george he wrote:
here are the new errors: # rm /var/log/pki-ca/* # service dirsrv restart # service pki-cad restart # grep -i error /var/log/pki-ca/* /var/log/pki-ca/catalina.2012-09-05.log:WARNING: Error while removing context [/ca] /var/log/pki-ca/catalina.2012-09-05.log:SEVERE: Error initializing socket factory /var/log/pki-ca/catalina.2012-09-05.log:java.lang.ClassNotFoundException: Error loading SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket /var/log/pki-ca/catalina.2012-09-05.log:LifecycleException: Protocol handler initialization failed: java.lang.ClassNotFoundException: Error loading SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket /var/log/pki-ca/catalina.2012-09-05.log:SEVERE: Error deploying web application directory ca /var/log/pki-ca/catalina.out:SEVERE: Error initializing socket factory /var/log/pki-ca/catalina.out:java.lang.ClassNotFoundException: Error loading SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket /var/log/pki-ca/catalina.out:LifecycleException: Protocol handler initialization failed: java.lang.ClassNotFoundException: Error loading SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket /var/log/pki-ca/catalina.out:SEVERE: Error deploying web application directory ca /var/log/pki-ca/catalina.out:SEVERE: Error initializing socket factory /var/log/pki-ca/catalina.out:java.lang.ClassNotFoundException: Error loading SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket /var/log/pki-ca/catalina.out:LifecycleException: Protocol handler initialization failed: java.lang.ClassNotFoundException: Error loading SSL Implementation org.apache.tomcat.util.net.jss.JSSImplementation :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket
Hmm. Is there any additional information in the debug log? Any AVCs in /var/log/audit/audit.log?
Have you updated any packages recently? I'm not sure why dogtag would be throwing this exception.
rob
------------------------------------------------------------------------ *From:* Rob Crittenden <rcrit...@redhat.com> *To:* george he <george_...@yahoo.com> *Cc:* John Dennis <jden...@redhat.com>; "freeipa-users@redhat.com" <freeipa-users@redhat.com> *Sent:* Tuesday, September 4, 2012 9:49 PM *Subject:* Re: [Freeipa-users] ipa host-del george he wrote: > both of the commands "service dirsrv restart" and "service pki-cad > restart" reported: > stopping ... OK > starting ... OK > but host-del still has the same error. > More suggestions? Check the logs again. The service starting does not mean it kept running. rob > Thanks, > George > > ------------------------------------------------------------------------ > *From:* Rob Crittenden <rcrit...@redhat.com <mailto:rcrit...@redhat.com>> > *To:* george he <george_...@yahoo.com <mailto:george_...@yahoo.com>> > *Cc:* John Dennis <jden...@redhat.com <mailto:jden...@redhat.com>>; "freeipa-users@redhat.com <mailto:freeipa-users@redhat.com>" > <freeipa-users@redhat.com <mailto:freeipa-users@redhat.com>> > *Sent:* Tuesday, September 4, 2012 4:20 PM > *Subject:* Re: [Freeipa-users] ipa host-del > > george he wrote: > > I'm running centos 6.3 > > # uname -r > > 2.6.32-279.5.2.el6.x86_64 > > > > pki-ca: unrecognized service > > > > There are tons of errors in /var/log/pki-ca/*, some of them are: > > /var/log/pki-ca/system:11605.main - [30/Aug/2012:16:34:56 EDT] > [3] [3] > > Cannot build CA chain. Error java.security.cert.CertificateException: > > Certificate is not a PKCS #11 certificate > > /var/log/pki-ca/system:11605.main - [30/Aug/2012:16:34:56 EDT] > [13] [3] > > authz instance DirAclAuthz initialization failed and skipped, > > error=Property internaldb.ldapconn.port missing value > > /var/log/pki-ca/system:11605.http-9445-1 - [30/Aug/2012:16:35:01 EDT] > > [3] [3] Cannot build CA chain. Error > > java.security.cert.CertificateException: Certificate is not a > PKCS #11 > > certificate > > /var/log/pki-ca/system:11605.http-9445-1 - [30/Aug/2012:16:35:10 EDT] > > [3] [3] CASigningUnit: Object certificate not found. Error > > org.mozilla.jss.crypto.ObjectNotFoundException > > /var/log/pki-ca/system:3281.main - [31/Aug/2012:17:54:28 EDT] [8] > [3] In > > Ldap (bound) connection pool to host cushing.psych.yale.edu port > 7389, > > Cannot connect to LDAP server. Error: netscape.ldap.LDAPException: > > failed to connect to server ldap://cushing.psych.yale.edu:7389 (91) > > > > /var/log/pki-ca/catalina.2012-09-03.log:SEVERE: Error initializing > > socket factory > > > /var/log/pki-ca/catalina.2012-09-03.log:java.lang.ClassNotFoundException: > Error > > loading SSL Implementation > > org.apache.tomcat.util.net.jss.JSSImplementation > > :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket > > /var/log/pki-ca/catalina.2012-09-03.log:LifecycleException: Protocol > > handler initialization failed: java.lang.ClassNotFoundException: > Error > > loading SSL Implementation > > org.apache.tomcat.util.net.jss.JSSImplementation > > :java.lang.ClassNotFoundException: org.mozilla.jss.ssl.SSLSocket > > /var/log/pki-ca/catalina.2012-09-03.log:SEVERE: Error deploying web > > application directory ca > > The problem looks to be that the dogtag 389-ds instance is not started. > I'd try: service dirsrv restart PKI-IPA > > Then service pki-cad restart > > rob > > > >
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users