Re: [Pki-devel] [Pki-users] CS Server error
(Sorry, I sent this to the wrong list.) On Thu, Dec 08, 2016 at 01:59:45PM +1000, Fraser Tweedale wrote: > On Wed, Dec 07, 2016 at 05:29:41PM -0800, Rafael Leiva-Ochoa wrote: > > Here you goI hope you can help. I am already starting to use it in > > production testing...I would hate to start all over...: ( > > > The error in your log is: > > [06/Dec/2016:23:28:45][localhost-startStop-1]: AuthSubsystem: > initializing authentication manager flatFileAuth > Property auths.instance.flatFileAuth.pluginName missing value > at > com.netscape.cmscore.base.PropConfigStore.getString(PropConfigStore.java:258) > at > com.netscape.cmscore.authentication.AuthSubsystem.init(AuthSubsystem.java:200) > at > com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1169) > at > com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1075) > at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:582) > at com.netscape.certsrv.apps.CMS.init(CMS.java:187) > at com.netscape.certsrv.apps.CMS.start(CMS.java:1616) > ... lots more traceback > > This causes a shutdown of the Dogtag application (but not Tomcat > itself, hence it is still able to respond to HTTP requests). > > Have you modified anything in /etc/pki/pki-tomcat/ca/CS.cfg > yourself? If not, perhaps it was an update gone awry, or some other > corruption of CS.cfg. > > The `flatFileAuth' properties in CS.cfg should be something like: > > auths.instance.flatFileAuth.authAttributes=PWD > auths.instance.flatFileAuth.deferOnFailure=true > > auths.instance.flatFileAuth.fileName=/var/lib/pki/pki-tomcat/conf/ca/flatfile.txt > auths.instance.flatFileAuth.keyAttributes=UID > auths.instance.flatFileAuth.pluginName=FlatFileAuth > > Try fixing that up and seeing if Dogtag starts. If it does not, > please attach debug log (latter portions thereof) and the CS.cfg. > > Thanks, > Fraser > > > > On Wed, Dec 7, 2016 at 4:25 PM, Fraser Tweedale wrote: > > > > > On Wed, Dec 07, 2016 at 02:11:53PM -0800, Rafael Leiva-Ochoa wrote: > > > > Hi Team, > > > > > > > > I have installed Dogtag on one of my Raspberry PI 3 devices for > > > > testing. At first it was working great. Then, I noticed that it took a > > > very > > > > long time for the DogTag Start Page to startup when I rebooted my Pi. In > > > > some cases, it took 10min's, but I attributed this to the fact that it > > > was > > > > running on a ARM processor, and it takes a while to start up. Now, for > > > some > > > > reason, I am getting this error: > > > > > > > > HTTP Status 500 - CS server is not ready to serve. > > > > > > > > *type* Exception report > > > > > > > > *message* *CS server is not ready to serve.* > > > > > > > > *description* *The server encountered an internal error that prevented > > > > it > > > > from fulfilling this request.* > > > > > > > > *exception* > > > > > > > > java.io.IOException: CS server is not ready to serve. > > > > com.netscape.cms.servlet.base.CMSServlet.service(CMSServlet. > > > java:445) > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > > sun.reflect.NativeMethodAccessorImpl.invoke( > > > NativeMethodAccessorImpl.java:62) > > > > sun.reflect.DelegatingMethodAccessorImpl.invoke( > > > DelegatingMethodAccessorImpl.java:43) > > > > java.lang.reflect.Method.invoke(Method.java:498) > > > > org.apache.catalina.security.SecurityUtil$1.run( > > > SecurityUtil.java:293) > > > > org.apache.catalina.security.SecurityUtil$1.run( > > > SecurityUtil.java:290) > > > > java.security.AccessController.doPrivileged(Native Method) > > > > javax.security.auth.Subject.doAsPrivileged(Subject.java:549) > > > > org.apache.catalina.security.SecurityUtil.execute( > > > SecurityUtil.java:325) > > > > org.apache.catalina.security.SecurityUtil.doAsPrivilege( > > > SecurityUtil.java:176) > > > > java.security.AccessController.doPrivileged(Native Method) > > > > org.apache.tomcat.websocket.server.WsFilter.doFilter( > > > WsFilter.java:52) > > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > > sun.reflect.NativeMethodAccessorImpl.invoke( > > > NativeMethodAccessorImpl.java:62) > > > > sun.reflect.DelegatingMethodAccessorImpl.invoke( > > > DelegatingMethodAccessorImpl.java:43) > > > > java.lang.reflect.Method.invoke(Method.java:498) > > > > org.apache.catalina.security.SecurityUtil$1.run( > > > SecurityUtil.java:293) > > > > org.apache.catalina.security.SecurityUtil$1.run( > > > SecurityUtil.java:290) > > > > java.security.AccessController.doPrivileged(Native Method) > > > > javax.security.auth.Subject.doAsPrivileged(Subject.java:549) > > > > org.apache.catalina.security.SecurityUtil.execute( > > > SecurityUtil.java
Re: [Pki-devel] [Pki-users] CS Server error
On Wed, Dec 07, 2016 at 05:29:41PM -0800, Rafael Leiva-Ochoa wrote: > Here you goI hope you can help. I am already starting to use it in > production testing...I would hate to start all over...: ( > The error in your log is: [06/Dec/2016:23:28:45][localhost-startStop-1]: AuthSubsystem: initializing authentication manager flatFileAuth Property auths.instance.flatFileAuth.pluginName missing value at com.netscape.cmscore.base.PropConfigStore.getString(PropConfigStore.java:258) at com.netscape.cmscore.authentication.AuthSubsystem.init(AuthSubsystem.java:200) at com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1169) at com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1075) at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:582) at com.netscape.certsrv.apps.CMS.init(CMS.java:187) at com.netscape.certsrv.apps.CMS.start(CMS.java:1616) ... lots more traceback This causes a shutdown of the Dogtag application (but not Tomcat itself, hence it is still able to respond to HTTP requests). Have you modified anything in /etc/pki/pki-tomcat/ca/CS.cfg yourself? If not, perhaps it was an update gone awry, or some other corruption of CS.cfg. The `flatFileAuth' properties in CS.cfg should be something like: auths.instance.flatFileAuth.authAttributes=PWD auths.instance.flatFileAuth.deferOnFailure=true auths.instance.flatFileAuth.fileName=/var/lib/pki/pki-tomcat/conf/ca/flatfile.txt auths.instance.flatFileAuth.keyAttributes=UID auths.instance.flatFileAuth.pluginName=FlatFileAuth Try fixing that up and seeing if Dogtag starts. If it does not, please attach debug log (latter portions thereof) and the CS.cfg. Thanks, Fraser > On Wed, Dec 7, 2016 at 4:25 PM, Fraser Tweedale wrote: > > > On Wed, Dec 07, 2016 at 02:11:53PM -0800, Rafael Leiva-Ochoa wrote: > > > Hi Team, > > > > > > I have installed Dogtag on one of my Raspberry PI 3 devices for > > > testing. At first it was working great. Then, I noticed that it took a > > very > > > long time for the DogTag Start Page to startup when I rebooted my Pi. In > > > some cases, it took 10min's, but I attributed this to the fact that it > > was > > > running on a ARM processor, and it takes a while to start up. Now, for > > some > > > reason, I am getting this error: > > > > > > HTTP Status 500 - CS server is not ready to serve. > > > > > > *type* Exception report > > > > > > *message* *CS server is not ready to serve.* > > > > > > *description* *The server encountered an internal error that prevented it > > > from fulfilling this request.* > > > > > > *exception* > > > > > > java.io.IOException: CS server is not ready to serve. > > > com.netscape.cms.servlet.base.CMSServlet.service(CMSServlet. > > java:445) > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > sun.reflect.NativeMethodAccessorImpl.invoke( > > NativeMethodAccessorImpl.java:62) > > > sun.reflect.DelegatingMethodAccessorImpl.invoke( > > DelegatingMethodAccessorImpl.java:43) > > > java.lang.reflect.Method.invoke(Method.java:498) > > > org.apache.catalina.security.SecurityUtil$1.run( > > SecurityUtil.java:293) > > > org.apache.catalina.security.SecurityUtil$1.run( > > SecurityUtil.java:290) > > > java.security.AccessController.doPrivileged(Native Method) > > > javax.security.auth.Subject.doAsPrivileged(Subject.java:549) > > > org.apache.catalina.security.SecurityUtil.execute( > > SecurityUtil.java:325) > > > org.apache.catalina.security.SecurityUtil.doAsPrivilege( > > SecurityUtil.java:176) > > > java.security.AccessController.doPrivileged(Native Method) > > > org.apache.tomcat.websocket.server.WsFilter.doFilter( > > WsFilter.java:52) > > > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > sun.reflect.NativeMethodAccessorImpl.invoke( > > NativeMethodAccessorImpl.java:62) > > > sun.reflect.DelegatingMethodAccessorImpl.invoke( > > DelegatingMethodAccessorImpl.java:43) > > > java.lang.reflect.Method.invoke(Method.java:498) > > > org.apache.catalina.security.SecurityUtil$1.run( > > SecurityUtil.java:293) > > > org.apache.catalina.security.SecurityUtil$1.run( > > SecurityUtil.java:290) > > > java.security.AccessController.doPrivileged(Native Method) > > > javax.security.auth.Subject.doAsPrivileged(Subject.java:549) > > > org.apache.catalina.security.SecurityUtil.execute( > > SecurityUtil.java:325) > > > org.apache.catalina.security.SecurityUtil.doAsPrivilege( > > SecurityUtil.java:264) > > > > > > *note* *The full stack trace of the root cause is available in the Apache > > > Tomcat/8.0.38 logs.* > > > -- > > > Apache Tomcat/8.0.38 > > > > > > I have tried rebooting the PI many times