound) connection pool to host cushing.psych.yale.edu port
    7389,
     > Cannot connect to LDAP server. Error: netscape.ldap.LDAPException:
     > failed to connect to server ldap://cushing.psych.yale.edu:7389 (91)
     >
     > /var/log/pki-ca/catalina.2012-09-03.log:SEVERE: Error initializing
     > socket factory
     >
    /var/log/pki-ca/catalina.2012-09-03.log:java.lang.ClassNotFoundException:
    Error
     > loading SSL Implementation
     > org.apache.tomcat.util.net.jss.JSSImplementation
     > :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
     > /var/log/pki-ca/catalina.2012-09-03.log:LifecycleException:  Protocol
     > handler initialization failed: java.lang.ClassNotFoundException:
    Error
     > loading SSL Implementation
     > org.apache.tomcat.util.net.jss.JSSImplementation
     > :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
     > /var/log/pki-ca/catalina.2012-09-03.log:SEVERE: Error deploying web
     > application directory ca

    The problem looks to be that the dogtag 389-ds instance is not started.
    I'd try: service dirsrv restart PKI-IPA

    Then service pki-cad restart

    rob





_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to