I have an install that fails at the following stage:importing CA chain to RA
certificate database [error] RuntimeError: Unable to retrieve CA chain:
request failed with HTTP status 500
the logs are not showing anything
obvious22/Aug/2017:17:02:52][http-bio-8443-exec-3]: importLDIFS(): LDAP Errors
in importing
/var/lib/pki/pki-tomcat/ca/conf/manager.ldif[22/Aug/2017:17:02:52][http-bio-8443-exec-3]:
LDAPUtil:importLDIF: exception in adding entry
ou=csusers,cn=config:netscape.ldap.LDAPException: error result
(68)[22/Aug/2017:17:02:52][http-bio-8443-exec-3]: LDAPUtil:importLDIF:
exception in modifying entry o=ipaca:netscape.ldap.LDAPException: error result
(20)[22/Aug/2017:17:02:52][http-bio-8443-exec-3]: init: before makeConnection
errorIfDown is false[22/Aug/2017:17:02:52][http-bio-8443-exec-3]:
makeConnection: errorIfDown false[22/Aug/2017:17:02:57][http-bio-8443-exec-3]:
init: before makeConnection errorIfDown is
true[22/Aug/2017:17:02:57][http-bio-8443-exec-3]: makeConnection: errorIfDown
true[22/Aug/2017:17:02:57][http-bio-8443-exec-3]: init: before makeConnection
errorIfDown is false[22/Aug/2017:17:02:57][http-bio-8443-exec-3]:
makeConnection: errorIfDown false[22/Aug/2017:17:02:57][http-bio-8443-exec-3]:
init: before makeConnection errorIfDown is
false[22/Aug/2017:17:02:57][http-bio-8443-exec-3]: makeConnection: errorIfDown
false[22/Aug/2017:17:02:58][http-bio-8443-exec-3]: init: before makeConnection
errorIfDown is false[22/Aug/2017:17:02:58][http-bio-8443-exec-3]:
makeConnection: errorIfDown false[22/Aug/2017:17:03:07][localhost-startStop-1]:
init: before makeConnection errorIfDown is
true[22/Aug/2017:17:03:07][localhost-startStop-1]: makeConnection: errorIfDown
true[22/Aug/2017:17:03:07][localhost-startStop-1]: init: before makeConnection
errorIfDown is false[22/Aug/2017:17:03:07][localhost-startStop-1]:
makeConnection: errorIfDown false[22/Aug/2017:17:03:08][localhost-startStop-1]:
init: before makeConnection errorIfDown is
false[22/Aug/2017:17:03:08][localhost-startStop-1]: makeConnection: errorIfDown
false[22/Aug/2017:17:03:08][localhost-startStop-1]: init: before makeConnection
errorIfDown is false[22/Aug/2017:17:03:08][localhost-startStop-1]:
makeConnection: errorIfDown false[22/Aug/2017:17:03:08][profileChangeMonitor]:
Start Profile Creation - caDirUserRenewal caEnrollImpl
com.netscape.cms.profile.common.CAEnrollProfile[22/Aug/2017:17:03:08][profileChangeMonitor]:
Done Profile Creation -
caDirUserRenewal[22/Aug/2017:17:03:08][profileChangeMonitor]: Start Profile
Creation - IECUserRoles caEnrollImpl
com.netscape.cms.profile.common.CAEnrollProfile[22/Aug/2017:17:03:08][profileChangeMonitor]:
Done Profile Creation -
IECUserRoles[22/Aug/2017:17:03:08][localhost-startStop-1]: init: before
makeConnection errorIfDown is
false[22/Aug/2017:17:03:08][localhost-startStop-1]: makeConnection: errorIfDown
false[22/Aug/2017:17:03:09][localhost-startStop-1]: init: before makeConnection
errorIfDown is false[22/Aug/2017:17:03:09][localhost-startStop-1]:
makeConnection: errorIfDown false[22/Aug/2017:17:03:09][localhost-startStop-1]:
init: before makeConnection errorIfDown is
false[22/Aug/2017:17:03:09][localhost-startStop-1]: makeConnection: errorIfDown
false[22/Aug/2017:17:03:09][localhost-startStop-1]: DBSubsystem: getNextRange.
Unable to provide next range :netscape.ldap.LDAPException: error result
(68)[22/Aug/2017:17:13:08][SerialNumberUpdateTask]: DBSubsystem: getNextRange.
Unable to provide next range :netscape.ldap.LDAPException: error result (68)
and
[23/Aug/2017:15:24:09][CertStatusUpdateTask]: returnConn: mNumConns now
5[23/Aug/2017:15:24:09][CertStatusUpdateTask]: DBVirtualList: searching for
entry 20170823152409Z[23/Aug/2017:15:24:09][CertStatusUpdateTask]:
DBVirtualList.getEntries()[23/Aug/2017:15:24:09][CertStatusUpdateTask]:
DBVirtualList: entries: 1[23/Aug/2017:15:24:09][CertStatusUpdateTask]:
DBVirtualList: top: 0[23/Aug/2017:15:24:09][CertStatusUpdateTask]:
DBVirtualList: size: 640[23/Aug/2017:15:24:09][CertStatusUpdateTask]:
transitRevokedExpiredCertificates: list size:
640[23/Aug/2017:15:24:09][CertStatusUpdateTask]:
transitRevokedExpiredCertificates: ltSize
1[23/Aug/2017:15:24:09][CertStatusUpdateTask]: transitRevokedExpired: curRec: 0
CertRecord: 76[23/Aug/2017:15:24:09][CertStatusUpdateTask]: Record does not
qualify,notAfter Mon Aug 28 16:47:53 UTC 2017 date Wed Aug 23 15:24:09 UTC
2017[23/Aug/2017:15:24:09][CertStatusUpdateTask]: transitCertList
REVOKED_EXPIRED[23/Aug/2017:15:24:09][CertStatusUpdateTask]: updateCertStatus
done
I have full logs if necessary. but I'm unable to determine the cause for the
failure. Asking on freeipa forums this is a problem on the CA server but thats
as far as I got with this.
_______________________________________________
Pki-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-users
