[OpenXPKI-users] PERSIST_CSR activity: Unable to load CA private key

Dmitry Golomolzin Wed, 28 Jan 2009 03:20:03 -0800

Hello,

We have another problem after performing the PERSIST_CSR activity:


Action:

$msg = $client->send_receive_command_msg('get_workflow_activities',{
    'ID'=>$w_id,
    'WORKFLOW'=>'I18N_OPENXPKI_WF_TYPE_CERTIFICATE_SIGNING_REQUEST'
});

Response:

$VAR1 = {
    'COMMAND' => 'get_workflow_activities',
    'SERVICE_MSG' => 'COMMAND',
    'PARAMS' => [
        'child_finished_failure'
    ]
};

Corresponding part of the /var/log/openxpki.log file: 

Workflow.ERROR Caught exception from action: 
I18N_OPENXPKI_TOOLKIT_COMMAND_FAILED; __COMMAND__ => 
OpenXPKI::Crypto::Backend::OpenSSL::Command::issue_cert; __ERRVAL__ => 
I18N_OPENXPKI_CRYPTO_CLI_ERROR; __ERRVAL__ => Using configuration from 
/var/tmp/openxpkiXXRv5D
unable to load CA private key
1383:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
decrypt:evp_enc.c:466:
1383:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
error:p12_decr.c:97:
1383:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt 
error:p12_decr.c:123:
1383:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 
lib:pem_pkey.c:125:
unable to write 'random state'
; reset workflow to old state 'PREPARED'
2009/01/27 13:30:26 Workflow.ERROR Caught exception from action: 
I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_FORKWORKFLOWINSTANCE_ERROR_FORKING;
 __EVAL_ERROR__ => 
I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_FORKWORKFLOWINSTANCE_ERROR_EXECUTING_ACTIVITY;
 __STATE__ => ; __EVAL_ERROR__ => I18N_OPENXPKI_TOOLKIT_COMMAND_FAILED; 
__COMMAND__ => OpenXPKI::Crypto::Backend::OpenSSL::Command::issue_cert; 
__ERRVAL__ => I18N_OPENXPKI_CRYPTO_CLI_ERROR; __ERRVAL__ => Using configuration 
from /var/tmp/openxpkiXXRv5D
unable to load CA private key
1383:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad 
decrypt:evp_enc.c:466:
1383:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal 
error:p12_decr.c:97:
1383:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt 
error:p12_decr.c:123:
1383:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 
lib:pem_pkey.c:125:
unable to write 'random state'
; reset workflow to old state 'SPAWNING_CERT_ISSUANCE'


The "openxpkiadm key list --realm I18N_OPENXPKI_DEPLOYMENT_TEST_DUMMY_CA" 
command's result:

CA keys:
Key for purpose CA with ID: testdummyca1
+ /usr/local/etc/openxpki/ca/testdummyca1/cakey.pem
EVAL_ERROR: I18N_OPENXPKI_XML_CACHE_GET_XPATH_COUNT_NOTHING_FOUND; __XPATH__ => 
pki_realm/0/common/0/secret/0/group/0/method/0/required_shares Secret group: 
default
Secret method: plain (n = 1, k = 1)
SCEP keys:
I18N_OPENXPKI_XML_CACHE_GET_XPATH_COUNT_NOTHING_FOUND; __XPATH__ => 
pki_realm/0/scep[[email protected] openxpki]#


As I see, openxpki cannot load CA private key ("unable to load CA private 
key"). What should we do, in order to fix it?

______________________________
With best regards, Dmitry Golomolzin
INDEC Ltd.
[email protected]
[email protected]



------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users

[OpenXPKI-users] PERSIST_CSR activity: Unable to load CA private key

Reply via email to