I am trying to configure OCSP key store file (* .12) using HSM. But I
encountered a problem: when test certificates on client status error:
server.log
2014-03-29 14:27:09,742 INFO [org.ejbca.ui.web.protocol.OCSPServletBase]
(http-0.0.0.0-8080-1) Received OCSP request for certificate with serNo:
5f74391b8b92c50, and issuerNameHash:
d21a71404106380a03361869c10561d3e409b2f5. Client ip 10.2.70.11.
2014-03-29 14:27:09,853 INFO [org.ejbca.ui.web.protocol.OCSPServletBase]
(http-0.0.0.0-8080-1) Adding status information (revoked) for certificate
with serial '5f74391b8b92c50' from issuer 'CN=DemoCA,OU=BTE,O=Bkav
Corp,C=VN'.
2014-03-29 14:27:19,857 ERROR [org.ejbca.ui.web.protocol.OCSPServletBase]
(http-0.0.0.0-8080-1) Error processing OCSP request. Message: No ocsp
signing key for caid 1858231767.
org.ejbca.core.model.ca.caadmin.extendedcaservices.ExtendedCAServiceNotActiveException:
No ocsp signing key for caid 1858231767
at
org.ejbca.core.protocol.ocsp.standalonesession.StandAloneSession.extendedService(StandAloneSession.java:390)
atorg.ejbca.ui.web.protocol.OCSPServletStandAlone.extendedService(OCSPServletStandAlone.java:131)
at
org.ejbca.ui.web.protocol.OCSPServletBase.signOCSPResponse(OCSPServletBase.java:228)
at
org.ejbca.ui.web.protocol.OCSPServletBase.serviceOCSP(OCSPServletBase.java:934)
at
org.ejbca.ui.web.protocol.OCSPServletBase.doPost(OCSPServletBase.java:380)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Looking forward to your help, I'm using ejbca version 5.1.0, Safenet HSM
thank all
--
View this message in context:
http://openssl.6102.n7.nabble.com/No-ocsp-signing-key-for-caid-tp49033.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
