george he wrote:
here are the new errors:
# rm /var/log/pki-ca/*
# service dirsrv restart
# service pki-cad restart
# grep -i error /var/log/pki-ca/*
/var/log/pki-ca/catalina.2012-09-05.log:WARNING: Error while removing
context [/ca]
/var/log/pki-ca/catalina.2012-09-05.log:SEVERE: Error initializing
socket factory
/var/log/pki-ca/catalina.2012-09-05.log:java.lang.ClassNotFoundException: Error
loading SSL Implementation
org.apache.tomcat.util.net.jss.JSSImplementation
:java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
/var/log/pki-ca/catalina.2012-09-05.log:LifecycleException:  Protocol
handler initialization failed: java.lang.ClassNotFoundException: Error
loading SSL Implementation
org.apache.tomcat.util.net.jss.JSSImplementation
:java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
/var/log/pki-ca/catalina.2012-09-05.log:SEVERE: Error deploying web
application directory ca
/var/log/pki-ca/catalina.out:SEVERE: Error initializing socket factory
/var/log/pki-ca/catalina.out:java.lang.ClassNotFoundException: Error
loading SSL Implementation
org.apache.tomcat.util.net.jss.JSSImplementation
:java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
/var/log/pki-ca/catalina.out:LifecycleException:  Protocol handler
initialization failed: java.lang.ClassNotFoundException: Error loading
SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation
:java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
/var/log/pki-ca/catalina.out:SEVERE: Error deploying web application
directory ca
/var/log/pki-ca/catalina.out:SEVERE: Error initializing socket factory
/var/log/pki-ca/catalina.out:java.lang.ClassNotFoundException: Error
loading SSL Implementation
org.apache.tomcat.util.net.jss.JSSImplementation
:java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
/var/log/pki-ca/catalina.out:LifecycleException:  Protocol handler
initialization failed: java.lang.ClassNotFoundException: Error loading
SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation
:java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket


Hmm. Is there any additional information in the debug log? Any AVCs in /var/log/audit/audit.log?

Have you updated any packages recently? I'm not sure why dogtag would be throwing this exception.

rob


    ------------------------------------------------------------------------
    *From:* Rob Crittenden <rcrit...@redhat.com>
    *To:* george he <george_...@yahoo.com>
    *Cc:* John Dennis <jden...@redhat.com>; "freeipa-users@redhat.com"
    <freeipa-users@redhat.com>
    *Sent:* Tuesday, September 4, 2012 9:49 PM
    *Subject:* Re: [Freeipa-users] ipa host-del

    george he wrote:
     > both of the commands "service dirsrv restart" and "service pki-cad
     > restart" reported:
     > stopping ... OK
     > starting ... OK
     > but host-del still has the same error.
     > More suggestions?

    Check the logs again. The service starting does not mean it kept
    running.

    rob

     > Thanks,
     > George
     >
     >
    ------------------------------------------------------------------------
     >    *From:* Rob Crittenden <rcrit...@redhat.com
    <mailto:rcrit...@redhat.com>>
     >    *To:* george he <george_...@yahoo.com
    <mailto:george_...@yahoo.com>>
     >    *Cc:* John Dennis <jden...@redhat.com
    <mailto:jden...@redhat.com>>; "freeipa-users@redhat.com
    <mailto:freeipa-users@redhat.com>"
     >    <freeipa-users@redhat.com <mailto:freeipa-users@redhat.com>>
     >    *Sent:* Tuesday, September 4, 2012 4:20 PM
     >    *Subject:* Re: [Freeipa-users] ipa host-del
     >
     >    george he wrote:
     >      > I'm running centos 6.3
     >      > # uname -r
     >      > 2.6.32-279.5.2.el6.x86_64
     >     >
     >      > pki-ca: unrecognized service
     >      >
     >      > There are tons of errors in /var/log/pki-ca/*, some of
    them are:
     >      > /var/log/pki-ca/system:11605.main - [30/Aug/2012:16:34:56 EDT]
     >    [3] [3]
     >      > Cannot build CA chain. Error
    java.security.cert.CertificateException:
     >      > Certificate is not a PKCS #11 certificate
     >      > /var/log/pki-ca/system:11605.main - [30/Aug/2012:16:34:56 EDT]
     >    [13] [3]
     >      > authz instance DirAclAuthz initialization failed and skipped,
     >      > error=Property internaldb.ldapconn.port missing value
     >      > /var/log/pki-ca/system:11605.http-9445-1 -
    [30/Aug/2012:16:35:01 EDT]
     >      > [3] [3] Cannot build CA chain. Error
     >      > java.security.cert.CertificateException: Certificate is not a
     >    PKCS #11
     >      > certificate
     >      > /var/log/pki-ca/system:11605.http-9445-1 -
    [30/Aug/2012:16:35:10 EDT]
     >      > [3] [3] CASigningUnit: Object certificate not found. Error
     >      > org.mozilla.jss.crypto.ObjectNotFoundException
     >      > /var/log/pki-ca/system:3281.main - [31/Aug/2012:17:54:28
    EDT] [8]
     >    [3] In
     >      > Ldap (bound) connection pool to host
    cushing.psych.yale.edu port
     >    7389,
     >      > Cannot connect to LDAP server. Error:
    netscape.ldap.LDAPException:
     >      > failed to connect to server
    ldap://cushing.psych.yale.edu:7389 (91)
     > >
     >      > /var/log/pki-ca/catalina.2012-09-03.log:SEVERE: Error
    initializing
     >      > socket factory
     >      >
     >
    /var/log/pki-ca/catalina.2012-09-03.log:java.lang.ClassNotFoundException:
     >    Error
     >      > loading SSL Implementation
     >      > org.apache.tomcat.util.net.jss.JSSImplementation
     >      > :java.lang.ClassNotFoundException:
    org.mozilla.jss.ssl.SSLSocket
     >      >
    /var/log/pki-ca/catalina.2012-09-03.log:LifecycleException:  Protocol
     >      > handler initialization failed:
    java.lang.ClassNotFoundException:
     >    Error
     >      > loading SSL Implementation
     >      > org.apache.tomcat.util.net.jss.JSSImplementation
     >      > :java.lang.ClassNotFoundException:
    org.mozilla.jss.ssl.SSLSocket
     >      > /var/log/pki-ca/catalina.2012-09-03.log:SEVERE: Error
    deploying web
     >      > application directory ca
     >
     >    The problem looks to be that the dogtag 389-ds instance is not
    started.
     >    I'd try: service dirsrv restart PKI-IPA
     >
     >    Then service pki-cad restart
     >
     >    rob
     >
     >
     >
     >




_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to