> Le 30 juin 2015 à 10:16, Alexandre Ellert <aell...@numeezy.com> a écrit :
> 
> 
>> Could you please provide the content of logfile:
>> `/var/log/pki/pki-tomcat/ca/debug', around the time the error
>> occurs?
>> 
>> Thanks,
>> Fraser
> 
> When the pki-tomcatd service is trying to start, I see this message in 
> /var/log/pki/pki-tomcat/ca/debug
> 
> [30/Jun/2015:10:02:13][localhost-startStop-1]: 
> ============================================
> [30/Jun/2015:10:02:13][localhost-startStop-1]: =====  DEBUG SUBSYSTEM 
> INITIALIZED   =======
> [30/Jun/2015:10:02:13][localhost-startStop-1]: 
> ============================================
> [30/Jun/2015:10:02:13][localhost-startStop-1]: CMSEngine: done init id=debug
> [30/Jun/2015:10:02:13][localhost-startStop-1]: CMSEngine: initialized debug
> [30/Jun/2015:10:02:13][localhost-startStop-1]: CMSEngine: initSubsystem id=log
> [30/Jun/2015:10:02:13][localhost-startStop-1]: CMSEngine: ready to init id=log
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: done init id=log
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: initialized log
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: initSubsystem id=jss
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: ready to init id=jss
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: done init id=jss
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: initialized jss
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: initSubsystem id=dbs
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine: ready to init id=dbs
> [30/Jun/2015:10:02:14][localhost-startStop-1]: DBSubsystem: init()  
> mEnableSerialMgmt=true
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LdapBoundConnFactory: init 
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LdapBoundConnFactory:doCloning 
> true
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LdapAuthInfo: init()
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LdapAuthInfo: init begins
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LdapAuthInfo: init ends
> [30/Jun/2015:10:02:14][localhost-startStop-1]: init: before makeConnection 
> errorIfDown is true
> [30/Jun/2015:10:02:14][localhost-startStop-1]: makeConnection: errorIfDown 
> true
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LdapJssSSLSocket set client 
> auth cert nicknamesubsystemCert cert-pki-ca
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMS:Caught EBaseException
> Internal Database Error encountered: Could not connect to LDAP server host 
> ipa.mydomain.org <http://ipa.mydomain.org/> port 636 Error 
> netscape.ldap.LDAPException: IO Error creating JSS SSL Socket (-1)
>       at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:658)
>       at com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:934)
>       at 
> com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:865)
>       at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:362)
>       at com.netscape.certsrv.apps.CMS.init(CMS.java:189)
>       at com.netscape.certsrv.apps.CMS.start(CMS.java:1585)
>       at 
> com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:96)
>       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>       at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>       at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>       at java.lang.reflect.Method.invoke(Method.java:606)
>       at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277)
>       at 
> org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
>       at 
> org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:309)
>       at 
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:169)
>       at 
> org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:123)
>       at 
> org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1272)
>       at 
> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1197)
>       at 
> org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1087)
>       at 
> org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5210)
>       at 
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5493)
>       at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
>       at 
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
>       at 
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
>       at 
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)
>       at 
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at 
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:875)
>       at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632)
>       at 
> org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:672)
>       at 
> org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1862)
>       at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>       at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>       at java.lang.Thread.run(Thread.java:745)
> [30/Jun/2015:10:02:14][localhost-startStop-1]: CMSEngine.shutdown()
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LogFile:In log shutdown
> [30/Jun/2015:10:02:14][localhost-startStop-1]: SignedAuditEventFactory: 
> create() 
> message=[AuditEvent=AUDIT_LOG_SHUTDOWN][SubjectID=$System$][Outcome=Success] 
> audit function shutdown
> 
> [30/Jun/2015:10:02:14][localhost-startStop-1]: LogFile:In log shutdown
> [30/Jun/2015:10:02:14][localhost-startStop-1]: SignedAuditEventFactory: 
> create() 
> message=[AuditEvent=AUDIT_LOG_SHUTDOWN][SubjectID=$System$][Outcome=Success] 
> audit function shutdown
> 
> [30/Jun/2015:10:02:15][ajp-bio-127.0.0.1-8009-exec-1]: according to ccMode, 
> authorization for servlet: caGetStatus is LDAP based, not XML {1}, use 
> default authz mgr: {2}.
> 
> I checked that ns-slapd was running on port 636
> # netstat -antp|grep 636
> tcp6       0      0 :::636                  :::*                    LISTEN    
>   22855/ns-slapd
> 
> After a quick search, I found this bug 
> https://fedorahosted.org/freeipa/ticket/4666 
> <https://fedorahosted.org/freeipa/ticket/4666> is quite similar.
> Many workarounds are suggested there but I’m confused about which could be 
> efficient for me.
> 
Up plz.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to