Hi Dominik,thats bad news - we always try to not break existing installs with the updates :(
Does your request really fail or is it just in the "Policy Violation Pending" state? This just means that the DNS lookup for the given domain failed. Indeed we changed this module to better handle timeouts when the DNS response is too slow.
First, to diagnose the problem, try to make a dns lookup on the domain in question using dig/nslookup on the shell. If this takes longer that a second, you got the problem.
It would be easiest to fix/speed up the resolver of the underlying OS, yoz can also set timeout and resolvers in the workflow config files (Have a Look at the checkdns activity).
Oliver Am 23.05.2017 um 18:57 schrieb Dominik Lindlbauer:
Hi everybody,
after upgrading openxpki from version 1.16.8 to 1.17.4 with aptitude on
a debian 8 machine i got the following output when i want to issue a new
certificate:
Subject Alternative Name: DNS: sample.fqdn (FAIL)
before the upgrade i can issue the certificate perfect without errors:
Subject Alternative Name: DNS: sample.fqdn (OK).
Has anybody the same problem (and maybe even solved the issue)?
Thanks for your help,
Dominik
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
-- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
