Hi Oliver. According to the webUI and workflow.log, no workflow is started. I am requesting only one certificate (only one try in the following logs). This is my openxpki.log after a fresh docker start and a getcert at 16:33.
2022/02/08 16:28:48 INFO Loaded auth handler LocalPassword [pid=1|] 2022/02/08 16:28:48 INFO Loaded auth handler Anonymous [pid=1|] 2022/02/08 16:28:48 INFO Loaded auth handler System [pid=1|] 2022/02/08 16:28:48 INFO Loaded auth handler Certificate [pid=1|] 2022/02/08 16:28:48 INFO Loaded auth handler Password Connector [pid=1|] 2022/02/08 16:28:48 INFO Loaded auth handler TestAccounts [pid=1|] 2022/02/08 16:33:08 ERROR Error executing SCEP command 'PKIOperation': I18N_OPENXPKI_UI_VALIDATOR_FIELD_TYPE_INVALID [pid=19|sid=FuTq|wftype=certificate_enroll|wfid=5887|sceptid=39746307736602139464711739816579892826419596063044338920628525300358398474976] catchall.log - I see a "try to start new workflow" 2022/02/08 16:33:08 openxpki.application.INFO LibSCEP PKIOperation; message type: PKCSReq [pid=19|sid=FuTq] 2022/02/08 16:33:08 openxpki.application.INFO SCEP incoming request, id 39746307736602139464711739816579892826419596063044338920628525300358398474976 [pid=19|sid=FuTq|sceptid=39746307736602139464711739816579892826419596063044338920628525300358398474976] 2022/02/08 16:33:08 openxpki.application.INFO SCEP try to start new workflow for 39746307736602139464711739816579892826419596063044338920628525300358398474976 [pid=19|sid=FuTq|sceptid=39746307736602139464711739816579892826419596063044338920628525300358398474976] 2022/02/08 16:33:08 openxpki.system.ERROR Error executing SCEP command 'PKIOperation': I18N_OPENXPKI_UI_VALIDATOR_FIELD_TYPE_INVALID [pid=19|sid=FuTq|wftype=certificate_enroll|wfid=5887|sceptid=39746307736602139464711739816579892826419596063044338920628525300358398474976] scep.log 2022/02/08 16:31:55 INF SCEP handler initialized [pid=69] 2022/02/08 16:31:55 INF Incoming request from 192.168.56.127 with GetCACaps [pid=69] 2022/02/08 16:31:56 INF Incoming request from 192.168.56.127 with GetCACert [pid=69] 2022/02/08 16:33:07 INF Incoming request from 192.168.56.127 with GetCACaps [pid=69] 2022/02/08 16:33:07 INF Incoming request from 192.168.56.127 with PKIOperation [pid=69] 2022/02/08 16:33:08 ERR SCEP response is empty [pid=69] When I am using sscep, all is OK. Thanks for your help Oliver. Regards, Eric -- Sent with Tutanota, the secure & ad-free mailbox. Feb 7, 2022, 20:22 by m...@oliwel.de: > Hi Eric, > > you get this kind of error when you either send two requests in a very > short time (database transaction isolation) or when your workflow > crashes during startup. Can you please check if a workflow was created > and/or for any other error messages before this log line in openxpki.log > > Oliver > > Am 07.02.22 um 16:29 schrieb cwam--- via OpenXPKI-users: > >> Hi, >> >> I meet difficulties using "getcert request" (from certmonger). >> >> # CLIENT SIDE >> >> Here is how I am trying to get a certificate from OpenXPKI SCEP server >> from a client : >> >> $ getcert request -I obtenirUnCertificat -c openxpki -d /etc/pki/nssdb >> -n scep-client-test -N cn="app.domain.lan" >> >> $ getcert list >> Number of certificates and requests being tracked: 1. >> Request ID 'obtenirUnCertificat': >> status: CA_UNREACHABLE >> ca-error: Server reply was of unexpected MIME type "text/plain". >> stuck: no >> key pair storage: >> type=NSSDB,location='/etc/pki/nssdb',nickname='scep-client-test',token='NSS >> Certificate DB' >> certificate: >> type=NSSDB,location='/etc/pki/nssdb',nickname='scep-client-test' >> signing request thumbprint (MD5): 44947907 8D31F82C A722E441 891312E5 >> signing request thumbprint (SHA1): B329431B 72243BB2 8EC57B10 B632DDF6 >> FFD80142 >> CA: openxpki >> issuer: >> subject: >> expires: unknown >> pre-save command: >> post-save command: >> track: yes >> auto-renew: yes >> >> As you can read the error is : "Server reply was of unexpected MIME >> type "text/plain"." >> >> # OPENXPKI SIDE >> On the Openxpki side, openxpki.log is showing : >> >> 2022/02/07 14:46:14 ERROR >> I18N_OPENXPKI_SERVICE_LIBSCEP_COMMAND_PKIOPERATION_PARALLEL_REQUESTS_DETECTED; >> __DPSTATE__ => creating, __SERVER__ => generic, __TRANSACTION_ID__ => >> 98045844304779527357588258779756540595169315217199782481781298876007486699834 >> [pid=181|sid=Hogn|sceptid=98045844304779527357588258779756540595169315217199782481781298876007486699834] >> >> 2022/02/07 14:46:14 ERROR Error executing SCEP command 'PKIOperation': >> I18N_OPENXPKI_SERVICE_LIBSCEP_COMMAND_PKIOPERATION_PARALLEL_REQUESTS_DETECTED; >> __DPSTATE__ => creating, __SERVER__ => generic, __TRANSACTION_ID__ => >> 98045844304779527357588258779756540595169315217199782481781298876007486699834 >> [pid=181|sid=Hogn|sceptid=98045844304779527357588258779756540595169315217199782481781298876007486699834] >> >> And scep.log >> >> 2022/02/07 14:46:13 INF Incoming request from 192.168.56.126 with >> GetCACaps [pid=79] >> 2022/02/07 14:46:14 INF Incoming request from 192.168.56.126 with >> PKIOperation [pid=79] >> 2022/02/07 14:46:14 ERR SCEP response is empty [pid=79] >> >> >> Does anyone manage to use certmonger for scep requests to openxpki >> please ? >> >> Thank you. >> Best regards. >> Eric. >> >> >> _______________________________________________ >> OpenXPKI-users mailing list >> OpenXPKI-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/openxpki-users >> > > > -- > Protect your environment - close windows and adopt a penguin! > > > > _______________________________________________ > OpenXPKI-users mailing list > OpenXPKI-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openxpki-users >
_______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
