On Mon, Jun 29, 2015 at 07:37:31PM +0200, Alexandre Ellert wrote:
> Hello,
> 
> I have a problem on a replica server running Centos 7.1 and ipa 
> 4.1.0-18.el7.centos.3.x86_64 (last version)
> Ipa server doesn’t restart correctly (using systemctl restart ipa or reboot 
> the whole server) :
> # ipactl status
> Directory Service: STOPPED
> Directory Service must be running in order to obtain status of other services
> ipa: INFO: The ipactl command was successful
> 
> and I have to force the start process :
> # ipactl start -f
> Existing service file detected!
> Assuming stale, cleaning and proceeding
> Starting Directory Service
> Starting krb5kdc Service
> Starting kadmin Service
> Starting named Service
> Starting ipa_memcached Service
> Starting httpd Service
> Starting pki-tomcatd Service
> 
> 
> Failed to start pki-tomcatd Service
> Forced start, ignoring pki-tomcatd Service, continuing normal operation
> Starting ipa-otpd Service
> ipa: INFO: The ipactl command was successful
> 
> But, as you see the pki-tomcatd is unable to start.
> I started looking at /var/log/pki/pki-tomcat/localhost.2015-06-29.log and 
> found this error :
> Jun 29, 2015 7:33:12 PM org.apache.catalina.core.StandardWrapperValve invoke
> SEVERE: Servlet.service() for servlet [caProfileSubmit] in context with path 
> [/ca] threw exception
> java.io.IOException: CS server is not ready to serve.
>       at com.netscape.cms.servlet.base.CMSServlet.service(CMSServlet.java:443)
>       at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>       at sun.reflect.GeneratedMethodAccessor32.invoke(Unknown Source)
>       at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>       at java.lang.reflect.Method.invoke(Method.java:606)
>       at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277)
>       at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
>       at 
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309)
>       at 
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:169)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:297)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
>       at 
> org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:191)
>       at 
> org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:187)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:186)
>       at 
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>       at sun.reflect.GeneratedMethodAccessor31.invoke(Unknown Source)
>       at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>       at java.lang.reflect.Method.invoke(Method.java:606)
>       at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277)
>       at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
>       at 
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309)
>       at 
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:249)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
>       at 
> org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:191)
>       at 
> org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:187)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at 
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:186)
>       at 
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>       at 
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>       at 
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
>       at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
>       at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>       at 
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
>       at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>       at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
>       at 
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
>       at 
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
>       at 
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>       at 
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>       at java.lang.Thread.run(Thread.java:745)
> 
> I don’t know how to fix that error and also don’t know if it is the root 
> cause.
> Thanks for your help and please tell me if you need more information.
> 
> Alexandre
> 
Could you please provide the content of logfile:
`/var/log/pki/pki-tomcat/ca/debug', around the time the error
occurs?

Thanks,
Fraser

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to