Menu
▾
▴
ejbca-develop — Development discussions
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(3) |
Feb
(2) |
Mar
(8) |
Apr
(3) |
May
(6) |
Jun
(1) |
Jul
(15) |
Aug
(6) |
Sep
|
Oct
(10) |
Nov
(2) |
Dec
(4) |
| 2003 |
Jan
(1) |
Feb
(7) |
Mar
(3) |
Apr
(6) |
May
(7) |
Jun
(5) |
Jul
(5) |
Aug
(25) |
Sep
(14) |
Oct
(2) |
Nov
|
Dec
(2) |
| 2004 |
Jan
(7) |
Feb
(4) |
Mar
(12) |
Apr
(16) |
May
(43) |
Jun
(56) |
Jul
(43) |
Aug
(40) |
Sep
(66) |
Oct
(12) |
Nov
(26) |
Dec
(10) |
| 2005 |
Jan
(13) |
Feb
(33) |
Mar
(16) |
Apr
(7) |
May
(10) |
Jun
(34) |
Jul
(41) |
Aug
(8) |
Sep
(4) |
Oct
(32) |
Nov
(20) |
Dec
(25) |
| 2006 |
Jan
(30) |
Feb
(101) |
Mar
(5) |
Apr
(75) |
May
(74) |
Jun
(22) |
Jul
(6) |
Aug
(70) |
Sep
(19) |
Oct
(21) |
Nov
(31) |
Dec
(50) |
| 2007 |
Jan
(15) |
Feb
(20) |
Mar
(24) |
Apr
(33) |
May
(13) |
Jun
(18) |
Jul
(13) |
Aug
(7) |
Sep
(63) |
Oct
(68) |
Nov
(29) |
Dec
(68) |
| 2008 |
Jan
(30) |
Feb
(33) |
Mar
(30) |
Apr
(103) |
May
(78) |
Jun
(48) |
Jul
(72) |
Aug
(24) |
Sep
(62) |
Oct
(63) |
Nov
(70) |
Dec
(37) |
| 2009 |
Jan
(34) |
Feb
(35) |
Mar
(64) |
Apr
(34) |
May
(34) |
Jun
(58) |
Jul
(30) |
Aug
(30) |
Sep
(46) |
Oct
(52) |
Nov
(12) |
Dec
(23) |
| 2010 |
Jan
(121) |
Feb
(18) |
Mar
(53) |
Apr
(62) |
May
(62) |
Jun
(20) |
Jul
(33) |
Aug
(20) |
Sep
(36) |
Oct
(35) |
Nov
(44) |
Dec
(63) |
| 2011 |
Jan
(19) |
Feb
(32) |
Mar
(94) |
Apr
(41) |
May
(47) |
Jun
(25) |
Jul
(34) |
Aug
(20) |
Sep
(9) |
Oct
(41) |
Nov
(33) |
Dec
(24) |
| 2012 |
Jan
(12) |
Feb
(36) |
Mar
(48) |
Apr
(32) |
May
(20) |
Jun
(15) |
Jul
(32) |
Aug
(13) |
Sep
(33) |
Oct
(54) |
Nov
(25) |
Dec
(16) |
| 2013 |
Jan
(45) |
Feb
(39) |
Mar
(38) |
Apr
(50) |
May
(29) |
Jun
(30) |
Jul
(33) |
Aug
(12) |
Sep
(9) |
Oct
(25) |
Nov
(29) |
Dec
(20) |
| 2014 |
Jan
(25) |
Feb
(19) |
Mar
(16) |
Apr
(33) |
May
(27) |
Jun
(37) |
Jul
(29) |
Aug
(27) |
Sep
(37) |
Oct
(58) |
Nov
(109) |
Dec
(26) |
| 2015 |
Jan
(4) |
Feb
(35) |
Mar
(22) |
Apr
(35) |
May
(28) |
Jun
(20) |
Jul
(4) |
Aug
(16) |
Sep
(37) |
Oct
(13) |
Nov
(13) |
Dec
(14) |
| 2016 |
Jan
(22) |
Feb
(7) |
Mar
(23) |
Apr
(30) |
May
(10) |
Jun
(10) |
Jul
(15) |
Aug
(12) |
Sep
(22) |
Oct
(31) |
Nov
(5) |
Dec
(5) |
| 2017 |
Jan
(30) |
Feb
(25) |
Mar
(28) |
Apr
(4) |
May
(19) |
Jun
(13) |
Jul
(7) |
Aug
(1) |
Sep
(2) |
Oct
(5) |
Nov
(12) |
Dec
(2) |
| 2018 |
Jan
(7) |
Feb
|
Mar
(7) |
Apr
(2) |
May
(8) |
Jun
(18) |
Jul
(6) |
Aug
(3) |
Sep
(15) |
Oct
(33) |
Nov
(13) |
Dec
(7) |
| 2019 |
Jan
(5) |
Feb
(7) |
Mar
(30) |
Apr
(5) |
May
(4) |
Jun
(69) |
Jul
(86) |
Aug
(22) |
Sep
(6) |
Oct
(7) |
Nov
(5) |
Dec
(3) |
| 2020 |
Jan
(10) |
Feb
(12) |
Mar
(22) |
Apr
(5) |
May
(1) |
Jun
(4) |
Jul
(6) |
Aug
|
Sep
(9) |
Oct
|
Nov
|
Dec
(1) |
| 2021 |
Jan
(4) |
Feb
(11) |
Mar
(7) |
Apr
(7) |
May
|
Jun
(3) |
Jul
(10) |
Aug
(6) |
Sep
|
Oct
|
Nov
(18) |
Dec
(2) |
| 2022 |
Jan
(1) |
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
(5) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Tomas G. <to...@pr...> - 2018-05-30 16:35:06
|
Are these some signs missing where there are double spaces? "But when we are hitting that giving jsp error" What does "that" refers to? You can find an upgrade guide, including what java and jboss versions you can use here: http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html Regards, Tomas On 2018-05-30 18:17, Mehul Chhayani wrote: > Hello Tomas, > > Its working on old ejbca-4.0.16 and we did not change any keystore keys or catoken.properties file. But when we are hitting that giving jsp error, can you please tell us what it is causing an error. Or We should compile new ejbca with upgrade jboss or jdk. > > > 16:16:16,239 INFO [Log4jDevice] 2018-05-30 16:16:16+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=172.40.40.127 > 16:16:16,367 ERROR [jsp] > java.lang.NullPointerException > at org.cesecore.authentication.tokens.X509CertificateAuthenticationToken.matchTokenType(X509CertificateAuthenticationToken.java:305) > at org.cesecore.authorization.access.AccessTreeNode.findPreferredRule(AccessTreeNode.java:259) > at org.cesecore.authorization.access.AccessTreeNode.isAuthorizedRecursive(AccessTreeNode.java:139) > at org.cesecore.authorization.access.AccessTreeNode.isAuthorizedRecursive(AccessTreeNode.java:192) > at org.cesecore.authorization.access.AccessTreeNode.isAuthorized(AccessTreeNode.java:115) > at org.cesecore.authorization.access.AccessTree.isAuthorized(AccessTree.java:86) > at org.cesecore.authorization.control.AccessControlSessionBean.isAuthorized(AccessControlSessionBean.java:86) > at org.cesecore.authorization.control.AccessControlSessionBean.isAuthorized(AccessControlSessionBean.java:136) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > at sun.reflect.GeneratedMethodAccessor323.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_9560387.invoke(InvocationContextInterceptor_z_fillMethod_9560387.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_9560387.invoke(InvocationContextInterceptor_z_setup_9560387.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPolicy.invokeInNoTx(TxPolicy.java:66) > at org.jboss.aspects.tx.TxInterceptor$Supports.invoke(TxInterceptor.java:143) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176) > at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) > at com.sun.proxy.$Proxy370.isAuthorized(Unknown Source) > at org.ejbca.ui.web.admin.configuration.EjbcaWebBean.initialize(EjbcaWebBean.java:238) > at org.apache.jsp.index_jsp._jspService(index_jsp.java:83) > at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:369) > at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:322) > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:249) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:198) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.ejbca.ui.web.admin.ProxiedAuthenticationFilter.doFilter(ProxiedAuthenticationFilter.java:109) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433) > at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > at java.lang.Thread.run(Thread.java:662) > > > > > ------- > Thank you, > Mehul Chhayani | Deployment Specialist > chh...@ec... > T:416-226-8600 EXT-246 > > -----Original Message----- > From: Tomas Gustavsson [mailto:to...@pr...] > Sent: Wednesday, May 30, 2018 3:15 AM > To: ejb...@li... > Cc: Randy Yu; Mehul Chhayani > Subject: Re: [Ejbca-develop] EJBCA-ce-6.3.2.6 upgrade - No token error > > > Hi, > > The reason is that you are using an old Crypto Token type which is not > supported anymore. The old org.ejbca.core.model.ca.catoken.LunaCAToken > is not valid anymore. You need to migrate to using the generic PKCS#11 > CA token. I think these are sections about this in the old > documentation. Sometime during EJBCA 4 we deprecated the old token types > and recommended switching over to PKCS#11 tokens. > > Regards, > Tomas > --- > Save time and money with an Enterprise support subscription. Please see > www.primekey.com for more information. > https://www.primekey.com/products/software/ > > On 2018-05-29 19:50, Mehul Chhayani wrote: >> Hello EJBCA Team, >> >> I was trying to upgrade EJBCA_CE_6.3.2.6 from Ejbca_4_0_16 on top of >> jboss-5.1.0 GA with oracle-jdk-1.6, deploy-upgrade was done successfully >> , no error while deploying through ANT-1.8.3.However when I started >> jboos with some following error that no token and ejbtimeout, at the end >> jboss started successfully with some errors, You can access ejbca UI but >> u cannot hit adminweb it complaining some jsp file with >> nullpointerexception. Can you please advise on that? If you want I will >> provide full jboss log. Thanks in advance. >> >> *15:56:44,255 ERROR [CryptoTokenFactory] No token. >> Classpath=org.ejbca.core.model.ca.catoken.LunaCAToken* >> 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use >> InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry >> should be used via the bean container >> 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use >> InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry >> should be used via the bean container >> *15:56:44,301 ERROR [TimerImpl] Error invoking ejbTimeout* >> *javax.ejb.EJBException: java.lang.NullPointerException* >> at >> org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:77) >> at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83) >> at >> org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176) >> at >> org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216) >> at >> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) >> at >> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) >> at com.sun.proxy.$Proxy341.mergeCryptoToken(Unknown Source) >> at >> org.cesecore.certificates.ca.CaSessionBean.adhocUpgradeFrom50(CaSessionBean.java:821) >> at >> org.cesecore.certificates.ca.CaSessionBean.upgradeAndMergeToDatabase(CaSessionBean.java:721) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCAData(CaSessionBean.java:586) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCa(CaSessionBean.java:671) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCAInternal(CaSessionBean.java:531) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCAInfoInternal(CaSessionBean.java:334) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) >> at >> org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) >> at >> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) >> at >> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) >> at >> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_18362751.invoke(InvocationContextInterceptor_z_fillMethod_18362751.java) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) >> at >> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_18362751.invoke(InvocationContextInterceptor_z_setup_18362751.java) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) >> >> >> >> >> *17:40:47,957 INFO [Log4jDevice] 2018-05-29 >> 17:40:47+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=**x.x.x.x* >> 17:40:48,090 ERROR [jsp] >> java.lang.NullPointerException >> >> >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> >> >> >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Mehul C. <chh...@ec...> - 2018-05-30 16:31:47
|
Hello Tomas,
Its working on old ejbca-4.0.16 and we did not change any keystore keys or catoken.properties file. But when we are hitting that giving jsp error, can you please tell us what it is causing an error. Or We should compile new ejbca with upgrade jboss or jdk.
16:16:16,239 INFO [Log4jDevice] 2018-05-30 16:16:16+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=172.40.40.127
16:16:16,367 ERROR [jsp]
java.lang.NullPointerException
at org.cesecore.authentication.tokens.X509CertificateAuthenticationToken.matchTokenType(X509CertificateAuthenticationToken.java:305)
at org.cesecore.authorization.access.AccessTreeNode.findPreferredRule(AccessTreeNode.java:259)
at org.cesecore.authorization.access.AccessTreeNode.isAuthorizedRecursive(AccessTreeNode.java:139)
at org.cesecore.authorization.access.AccessTreeNode.isAuthorizedRecursive(AccessTreeNode.java:192)
at org.cesecore.authorization.access.AccessTreeNode.isAuthorized(AccessTreeNode.java:115)
at org.cesecore.authorization.access.AccessTree.isAuthorized(AccessTree.java:86)
at org.cesecore.authorization.control.AccessControlSessionBean.isAuthorized(AccessControlSessionBean.java:86)
at org.cesecore.authorization.control.AccessControlSessionBean.isAuthorized(AccessControlSessionBean.java:136)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111)
at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69)
at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73)
at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59)
at sun.reflect.GeneratedMethodAccessor323.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72)
at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_9560387.invoke(InvocationContextInterceptor_z_fillMethod_9560387.java)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88)
at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_9560387.invoke(InvocationContextInterceptor_z_setup_9560387.java)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.aspects.tx.TxPolicy.invokeInNoTx(TxPolicy.java:66)
at org.jboss.aspects.tx.TxInterceptor$Supports.invoke(TxInterceptor.java:143)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176)
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216)
at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207)
at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164)
at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207)
at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164)
at com.sun.proxy.$Proxy370.isAuthorized(Unknown Source)
at org.ejbca.ui.web.admin.configuration.EjbcaWebBean.initialize(EjbcaWebBean.java:238)
at org.apache.jsp.index_jsp._jspService(index_jsp.java:83)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:369)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:322)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:249)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:198)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.ejbca.ui.web.admin.ProxiedAuthenticationFilter.doFilter(ProxiedAuthenticationFilter.java:109)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:662)
-------
Thank you,
Mehul Chhayani | Deployment Specialist
chh...@ec...
T:416-226-8600 EXT-246
-----Original Message-----
From: Tomas Gustavsson [mailto:to...@pr...]
Sent: Wednesday, May 30, 2018 3:15 AM
To: ejb...@li...
Cc: Randy Yu; Mehul Chhayani
Subject: Re: [Ejbca-develop] EJBCA-ce-6.3.2.6 upgrade - No token error
Hi,
The reason is that you are using an old Crypto Token type which is not
supported anymore. The old org.ejbca.core.model.ca.catoken.LunaCAToken
is not valid anymore. You need to migrate to using the generic PKCS#11
CA token. I think these are sections about this in the old
documentation. Sometime during EJBCA 4 we deprecated the old token types
and recommended switching over to PKCS#11 tokens.
Regards,
Tomas
---
Save time and money with an Enterprise support subscription. Please see
www.primekey.com for more information.
https://www.primekey.com/products/software/
On 2018-05-29 19:50, Mehul Chhayani wrote:
> Hello EJBCA Team,
>
> I was trying to upgrade EJBCA_CE_6.3.2.6 from Ejbca_4_0_16 on top of
> jboss-5.1.0 GA with oracle-jdk-1.6, deploy-upgrade was done successfully
> , no error while deploying through ANT-1.8.3.However when I started
> jboos with some following error that no token and ejbtimeout, at the end
> jboss started successfully with some errors, You can access ejbca UI but
> u cannot hit adminweb it complaining some jsp file with
> nullpointerexception. Can you please advise on that? If you want I will
> provide full jboss log. Thanks in advance.
>
> *15:56:44,255 ERROR [CryptoTokenFactory] No token.
> Classpath=org.ejbca.core.model.ca.catoken.LunaCAToken*
> 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use
> InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry
> should be used via the bean container
> 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use
> InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry
> should be used via the bean container
> *15:56:44,301 ERROR [TimerImpl] Error invoking ejbTimeout*
> *javax.ejb.EJBException: java.lang.NullPointerException*
> at
> org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:77)
> at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83)
> at
> org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176)
> at
> org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216)
> at
> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207)
> at
> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164)
> at com.sun.proxy.$Proxy341.mergeCryptoToken(Unknown Source)
> at
> org.cesecore.certificates.ca.CaSessionBean.adhocUpgradeFrom50(CaSessionBean.java:821)
> at
> org.cesecore.certificates.ca.CaSessionBean.upgradeAndMergeToDatabase(CaSessionBean.java:721)
> at
> org.cesecore.certificates.ca.CaSessionBean.getCAData(CaSessionBean.java:586)
> at
> org.cesecore.certificates.ca.CaSessionBean.getCa(CaSessionBean.java:671)
> at
> org.cesecore.certificates.ca.CaSessionBean.getCAInternal(CaSessionBean.java:531)
> at
> org.cesecore.certificates.ca.CaSessionBean.getCAInfoInternal(CaSessionBean.java:334)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111)
> at
> org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69)
> at
> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73)
> at
> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at
> org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72)
> at
> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_18362751.invoke(InvocationContextInterceptor_z_fillMethod_18362751.java)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88)
> at
> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_18362751.invoke(InvocationContextInterceptor_z_setup_18362751.java)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56)
> at
> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
> at
> org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47)
>
>
>
>
> *17:40:47,957 INFO [Log4jDevice] 2018-05-29
> 17:40:47+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=**x.x.x.x*
> 17:40:48,090 ERROR [jsp]
> java.lang.NullPointerException
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
>
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
|
|
From: Tomas G. <to...@pr...> - 2018-05-30 16:22:45
|
Hi, Sorry, I donät understand that question. Can you elaborate a little bit what you have done? In the previous answer, you should migrate to a PKCS#11 CA token, still in your EJBCA 4, before upgrading to EJBCA 6. Regards, Tomas On 2018-05-30 18:17, Mehul Chhayani wrote: > Hello Tomas, > > Its working on old ejbca-4.0.16 and we did not change any keystore keys or catoken.properties file. But when we are hitting that giving jsp error, can you please tell us what it is causing an error. Or We should compile new ejbca with upgrade jboss or jdk. > > > 16:16:16,239 INFO [Log4jDevice] 2018-05-30 16:16:16+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=172.40.40.127 > 16:16:16,367 ERROR [jsp] > java.lang.NullPointerException > at org.cesecore.authentication.tokens.X509CertificateAuthenticationToken.matchTokenType(X509CertificateAuthenticationToken.java:305) > at org.cesecore.authorization.access.AccessTreeNode.findPreferredRule(AccessTreeNode.java:259) > at org.cesecore.authorization.access.AccessTreeNode.isAuthorizedRecursive(AccessTreeNode.java:139) > at org.cesecore.authorization.access.AccessTreeNode.isAuthorizedRecursive(AccessTreeNode.java:192) > at org.cesecore.authorization.access.AccessTreeNode.isAuthorized(AccessTreeNode.java:115) > at org.cesecore.authorization.access.AccessTree.isAuthorized(AccessTree.java:86) > at org.cesecore.authorization.control.AccessControlSessionBean.isAuthorized(AccessControlSessionBean.java:86) > at org.cesecore.authorization.control.AccessControlSessionBean.isAuthorized(AccessControlSessionBean.java:136) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > at sun.reflect.GeneratedMethodAccessor323.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_9560387.invoke(InvocationContextInterceptor_z_fillMethod_9560387.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_9560387.invoke(InvocationContextInterceptor_z_setup_9560387.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPolicy.invokeInNoTx(TxPolicy.java:66) > at org.jboss.aspects.tx.TxInterceptor$Supports.invoke(TxInterceptor.java:143) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176) > at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) > at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) > at com.sun.proxy.$Proxy370.isAuthorized(Unknown Source) > at org.ejbca.ui.web.admin.configuration.EjbcaWebBean.initialize(EjbcaWebBean.java:238) > at org.apache.jsp.index_jsp._jspService(index_jsp.java:83) > at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:369) > at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:322) > at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:249) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:198) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.ejbca.ui.web.admin.ProxiedAuthenticationFilter.doFilter(ProxiedAuthenticationFilter.java:109) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433) > at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > at java.lang.Thread.run(Thread.java:662) > > > > > ------- > Thank you, > Mehul Chhayani | Deployment Specialist > chh...@ec... > T:416-226-8600 EXT-246 > > -----Original Message----- > From: Tomas Gustavsson [mailto:to...@pr...] > Sent: Wednesday, May 30, 2018 3:15 AM > To: ejb...@li... > Cc: Randy Yu; Mehul Chhayani > Subject: Re: [Ejbca-develop] EJBCA-ce-6.3.2.6 upgrade - No token error > > > Hi, > > The reason is that you are using an old Crypto Token type which is not > supported anymore. The old org.ejbca.core.model.ca.catoken.LunaCAToken > is not valid anymore. You need to migrate to using the generic PKCS#11 > CA token. I think these are sections about this in the old > documentation. Sometime during EJBCA 4 we deprecated the old token types > and recommended switching over to PKCS#11 tokens. > > Regards, > Tomas > --- > Save time and money with an Enterprise support subscription. Please see > www.primekey.com for more information. > https://www.primekey.com/products/software/ > > On 2018-05-29 19:50, Mehul Chhayani wrote: >> Hello EJBCA Team, >> >> I was trying to upgrade EJBCA_CE_6.3.2.6 from Ejbca_4_0_16 on top of >> jboss-5.1.0 GA with oracle-jdk-1.6, deploy-upgrade was done successfully >> , no error while deploying through ANT-1.8.3.However when I started >> jboos with some following error that no token and ejbtimeout, at the end >> jboss started successfully with some errors, You can access ejbca UI but >> u cannot hit adminweb it complaining some jsp file with >> nullpointerexception. Can you please advise on that? If you want I will >> provide full jboss log. Thanks in advance. >> >> *15:56:44,255 ERROR [CryptoTokenFactory] No token. >> Classpath=org.ejbca.core.model.ca.catoken.LunaCAToken* >> 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use >> InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry >> should be used via the bean container >> 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use >> InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry >> should be used via the bean container >> *15:56:44,301 ERROR [TimerImpl] Error invoking ejbTimeout* >> *javax.ejb.EJBException: java.lang.NullPointerException* >> at >> org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:77) >> at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83) >> at >> org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176) >> at >> org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216) >> at >> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) >> at >> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) >> at com.sun.proxy.$Proxy341.mergeCryptoToken(Unknown Source) >> at >> org.cesecore.certificates.ca.CaSessionBean.adhocUpgradeFrom50(CaSessionBean.java:821) >> at >> org.cesecore.certificates.ca.CaSessionBean.upgradeAndMergeToDatabase(CaSessionBean.java:721) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCAData(CaSessionBean.java:586) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCa(CaSessionBean.java:671) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCAInternal(CaSessionBean.java:531) >> at >> org.cesecore.certificates.ca.CaSessionBean.getCAInfoInternal(CaSessionBean.java:334) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) >> at >> org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) >> at >> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) >> at >> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) >> at >> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_18362751.invoke(InvocationContextInterceptor_z_fillMethod_18362751.java) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) >> at >> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_18362751.invoke(InvocationContextInterceptor_z_setup_18362751.java) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) >> at >> org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) >> at >> org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) >> >> >> >> >> *17:40:47,957 INFO [Log4jDevice] 2018-05-29 >> 17:40:47+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=**x.x.x.x* >> 17:40:48,090 ERROR [jsp] >> java.lang.NullPointerException >> >> >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> >> >> >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> |
|
From: Tomas G. <to...@pr...> - 2018-05-30 07:34:55
|
Hi, The reason is that you are using an old Crypto Token type which is not supported anymore. The old org.ejbca.core.model.ca.catoken.LunaCAToken is not valid anymore. You need to migrate to using the generic PKCS#11 CA token. I think these are sections about this in the old documentation. Sometime during EJBCA 4 we deprecated the old token types and recommended switching over to PKCS#11 tokens. Regards, Tomas --- Save time and money with an Enterprise support subscription. Please see www.primekey.com for more information. https://www.primekey.com/products/software/ On 2018-05-29 19:50, Mehul Chhayani wrote: > Hello EJBCA Team, > > I was trying to upgrade EJBCA_CE_6.3.2.6 from Ejbca_4_0_16 on top of > jboss-5.1.0 GA with oracle-jdk-1.6, deploy-upgrade was done successfully > , no error while deploying through ANT-1.8.3.However when I started > jboos with some following error that no token and ejbtimeout, at the end > jboss started successfully with some errors, You can access ejbca UI but > u cannot hit adminweb it complaining some jsp file with > nullpointerexception. Can you please advise on that? If you want I will > provide full jboss log. Thanks in advance. > > *15:56:44,255 ERROR [CryptoTokenFactory] No token. > Classpath=org.ejbca.core.model.ca.catoken.LunaCAToken* > 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use > InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry > should be used via the bean container > 15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use > InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry > should be used via the bean container > *15:56:44,301 ERROR [TimerImpl] Error invoking ejbTimeout* > *javax.ejb.EJBException: java.lang.NullPointerException* > at > org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:77) > at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83) > at > org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176) > at > org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216) > at > org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207) > at > org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164) > at com.sun.proxy.$Proxy341.mergeCryptoToken(Unknown Source) > at > org.cesecore.certificates.ca.CaSessionBean.adhocUpgradeFrom50(CaSessionBean.java:821) > at > org.cesecore.certificates.ca.CaSessionBean.upgradeAndMergeToDatabase(CaSessionBean.java:721) > at > org.cesecore.certificates.ca.CaSessionBean.getCAData(CaSessionBean.java:586) > at > org.cesecore.certificates.ca.CaSessionBean.getCa(CaSessionBean.java:671) > at > org.cesecore.certificates.ca.CaSessionBean.getCAInternal(CaSessionBean.java:531) > at > org.cesecore.certificates.ca.CaSessionBean.getCAInfoInternal(CaSessionBean.java:334) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > at > org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > at > org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > at > org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > at > org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_18362751.invoke(InvocationContextInterceptor_z_fillMethod_18362751.java) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > at > org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_18362751.invoke(InvocationContextInterceptor_z_setup_18362751.java) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at > org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > > > > > *17:40:47,957 INFO [Log4jDevice] 2018-05-29 > 17:40:47+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=**x.x.x.x* > 17:40:48,090 ERROR [jsp] > java.lang.NullPointerException > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Mehul C. <chh...@ec...> - 2018-05-29 18:06:11
|
Hello EJBCA Team,
I was trying to upgrade EJBCA_CE_6.3.2.6 from Ejbca_4_0_16 on top of jboss-5.1.0 GA with oracle-jdk-1.6, deploy-upgrade was done successfully , no error while deploying through ANT-1.8.3.However when I started jboos with some following error that no token and ejbtimeout, at the end jboss started successfully with some errors, You can access ejbca UI but u cannot hit adminweb it complaining some jsp file with nullpointerexception. Can you please advise on that? If you want I will provide full jboss log. Thanks in advance.
15:56:44,255 ERROR [CryptoTokenFactory] No token. Classpath=org.ejbca.core.model.ca.catoken.LunaCAToken
15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry should be used via the bean container
15:56:44,264 WARN [InterceptorsFactory] EJBTHREE-1246: Do not use InterceptorsFactory with a ManagedObjectAdvisor, InterceptorRegistry should be used via the bean container
15:56:44,301 ERROR [TimerImpl] Error invoking ejbTimeout
javax.ejb.EJBException: java.lang.NullPointerException
at org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:77)
at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83)
at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:176)
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:216)
at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:207)
at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:164)
at com.sun.proxy.$Proxy341.mergeCryptoToken(Unknown Source)
at org.cesecore.certificates.ca.CaSessionBean.adhocUpgradeFrom50(CaSessionBean.java:821)
at org.cesecore.certificates.ca.CaSessionBean.upgradeAndMergeToDatabase(CaSessionBean.java:721)
at org.cesecore.certificates.ca.CaSessionBean.getCAData(CaSessionBean.java:586)
at org.cesecore.certificates.ca.CaSessionBean.getCa(CaSessionBean.java:671)
at org.cesecore.certificates.ca.CaSessionBean.getCAInternal(CaSessionBean.java:531)
at org.cesecore.certificates.ca.CaSessionBean.getCAInfoInternal(CaSessionBean.java:334)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111)
at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69)
at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73)
at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72)
at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_18362751.invoke(InvocationContextInterceptor_z_fillMethod_18362751.java)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88)
at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_18362751.invoke(InvocationContextInterceptor_z_setup_18362751.java)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47)
17:40:47,957 INFO [Log4jDevice] 2018-05-29 17:40:47+00:00;ADMINWEB_ADMINISTRATORLOGGEDIN;SUCCESS;ADMINWEB;EJBCA;CN=SuperAdmin;-1146543808;4773512E610C2691;;remoteip=x.x.x.x
17:40:48,090 ERROR [jsp]
java.lang.NullPointerException
|
|
From: Tomas G. <to...@pr...> - 2018-04-09 10:15:50
|
Hi, I believe this was posted in the forum as well right? I think you got some answers there. Cheers, Tomas On 2018-04-02 18:06, Mehul Chhayani wrote: > Hello Guys, > > I am upgrading ejbca_4_0_16 to ejbca_ce_6_3_2_6 for production linux > environment. I did following steps that mentioning on ejbca and > sourceforge website. I have also copying older ejbca.properties, > cesecore.properties to conf/cesecore.properties, ejbca.properties, > however it was throwing an error your JBoss is up and running which is > running find on environment and it is not creating ejbca.ear file to > /opt/jboss-as-7.1.1.Final/standalone/deployments/ejbca.ear (default > location). Please advise me in this case to resolving issue and correct > way to upgrade ejbca. Any help that would appreciated. > > ant deploy > ant deploy-keystore > ant deploy web-configue > ant upgrade > > *old ejbca environment * > ejbca -> ejbca_4_0_16 > ant -> apache-ant-1.8.3 > java -> jdk1.6.0_45 > jboss -> jboss-5.1.0.GA > > upgrading environment > ejbca -> ejbca_ce_6_3_2_6 > ant -> apache-ant-1.8.3 > java -> jdk1.7.0_80 > jboss -> jboss-as-7.1.1.Final > > *_http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html_* > *_http://www.ejbca.org/docs/installation.html#Install_* > *_https://sourceforge.net/p/ejbca/discussion/123123/thread/a08b4cee/_* > > *netstat -tunap | grep java* > *tcp 0 0 172.20.20.180:4447 > 0.0.0.0:* LISTEN 11604/java * > *tcp 0 0 172.20.20.180:9990 > 0.0.0.0:* LISTEN 11604/java * > *tcp 0 0 172.20.20.180:9999 > 0.0.0.0:* LISTEN 11604/java * > *tcp 0 0 172.20.20.180:8080 > 0.0.0.0:* LISTEN 11604/java * > > > customejbca.message: > > appserver.error.message: > > va_replacings_in_application.xml: > [echo] Enabled module status.war > [echo] Disabled module certstore.war > [echo] Disabled module crlstore.war > > customejbca.message: > > appserver.error.message: > > plugin-bootstrap-build: > [ear] Building ear: /opt/ejbca_ce_6_3_2_6/dist/ejbca.ear > > customejbca.message: > > appserver.error.message: > > websphere-specials: > > customejbca.message: > > appserver.error.message: > > signjar: > [echo] Specify -Dsignjar.keystore=/path/keystore.jks if you want to > sign the release. > > customejbca.message: > > appserver.error.message: > > signjar.internal: > > build: > > inputDatabasePassword: > [input] skipping input as property database.password has already > been set. > > deploy: > > customejbca.message: > > appserver.error.message: > > jee:undeployJBoss7: > [exec] Result: 1 > > jee:undeploy: > > set-paths-jboss7: > > set-paths-not-jboss7: > > set-paths: > > jee:deployServicesJBoss5: > > jee:assert-runJBoss7: > [echo] Checking if JBoss is up and running... > [echo] Waiting (up to 30 seconds in total) for the application > server to become ready for the next step... > [exec] Result: 1 > > *BUILD FAILED* > */opt/ejbca_ce_6_3_2_6/build.xml:696: The following error occurred while > executing this line:* > */opt/ejbca_ce_6_3_2_6/bin/jboss.xml:429: The requested action requires > that JBoss is up and running.* > > Total time: 1 minute 33 seconds > > > ------- > Thank you, > Mehul Chhayani | Deployment Specialist > _chhayani@echoworx.com_ <mailto:chh...@ec...> > T:416-226-8600 EXT-246 > > > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Mehul C. <chh...@ec...> - 2018-04-02 16:21:36
|
Hello Guys, I am upgrading ejbca_4_0_16 to ejbca_ce_6_3_2_6 for production linux environment. I did following steps that mentioning on ejbca and sourceforge website. I have also copying older ejbca.properties, cesecore.properties to conf/cesecore.properties, ejbca.properties, however it was throwing an error your JBoss is up and running which is running find on environment and it is not creating ejbca.ear file to /opt/jboss-as-7.1.1.Final/standalone/deployments/ejbca.ear (default location). Please advise me in this case to resolving issue and correct way to upgrade ejbca. Any help that would appreciated. ant deploy ant deploy-keystore ant deploy web-configue ant upgrade old ejbca environment ejbca -> ejbca_4_0_16 ant -> apache-ant-1.8.3 java -> jdk1.6.0_45 jboss -> jboss-5.1.0.GA upgrading environment ejbca -> ejbca_ce_6_3_2_6 ant -> apache-ant-1.8.3 java -> jdk1.7.0_80 jboss -> jboss-as-7.1.1.Final http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html http://www.ejbca.org/docs/installation.html#Install https://sourceforge.net/p/ejbca/discussion/123123/thread/a08b4cee/ netstat -tunap | grep java tcp 0 0 172.20.20.180:4447 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:9990 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:9999 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:8080 0.0.0.0:* LISTEN 11604/java customejbca.message: appserver.error.message: va_replacings_in_application.xml: [echo] Enabled module status.war [echo] Disabled module certstore.war [echo] Disabled module crlstore.war customejbca.message: appserver.error.message: plugin-bootstrap-build: [ear] Building ear: /opt/ejbca_ce_6_3_2_6/dist/ejbca.ear customejbca.message: appserver.error.message: websphere-specials: customejbca.message: appserver.error.message: signjar: [echo] Specify -Dsignjar.keystore=/path/keystore.jks if you want to sign the release. customejbca.message: appserver.error.message: signjar.internal: build: inputDatabasePassword: [input] skipping input as property database.password has already been set. deploy: customejbca.message: appserver.error.message: jee:undeployJBoss7: [exec] Result: 1 jee:undeploy: set-paths-jboss7: set-paths-not-jboss7: set-paths: jee:deployServicesJBoss5: jee:assert-runJBoss7: [echo] Checking if JBoss is up and running... [echo] Waiting (up to 30 seconds in total) for the application server to become ready for the next step... [exec] Result: 1 BUILD FAILED /opt/ejbca_ce_6_3_2_6/build.xml:696: The following error occurred while executing this line: /opt/ejbca_ce_6_3_2_6/bin/jboss.xml:429: The requested action requires that JBoss is up and running. Total time: 1 minute 33 seconds ------- Thank you, Mehul Chhayani | Deployment Specialist chh...@ec...<mailto:chh...@ec...> T:416-226-8600 EXT-246 |
|
From: Mehul C. <chh...@ec...> - 2018-03-27 20:00:53
|
Hello Guys, I am upgrading ejbca_4_0_16 to ejbca_ce_6_3_2_6 for production linux environment. I did following steps that mentioning on ejbca and sourceforge website. I have also copying older ejbca.properties, cesecore.properties to conf/cesecore.properties, ejbca.properties, however it was throwing an error your JBoss is up and running which is running find on environment and it is not creating ejbca.ear file to /opt/jboss-as-7.1.1.Final/standalone/deployments/ejbca.ear (default location). Please advice me in this case to resolving issue and correct way to upgrade ejbca. ant deploy ant deploy-keystore ant deploy web-configue ant upgrade old ejbca environment ejbca -> ejbca_4_0_16 ant -> apache-ant-1.8.3 java -> jdk1.6.0_45 jboss -> jboss-5.1.0.GA upgrading environment ejbca -> ejbca_ce_6_3_2_6 ant -> apache-ant-1.8.3 java -> jdk1.7.0_80 jboss -> jboss-as-7.1.1.Final http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html http://www.ejbca.org/docs/installation.html#Install https://sourceforge.net/p/ejbca/discussion/123123/thread/a08b4cee/ netstat -tunap | grep java tcp 0 0 172.20.20.180:4447 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:9990 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:9999 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:8080 0.0.0.0:* LISTEN 11604/java customejbca.message: appserver.error.message: va_replacings_in_application.xml: [echo] Enabled module status.war [echo] Disabled module certstore.war [echo] Disabled module crlstore.war customejbca.message: appserver.error.message: plugin-bootstrap-build: [ear] Building ear: /opt/ejbca_ce_6_3_2_6/dist/ejbca.ear customejbca.message: appserver.error.message: websphere-specials: customejbca.message: appserver.error.message: signjar: [echo] Specify -Dsignjar.keystore=/path/keystore.jks if you want to sign the release. customejbca.message: appserver.error.message: signjar.internal: build: inputDatabasePassword: [input] skipping input as property database.password has already been set. deploy: customejbca.message: appserver.error.message: jee:undeployJBoss7: [exec] Result: 1 jee:undeploy: set-paths-jboss7: set-paths-not-jboss7: set-paths: jee:deployServicesJBoss5: jee:assert-runJBoss7: [echo] Checking if JBoss is up and running... [echo] Waiting (up to 30 seconds in total) for the application server to become ready for the next step... [exec] Result: 1 BUILD FAILED /opt/ejbca_ce_6_3_2_6/build.xml:696: The following error occurred while executing this line: /opt/ejbca_ce_6_3_2_6/bin/jboss.xml:429: The requested action requires that JBoss is up and running. Total time: 1 minute 33 seconds ------- Thank you, Mehul Chhayani | Deployment Specialist chh...@ec... T:416-226-8600 EXT-246 |
|
From: Mehul C. <chh...@ec...> - 2018-03-27 19:58:05
|
Hello Guys, I am upgrading ejbca_4_0_16 to ejbca_ce_6_3_2_6 for production linux environment. I did following steps that mentioning on ejbca and sourceforge website. I have also copying older ejbca.properties, cesecore.properties to conf/cesecore.properties, ejbca.properties, however it was throwing an error your JBoss is up and running which is running find on environment and it is not creating ejbca.ear file to /opt/jboss-as-7.1.1.Final/standalone/deployments/ejbca.ear (default location). Please advice me in this case to resolving issue and correct way to upgrade ejbca. ant deploy ant deploy-keystore ant deploy web-configue ant upgrade old ejbca environment ejbca -> ejbca_4_0_16 ant -> apache-ant-1.8.3 java -> jdk1.6.0_45 jboss -> jboss-5.1.0.GA upgrading environment ejbca -> ejbca_ce_6_3_2_6 ant -> apache-ant-1.8.3 java -> jdk1.7.0_80 jboss -> jboss-as-7.1.1.Final http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html http://www.ejbca.org/docs/installation.html#Install https://sourceforge.net/p/ejbca/discussion/123123/thread/a08b4cee/ netstat -tunap | grep java tcp 0 0 172.20.20.180:4447 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:9990 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:9999 0.0.0.0:* LISTEN 11604/java tcp 0 0 172.20.20.180:8080 0.0.0.0:* LISTEN 11604/java customejbca.message: appserver.error.message: va_replacings_in_application.xml: [echo] Enabled module status.war [echo] Disabled module certstore.war [echo] Disabled module crlstore.war customejbca.message: appserver.error.message: plugin-bootstrap-build: [ear] Building ear: /opt/ejbca_ce_6_3_2_6/dist/ejbca.ear customejbca.message: appserver.error.message: websphere-specials: customejbca.message: appserver.error.message: signjar: [echo] Specify -Dsignjar.keystore=/path/keystore.jks if you want to sign the release. customejbca.message: appserver.error.message: signjar.internal: build: inputDatabasePassword: [input] skipping input as property database.password has already been set. deploy: customejbca.message: appserver.error.message: jee:undeployJBoss7: [exec] Result: 1 jee:undeploy: set-paths-jboss7: set-paths-not-jboss7: set-paths: jee:deployServicesJBoss5: jee:assert-runJBoss7: [echo] Checking if JBoss is up and running... [echo] Waiting (up to 30 seconds in total) for the application server to become ready for the next step... [exec] Result: 1 BUILD FAILED /opt/ejbca_ce_6_3_2_6/build.xml:696: The following error occurred while executing this line: /opt/ejbca_ce_6_3_2_6/bin/jboss.xml:429: The requested action requires that JBoss is up and running. Total time: 1 minute 33 seconds ------- Thank you, Mehul Chhayani | Deployment Specialist chh...@ec...<mailto:chh...@ec...> T:416-226-8600 EXT-246 |
|
From: Tomas G. <to...@pr...> - 2018-03-05 09:55:27
|
Hi,
I have changed that to sha1sum in the script included in EJBCA. Didn't I
create an issue for that on github? 128 bytes pwd is excessive, and
perhaps I ran into the same issue, don't remember now.
For a one-time password 40 characters password is plenty enough imho, so
sha1sum is fine.
Cheers,
Tomas
On 2018-03-04 15:54, Christian Felsing via Ejbca-develop wrote:
> Tomas,
>
> all configurable passwords are created by that snippet:
>
> pwgen() {
> NEW_PASSWORD=$(dd if=/dev/urandom bs=1 count=64 2> /dev/null |
> sha512sum | awk '{print $1}' | tr -d "\n")
> if [ -z "$NEW_PASSWORD" ]; then
> echo "Created empty password - very bad"
> exit 1
> fi
> echo -n "${NEW_PASSWORD}"
> }
>
> keystorepass=$(pwgen)
> truststorepass=$(pwgen)
> httpsserver_password=$(pwgen)
> cmskeystorepass=$(pwgen)
>
>
> at least sha512sum ends up with a password of 128 bytes. For complete
> script, see https://github.com/ip6li/ejbca-setup which is also enclosed
> in EJBCA itself. In EJBCA enclosed script is for EJBCA 6_5.0.5
> (bin/extra/ejbca-setup.sh).
>
> Complete error message which occurs at phase ant runinstall:
>
> [java] Caused by: java.sql.SQLException: Data too long for column
> 'clearPassword' at row 1
> [java] Query is: update UserData set cAId=?, cardNumber=?,
> certificateProfileId=?, clearPassword=?, endEntityProfileId=?,
> hardTokenIssuerId=?, keyStorePassword=?, passwordHash=?, rowVersion=?,
> status=?, subjectAltName=?, subjectDN=?, subjectEmail=?, timeCreated=?,
> timeModified=?, tokenType=?, type=?, extendedInformationData=?,
> rowProtection=? where username=? and rowVersion=?, parameters
> [1402720174,<null>,9,'OBF:185b1j6b1i291jkl1awr194y1sor19xc1k191s3g1irx1
> 9xg1san1j631igh1svw18jj1idp1iz018xp1a4h1kff1apq1hzj1awv19xg19q11j8x19c5
> 1t331j8z1rpc1ikq1ju81irz1iz21bi61ink19j21a4n1iut1i9a18jl1j1u1ail19bz1ap
> w19xg1idt1igj19xg1sho1s3k1abc1k171j8t1jro1jdg185b19q51ju41iur1jrm1jn11j
> kh1ju41irv1jrm19q9185b1jfu1ju21j691jyr1abq1s3i1shu19x61idn1igd19x61apm1
> 9bz1aip1iz018jh1i6o1irt1a4719j41iku1bi81j1s1iun1jri1ino1rpa1j631t3319bt
> 1j6519qd19x61awv1i271aps1kcz1a4d18xt1j1u1igh18jj1sw21idp1j8z1san19x61iu
> p1s3m1jyp19xa1soz194s1awz1jmx1hzh1j8r185b',1,0,<null>,'$2a$01$NZXr1YAF9
> b01pfDzgp1j2O5K2JDQq0OfzfXpBrwEwInJVhj0qYLyi',1,10,'dnsName=ejbca.examp
> le.com',...
>
> Same happens with smaller passwords.
>
> Christian
>
>
>
> Am Sonntag, den 04.03.2018, 13:06 +0100 schrieb Tomas Gustavsson:
>> Hm, sounds more that it's something with the script. Using a password
>> longer than 250 characters sounds really excessive to me. What in the
>> script generates such a long password?
>>
>> When does the error occur?
>>
>> Do you use the script provided with EJBCA, or some external version?
>>
>> Regards,
>> Tomas
>>
>>
>> On March 4, 2018 11:53:04 AM GMT+01:00, Christian Felsing via Ejbca-
>> develop <ejb...@li...> wrote:
>>> Hello,
>>>
>>> while testing ejbca-setup with 6.10.1.2 following problem occurs
>>> while
>>> install process:
>>>
>>> Data too long for column 'clearPassword' at row 1
>>>
>>> which is caused by a SQL declaration for clearPassword with a
>>> length of
>>> 250. Wildfly log shows a real length of 517. For now a very nasty
>>> hack
>>> in ejbca-setup fixes that:
>>>
>>> doPatch() {
>>> if [ $EJBCA_RELEASE == "6_10_1_2" ]; then
>>> cd ejbca || exit 1
>>> sed -i.bak 's/<basic fetch="EAGER" name="clearPassword"><column
>>> name="clearPassword" column-definition="VARCHAR(250)
>>> BINARY"\/><\/basic>/<basic fetch="EAGER"
>>> name="clearPassword"><column
>>> name="clearPassword" column-definition="VARCHAR(1000)
>>> BINARY"\/><\/basic>/g' modules/ejbca-entity/resources/orm-ejbca-
>>> mysql.xml || exit 1
>>> echo "patch for 6_10_1_2 applied"
>>> cd ..
>>> fi
>>> }
>>>
>>>
>>> Christian
>>>
>>>
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>
>>> Ejbca-develop mailing list
>>> Ejb...@li...
>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
|
|
From: Tomas G. <to...@pr...> - 2018-03-04 15:50:15
|
Hm, sounds more that it's something with the script. Using a password longer than 250 characters sounds really excessive to me. What in the script generates such a long password?
When does the error occur?
Do you use the script provided with EJBCA, or some external version?
Regards,
Tomas
On March 4, 2018 11:53:04 AM GMT+01:00, Christian Felsing via Ejbca-develop <ejb...@li...> wrote:
>Hello,
>
>while testing ejbca-setup with 6.10.1.2 following problem occurs while
>install process:
>
>Data too long for column 'clearPassword' at row 1
>
>which is caused by a SQL declaration for clearPassword with a length of
>250. Wildfly log shows a real length of 517. For now a very nasty hack
>in ejbca-setup fixes that:
>
>doPatch() {
> if [ $EJBCA_RELEASE == "6_10_1_2" ]; then
> cd ejbca || exit 1
> sed -i.bak 's/<basic fetch="EAGER" name="clearPassword"><column
>name="clearPassword" column-definition="VARCHAR(250)
>BINARY"\/><\/basic>/<basic fetch="EAGER" name="clearPassword"><column
>name="clearPassword" column-definition="VARCHAR(1000)
>BINARY"\/><\/basic>/g' modules/ejbca-entity/resources/orm-ejbca-
>mysql.xml || exit 1
> echo "patch for 6_10_1_2 applied"
> cd ..
> fi
>}
>
>
>Christian
>
>------------------------------------------------------------------------------
>Check out the vibrant tech community on one of the world's most
>engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>_______________________________________________
>Ejbca-develop mailing list
>Ejb...@li...
>https://lists.sourceforge.net/lists/listinfo/ejbca-develop
|
|
From: Christian F. <pu...@fe...> - 2018-03-04 15:50:09
|
Tomas,
all configurable passwords are created by that snippet:
pwgen() {
NEW_PASSWORD=$(dd if=/dev/urandom bs=1 count=64 2> /dev/null |
sha512sum | awk '{print $1}' | tr -d "\n")
if [ -z "$NEW_PASSWORD" ]; then
echo "Created empty password - very bad"
exit 1
fi
echo -n "${NEW_PASSWORD}"
}
keystorepass=$(pwgen)
truststorepass=$(pwgen)
httpsserver_password=$(pwgen)
cmskeystorepass=$(pwgen)
at least sha512sum ends up with a password of 128 bytes. For complete
script, see https://github.com/ip6li/ejbca-setup which is also enclosed
in EJBCA itself. In EJBCA enclosed script is for EJBCA 6_5.0.5
(bin/extra/ejbca-setup.sh).
Complete error message which occurs at phase ant runinstall:
[java] Caused by: java.sql.SQLException: Data too long for column
'clearPassword' at row 1
[java] Query is: update UserData set cAId=?, cardNumber=?,
certificateProfileId=?, clearPassword=?, endEntityProfileId=?,
hardTokenIssuerId=?, keyStorePassword=?, passwordHash=?, rowVersion=?,
status=?, subjectAltName=?, subjectDN=?, subjectEmail=?, timeCreated=?,
timeModified=?, tokenType=?, type=?, extendedInformationData=?,
rowProtection=? where username=? and rowVersion=?, parameters
[1402720174,<null>,9,'OBF:185b1j6b1i291jkl1awr194y1sor19xc1k191s3g1irx1
9xg1san1j631igh1svw18jj1idp1iz018xp1a4h1kff1apq1hzj1awv19xg19q11j8x19c5
1t331j8z1rpc1ikq1ju81irz1iz21bi61ink19j21a4n1iut1i9a18jl1j1u1ail19bz1ap
w19xg1idt1igj19xg1sho1s3k1abc1k171j8t1jro1jdg185b19q51ju41iur1jrm1jn11j
kh1ju41irv1jrm19q9185b1jfu1ju21j691jyr1abq1s3i1shu19x61idn1igd19x61apm1
9bz1aip1iz018jh1i6o1irt1a4719j41iku1bi81j1s1iun1jri1ino1rpa1j631t3319bt
1j6519qd19x61awv1i271aps1kcz1a4d18xt1j1u1igh18jj1sw21idp1j8z1san19x61iu
p1s3m1jyp19xa1soz194s1awz1jmx1hzh1j8r185b',1,0,<null>,'$2a$01$NZXr1YAF9
b01pfDzgp1j2O5K2JDQq0OfzfXpBrwEwInJVhj0qYLyi',1,10,'dnsName=ejbca.examp
le.com',...
Same happens with smaller passwords.
Christian
Am Sonntag, den 04.03.2018, 13:06 +0100 schrieb Tomas Gustavsson:
> Hm, sounds more that it's something with the script. Using a password
> longer than 250 characters sounds really excessive to me. What in the
> script generates such a long password?
>
> When does the error occur?
>
> Do you use the script provided with EJBCA, or some external version?
>
> Regards,
> Tomas
>
>
> On March 4, 2018 11:53:04 AM GMT+01:00, Christian Felsing via Ejbca-
> develop <ejb...@li...> wrote:
> > Hello,
> >
> > while testing ejbca-setup with 6.10.1.2 following problem occurs
> > while
> > install process:
> >
> > Data too long for column 'clearPassword' at row 1
> >
> > which is caused by a SQL declaration for clearPassword with a
> > length of
> > 250. Wildfly log shows a real length of 517. For now a very nasty
> > hack
> > in ejbca-setup fixes that:
> >
> > doPatch() {
> > if [ $EJBCA_RELEASE == "6_10_1_2" ]; then
> > cd ejbca || exit 1
> > sed -i.bak 's/<basic fetch="EAGER" name="clearPassword"><column
> > name="clearPassword" column-definition="VARCHAR(250)
> > BINARY"\/><\/basic>/<basic fetch="EAGER"
> > name="clearPassword"><column
> > name="clearPassword" column-definition="VARCHAR(1000)
> > BINARY"\/><\/basic>/g' modules/ejbca-entity/resources/orm-ejbca-
> > mysql.xml || exit 1
> > echo "patch for 6_10_1_2 applied"
> > cd ..
> > fi
> > }
> >
> >
> > Christian
> >
> >
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> >
> > Ejbca-develop mailing list
> > Ejb...@li...
> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop
|
|
From: Christian F. <pu...@fe...> - 2018-03-04 10:53:23
|
Hello,
while testing ejbca-setup with 6.10.1.2 following problem occurs while
install process:
Data too long for column 'clearPassword' at row 1
which is caused by a SQL declaration for clearPassword with a length of
250. Wildfly log shows a real length of 517. For now a very nasty hack
in ejbca-setup fixes that:
doPatch() {
if [ $EJBCA_RELEASE == "6_10_1_2" ]; then
cd ejbca || exit 1
sed -i.bak 's/<basic fetch="EAGER" name="clearPassword"><column
name="clearPassword" column-definition="VARCHAR(250)
BINARY"\/><\/basic>/<basic fetch="EAGER" name="clearPassword"><column
name="clearPassword" column-definition="VARCHAR(1000)
BINARY"\/><\/basic>/g' modules/ejbca-entity/resources/orm-ejbca-
mysql.xml || exit 1
echo "patch for 6_10_1_2 applied"
cd ..
fi
}
Christian
|
|
From: Tomas G. <to...@pr...> - 2018-03-01 16:46:43
|
Hi everyone, The EJBCA Team is very pleased to release EJBCA Community 6.10.1.2. This is a major upgrade providing lots of new features as well as many large and small improvements and bugfixes. You can get it directly from the EJBCA homepage <https://www.ejbca.org/>. The absolutely largest user noticeable feature is the introduction of a completely new RA UI, scheduled to deprecate the old Public Web as described here: Roadmap Update EJBCA 7 and what lies in store <http://blog.ejbca.org/2018/02/roadmap-update-ejbca-7-and-what-lies-in.html>. The new RA UI is a major step up of RA capability in EJBCA and is described in depth in a four part blog post series: * Introducing the EJBCA RA, Part 1: Introduction <http://blog.ejbca.org/2017/06/introducing-ejbca-ra-part-1-introduction.html> * Introducing the EJBCA RA, Part 2.1: Migrating from the Public Web <http://blog.ejbca.org/2017/07/introducing-ejbca-ra-part-21-migrating.html> * Introducing the EJBCA RA, Part 2.2: Migrating from the Public Web (continued) <http://blog.ejbca.org/2017/07/introducing-ejbca-ra-part-22-migrating.html> * Introducing the EJBCA RA, Part 3: Architecture of an RA Proxy <http://blog.ejbca.org/2017/10/introducing-ejbca-ra-part-3.html> Apart from this feature there are many other features worth highlighting such as: - Support for Service Name in certificates (RFC 4985 <https://www.ietf.org/rfc/rfc4985.txt>) - Support for XMPP Client certificates (RFC 6120 <https://www.ietf.org/rfc/rfc6120.txt>) - Support for ID on SIM (RFC 4683 <https://www.ietf.org/rfc/rfc4683.txt>) - Support for RegisteredID in the SAN - Functional enhancements to the CMP protocol <https://www.ietf.org/rfc/rfc4210.txt> and CMP aliases, including CMP central key generation - Option to keep revoked expired certificates on CRLs - Fine grained validity period configuration, down to minutes as well as - ability to configure certain days when certificates can not expire - A new ejbca-setup quick setup script <https://www.ejbca.org/docs/installation.html#Quick%20Start%20Guide> for Linux - Ability to limit OIDs that are acceptable in Extension Override - A completely new Role system <https://www.ejbca.org/docs/userguide.html#Administrator%20Roles> that is easier to manage, including role management in the RA UI - A new Validator <https://www.ejbca.org/docs/adminguide.html#Validators> concept, allowing Key Validation to be performed before certificates are issued (as well as CAA validation in Enterprise for example) - Security hardening and other security improvements - And a lot more which don't fit into this limited space... The full changelog between the old and the new Community release can be seen in the Sourceforge download directory <https://sourceforge.net/projects/ejbca/files/ejbca6/ejbca_6_10_0/>. or download directly <https://sourceforge.net/projects/ejbca/files/ejbca6/ejbca_6_10_0/README/download>. We have also ensured that upgrades from older version of EJBCA is still possible, and documented this in: The Definitive EJBCA Upgrade Guide <http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html> In all we are very proud of this release and you should notice some large enhancements and a lot of new functions. If there was anything you missed in the last release, there is a good chance you will find it in the new release. Regards, The EJBCA Team -- RSA Conference 2018 ------------------------------------------------------------------ San Francisco | April 16-20 | Moscone Center Come visit us in booth #1518 at RSA Conference 2018! Want a free expo pass? Go to https://www.rsaconference.com/events/us18/register and use the code: X8EPRIME |
|
From: Tomas G. <to...@pr...> - 2018-01-22 10:13:55
|
Hi, There is no easy to use regexp for that in the GUI. I think you can implement a FieldValidator for it. https://www.ejbca.org/docs/adminguide.html#Adding%20your%20own%20rules%20to%20regulate%20the%20values%20of%20End%20Entity%20Fields Regards, Tomas --- Save time and money with an Enterprise support subscription. Please see www.primekey.com for more information. https://www.primekey.com/products/software/ On 2018-01-21 14:21, Willi Trace wrote: > Hi all, > > I like very much the possibility to use validators on DN parts in End > Entity Profiles. > Is it also possible to use it for username field when adding new end entity? > > This should ensure that every entity in EJBCA will have its name > according defined naming conventions. > Is it possible to use regex validator on username? Or is there any way > how to achieve it? > > Best regards, > WT > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Willi T. <wil...@gm...> - 2018-01-21 13:21:38
|
Hi all, I like very much the possibility to use validators on DN parts in End Entity Profiles. Is it also possible to use it for username field when adding new end entity? This should ensure that every entity in EJBCA will have its name according defined naming conventions. Is it possible to use regex validator on username? Or is there any way how to achieve it? Best regards, WT |
|
From: Tomas G. <to...@pr...> - 2018-01-13 07:41:00
|
Hi, I guess the solution is simple right, upgrade to the latest version :-) There's really not much to be said I think, if you already searched Jira and could not find anything, I will not try to repeat your search. It's too old for me to remember anything on top of my head unfortunately so I don't know anything more, and there's nothing to be done on an old version so...just move to the latest version. Upgrading is a normal event and should be smooth. Using MS GUID is of course a standard feature, and used in so many deployments, so you can expect it to work, as well as other MS specific functions appearing. Cheers, Tomas PS: For example, for EJBCA Enterprise we have native autoenrollment. https://www.primekey.com/wp-content/uploads/2017/06/product_sheet_certificate_autoenrollment.pdf On 2018-01-12 20:12, Andrei Epure wrote: > Hi, > > > > We are using EJBCA 6.3.1.1 Community (r21429). > > > > We have discovered that, when creating a certificate using a Domain > Controller CSR (containing an MS GUID in the OtherName field), the MS > GUID does not get stored in the certitficate SAN - OtherName field. It > does, however, get stored in the End Entity SAN - OtherName field. > > > > For a Domain Controller certificate, the SAN - OtherName - DS Object > GUID is necessary for replication, as stated in the Microsoft > Requirements > <https://support.microsoft.com/en-us/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca>[0]. > > > > We mention that: > > * The DomainController Certificate Profile contains in the Other data > - Subset of Subject Alt. Name - "Other Name", "DNS Name" and "MS > GUID, Globally Unique Identifier" > * The generated certificate does get the DNS Name in the SAN > * The end entity contains the GUID field in the SAN - OtherName > > > > In order to investigate, I have turned on TRACE logging on the EJBCA > server and found out that (logs below contain <REDACTED> instead of > actual values): > > * the MS Guid is passed correctly in the request payload - > "[org.cesecore.certificates.certificateprofile.CertificateProfile] > CertificateProfile: constructed DN or AltName: > DNSNAME=<REDACTED>,GUID=<REDACTED>" > * The MS Guid is parsed by the CertTools class - TRACE > [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) > >getPartsFromDNInternal: dn:'DNSNAME=<REDACTED>,GUID=<REDACTED>', > dnpart=guid, onlyReturnFirstMatch=false] > * What is strange is that in the logs, there are multiple calls to the > getCustomOids() call, and > o two calls contain both the DNS name and the MS Guid > o One call contains only the DNS name > > 12:40:39,335 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >>getCustomOids: dn:'DNSNAME=<REDACTED>,GUID=<REDACTED> > > 12:40:39,336 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) > <getCustomOids: resulting DN part=[] > > 12:40:39,357 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >>getCustomOids: dn:'DNSNAME=<REDACTED>,GUID=<REDACTED> > > 12:40:39,357 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) > <getCustomOids: resulting DN part=[] > > 12:40:39,367 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >>getCustomOids: dn:'dNSName=<REDACTED> > > 12:40:39,367 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) > <getCustomOids: resulting DN part=[] > > > > To conclude, it seems that somewhere in the code, a decision is made to > skip the MS GUID from the logic, and that decision affects the > generation of the certificate (as the MS Guid does get stored in the End > Entity). > > > > I tested in EJBCA 6.5.0.5 Community (using the test VM [1]) with a > similar setup we have on the older version and could not replicate the > problem - the MS GUID got stored in the generated certificate. Was this > a known issue that got fixed? I could not find anything related in the > EJBCA changelists or in your Jira database [2]. > > > Thank you. > > > Regards, > > Andrei > > > > [0] > https://support.microsoft.com/en-us/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca > > [1] https://www.ejbca.org/download.html#Virtual%20Machine%20for%20Testing > [2] https://jira.primekey.se/browse/ECA-992?jql=text%20~%20%22MS%20GUID%22 > > > __ > > Andrei Epure > > Software Engineer > Almetis > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Andrei E. <ae...@al...> - 2018-01-12 19:57:36
|
Hi, We are using EJBCA 6.3.1.1 Community (r21429). We have discovered that, when creating a certificate using a Domain Controller CSR (containing an MS GUID in the OtherName field), the MS GUID does not get stored in the certitficate SAN - OtherName field. It does, however, get stored in the End Entity SAN - OtherName field. For a Domain Controller certificate, the SAN - OtherName - DS Object GUID is necessary for replication, as stated in the Microsoft Requirements <https://support.microsoft.com/en-us/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca>[0]. We mention that: * The DomainController Certificate Profile contains in the Other data - Subset of Subject Alt. Name - "Other Name", "DNS Name" and "MS GUID, Globally Unique Identifier" * The generated certificate does get the DNS Name in the SAN * The end entity contains the GUID field in the SAN - OtherName In order to investigate, I have turned on TRACE logging on the EJBCA server and found out that (logs below contain <REDACTED> instead of actual values): * the MS Guid is passed correctly in the request payload - "[org.cesecore.certificates.certificateprofile.CertificateProfile] CertificateProfile: constructed DN or AltName: DNSNAME=<REDACTED>,GUID=<REDACTED>" * The MS Guid is parsed by the CertTools class - TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >getPartsFromDNInternal: dn:'DNSNAME=<REDACTED>,GUID=<REDACTED>', dnpart=guid, onlyReturnFirstMatch=false] * What is strange is that in the logs, there are multiple calls to the getCustomOids() call, and o two calls contain both the DNS name and the MS Guid o One call contains only the DNS name 12:40:39,335 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >getCustomOids: dn:'DNSNAME=<REDACTED>,GUID=<REDACTED> 12:40:39,336 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) <getCustomOids: resulting DN part=[] 12:40:39,357 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >getCustomOids: dn:'DNSNAME=<REDACTED>,GUID=<REDACTED> 12:40:39,357 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) <getCustomOids: resulting DN part=[] 12:40:39,367 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) >getCustomOids: dn:'dNSName=<REDACTED> 12:40:39,367 TRACE [org.cesecore.util.CertTools] (http--0.0.0.0-8443-1) <getCustomOids: resulting DN part=[] To conclude, it seems that somewhere in the code, a decision is made to skip the MS GUID from the logic, and that decision affects the generation of the certificate (as the MS Guid does get stored in the End Entity). I tested in EJBCA 6.5.0.5 Community (using the test VM [1]) with a similar setup we have on the older version and could not replicate the problem - the MS GUID got stored in the generated certificate. Was this a known issue that got fixed? I could not find anything related in the EJBCA changelists or in your Jira database [2]. Thank you. Regards, Andrei [0] https://support.microsoft.com/en-us/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca [1] https://www.ejbca.org/download.html#Virtual%20Machine%20for%20Testing [2] https://jira.primekey.se/browse/ECA-992?jql=text%20~%20%22MS%20GUID%22 __ Andrei Epure Software Engineer Almetis |
|
From: Eric A. <Eri...@qp...> - 2018-01-10 19:32:10
|
Trying to work under a crunch for budgeting purposes and get a *list price* for Primekey’s PKI Enterprise Appliance (medium). Can anyone offer insight into the list/shelf price please? Eric E. Anderson Engineering Manager Technology Division InComm Agent Solutions |
|
From: Tomas G. <to...@pr...> - 2018-01-10 09:51:07
|
Hi Benno, The typical work-flow if you want to have control of your crypt tokens (key ceremony, using an HSM etc etc) is to create the crypto token first and then the CA. So this is the approach that I suggest. Regards, Tomas --- Save time and money with an Enterprise support subscription. Please see www.primekey.com for more information. https://www.primekey.com/products/software/ On 2018-01-09 19:50, Benno Droste wrote: > Hey all, > > I'm trying to figure out how to handle auto-generated soft Crypto > Tokens. How can I manually edit/reactivate them? What is the > Authentication code? Can I find/set it anywhere? > > Step by step descritption of my problem: > I create a SubCA and use the default option for Crypto Token ("- Create > a new soft Crypto Token..."). When I now navigate to the Crypto Token > page, choose my new generated Crypto Token, switch to edit mode, uncheck > Auto-activation and save, go back to the Crypto Token overview and click > on Deactivate, then: with what Authentication code can I activate the > token again? > > Did I miss something? I managed to do it as described above and couldn't > reactivate some of my SubCAs - fortunately in a test environment. > > My current approach to avoid the problem is by creating a soft Crypto > Token first (with my chosen authentication code) and then taking that > one for my new SubCA.. > > Any tips/hints? I would be glad to avoid these extra steps.. > > > Regards > > Benno > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Benno D. <ben...@db...> - 2018-01-09 19:06:20
|
Hey all,
I'm trying to figure out how to handle auto-generated soft Crypto
Tokens. How can I manually edit/reactivate them? What is the
Authentication code? Can I find/set it anywhere?
Step by step descritption of my problem:
I create a SubCA and use the default option for Crypto Token ("- Create
a new soft Crypto Token..."). When I now navigate to the Crypto Token
page, choose my new generated Crypto Token, switch to edit mode, uncheck
Auto-activation and save, go back to the Crypto Token overview and click
on Deactivate, then: with what Authentication code can I activate the
token again?
Did I miss something? I managed to do it as described above and couldn't
reactivate some of my SubCAs - fortunately in a test environment.
My current approach to avoid the problem is by creating a soft Crypto
Token first (with my chosen authentication code) and then taking that
one for my new SubCA..
Any tips/hints? I would be glad to avoid these extra steps..
Regards
Benno
|
|
From: Tomas G. <to...@pr...> - 2017-12-22 09:14:16
|
Hi, I have shceduled to fix this for the next feature release, EJBCA 6.12, scheduled for Q1 2018. API stability is not of great importance for this specific API, so I'll go for the smaller patch. Thanks for reminding us of this so we can fix it. Happy holidays! Regards, Tomas On 2017-11-13 13:25, Horstmann, Moritz wrote: > Hi Tomas, > > Thanks for creating the JIRA issue, I just registered myself with the username mhorst. > I looked at the existing patch and these are my remarks: > > 1. The patch changes the interface OCSPExtension, which could be problematic if it is used for other extensions not delivered with EJBCA (e.g. developed by customers). > 2. The OCSPExtensionType REQUEST and SINGLE_REQUEST enum constants are not wired up anywhere, which could cause confusion when trying to implement those extensions in the future. I'd leave them out or add a comment to both. > > I designed my patch with API stability in mind - if that is not important, I would prefer the existing patch due to its brevity. > > Regards, > > Moritz Horstmann > Entwicklung > -- > Governikus GmbH & Co. KG > Am Fallturm 9 > 28359 Bremen, Germany > > Phone+49 421 204 95 - 81 > Fax+49 421 204 95 - 11 > E-M...@go... > www.governikus.com > -- > Governikus GmbH & Co. KG > Aufsichtsratsvorsitzender: Dr. Martin Hagen | Amtsgericht Bremen HRA 22041 > Geschäftsführer: Dr. Stephan Klein > > Persönlich haftende Gesellschafterin: Governikus Bremen GmbH > Geschäftsführer: Dr. Stephan Klein | Amtsgericht Bremen HRB 18756 > > > > **************************************************** > Veranstaltungsvorschau: Besuchen Sie uns… > Governikus Jahrestagung | 07. + 08.11.2017 | dbb forum Berlin > 9. Jahrestagung E-Akte | 15. + 16.11.2017 | Bundespresseamt Berlin > > -----Ursprüngliche Nachricht----- > Von: Tomas Gustavsson [mailto:to...@pr...] > Gesendet: Donnerstag, 9. November 2017 08:04 > An: ejb...@li... > Betreff: Re: [Ejbca-develop] Support CertHash extension in OCSP singleExtensions field > > > Hi Moritz, > > Thanks for the work. We'll take a look at it and try to add it to a future version. Especially thanks for creating a JUnit test, that helps a lot to get things through. > > I created this issue: > https://jira.primekey.se/browse/ECA-6292 > > If you have an account in Jira, you can follow it there (I can also set you as reporter) > > We actually have another patch for the same thing, and I will compare both. I attached both patches to the Jira issue, feel free to compare the other one and say what you think. > > > Regards, > Tomas > ********** > PrimeKey Solutions AB > Lundagatan 16, 171 63 Solna, Sweden > Mob: +46 (0)707421096 > Internet: www.primekey.se > Twitter: twitter.com/primekeyPKI > ********** > > On 2017-11-06 09:36, Horstmann, Moritz wrote: >> Hi, >> >> >> >> I use EJBCA to provide test certificates in German/European >> eGovernment scenarios. >> >> >> >> While testing a new tool for signature verification, I noticed the >> CertHash extension in EJBCA putting the extension in the >> responseExtensions field of the OCSP ResponseData element, whereas it >> should be put inside the singleExtensions field of the OCSP >> SingleResponse element, according to Common-PKI (see Common PKI Part 9 >> version 2.0 page 22, table row 4: _SingleResponse extension:_ […] ). >> >> >> >> In the attached patch, I implemented generic support for >> SingleExtensions in the OcspResponseGeneratorSessionBean together with >> an implementation of the CertHash extension for singleExtension. It >> shares code with the old extension to prevent code duplication, but it >> does not change the behavior of the old extension and will become >> active when configured explicitly in the ocsp.extensionclass property >> of the conf/ocsp.properties file. >> >> >> >> I’d like to contribute the patch to upstream; any feedback or change >> request is appreciated. Apply the patch with -p1 option in ejbca trunk root. >> >> >> >> This work is sponsored by Governikus GmbH & Co. KG. >> >> >> >> Regards, >> >> >> >> Moritz Horstmann >> Entwicklung >> -- >> >> *Governikus GmbH & Co. **KG* >> >> Am Fallturm 9 >> >> 28359 Bremen, Germany >> >> >> >> Phone +49 421 204 95 - 81 >> >> Fax +49 421 204 95 - 11 >> >> E-Mail mor...@go... >> <mailto:mor...@go...> >> >> www.governikus.com <http://www.governikus.com/> >> >> -- >> >> Governikus GmbH & Co. KG >> >> Aufsichtsratsvorsitzender: Dr. Martin Hagen | Amtsgericht Bremen HRA >> 22041 >> >> Geschäftsführer: Dr. Stephan Klein >> >> >> >> Persönlich haftende Gesellschafterin: Governikus Bremen GmbH >> >> Geschäftsführer: Dr. Stephan Klein | Amtsgericht Bremen HRB 18756 >> >> >> >> >> **************************************************** >> *Veranstaltungsvorschau: Besuchen Sie uns… *Governikus Jahrestagung >> <https://www.jahrestagung.governikus.de>| 07. + >> 08.11.2017 | dbb forum Berlin >> 9. Jahrestagung E-Akte >> <https://www.infora-mc.de/Jahrestagung-E-Akte-676078.html>| 15. + >> 16.11.2017 | Bundespresseamt Berlin >> >> >> >> Governikus KG >> Twitter Governikus KG <http://www.twitter.com/Governikus_KG> Youtube >> Governikus KG >> <https://www.youtube.com/watch?v=tR4dEHyUs9g&list=PLpn1VV_zfaVfaGGnxtB >> 06Bxo3Vb3RG_SV> >> >> AusweisApp2 >> Twitter AusweisApp2 <http://www.twitter.com/AusweisApp2> Facebook >> AusweisApp2 <http://www.facebook.com/AusweisApp2 > >> >> >> ---------------------------------------------------------------------- >> -------- Check out the vibrant tech community on one of the world's >> most engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> >> >> >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Tomas G. <to...@pr...> - 2017-12-01 15:11:19
|
Hi, We have been fine tuning the upgrade process, including from very old installations. To make the upgrade process as smooth as possible for everyone we have released an intermediate release of EJBCA, version 6.3.2.6. A guide is publishing on the blog: http://blog.ejbca.org/2017/12/the-definitive-ejbca-upgrade-guide.html We have tested upgrades from as old versions of EJBCA as 3.0.7, which was released in April 2005. Regards, The EJBCA Team |
|
From: Tomas G. <to...@pr...> - 2017-11-24 08:28:43
|
Thanks. I'll try to incorporate it in a future release, not too far in the future. FYI: for this specific function, API stability is of less concern I would say. I am not aware of anyone using this specific plug-in API. If anyone is, and is reading this, please let us know. Regards, Tomas On 2017-11-13 13:25, Horstmann, Moritz wrote: > Hi Tomas, > > Thanks for creating the JIRA issue, I just registered myself with the username mhorst. > I looked at the existing patch and these are my remarks: > > 1. The patch changes the interface OCSPExtension, which could be problematic if it is used for other extensions not delivered with EJBCA (e.g. developed by customers). > 2. The OCSPExtensionType REQUEST and SINGLE_REQUEST enum constants are not wired up anywhere, which could cause confusion when trying to implement those extensions in the future. I'd leave them out or add a comment to both. > > I designed my patch with API stability in mind - if that is not important, I would prefer the existing patch due to its brevity. > > Regards, > > Moritz Horstmann > Entwicklung > -- > Governikus GmbH & Co. KG > Am Fallturm 9 > 28359 Bremen, Germany > > Phone+49 421 204 95 - 81 > Fax+49 421 204 95 - 11 > E-M...@go... > www.governikus.com > -- > Governikus GmbH & Co. KG > Aufsichtsratsvorsitzender: Dr. Martin Hagen | Amtsgericht Bremen HRA 22041 > Geschäftsführer: Dr. Stephan Klein > > Persönlich haftende Gesellschafterin: Governikus Bremen GmbH > Geschäftsführer: Dr. Stephan Klein | Amtsgericht Bremen HRB 18756 > > > > **************************************************** > Veranstaltungsvorschau: Besuchen Sie uns… > Governikus Jahrestagung | 07. + 08.11.2017 | dbb forum Berlin > 9. Jahrestagung E-Akte | 15. + 16.11.2017 | Bundespresseamt Berlin > > -----Ursprüngliche Nachricht----- > Von: Tomas Gustavsson [mailto:to...@pr...] > Gesendet: Donnerstag, 9. November 2017 08:04 > An: ejb...@li... > Betreff: Re: [Ejbca-develop] Support CertHash extension in OCSP singleExtensions field > > > Hi Moritz, > > Thanks for the work. We'll take a look at it and try to add it to a future version. Especially thanks for creating a JUnit test, that helps a lot to get things through. > > I created this issue: > https://jira.primekey.se/browse/ECA-6292 > > If you have an account in Jira, you can follow it there (I can also set you as reporter) > > We actually have another patch for the same thing, and I will compare both. I attached both patches to the Jira issue, feel free to compare the other one and say what you think. > > > Regards, > Tomas > ********** > PrimeKey Solutions AB > Lundagatan 16, 171 63 Solna, Sweden > Mob: +46 (0)707421096 > Internet: www.primekey.se > Twitter: twitter.com/primekeyPKI > ********** > > On 2017-11-06 09:36, Horstmann, Moritz wrote: >> Hi, >> >> >> >> I use EJBCA to provide test certificates in German/European >> eGovernment scenarios. >> >> >> >> While testing a new tool for signature verification, I noticed the >> CertHash extension in EJBCA putting the extension in the >> responseExtensions field of the OCSP ResponseData element, whereas it >> should be put inside the singleExtensions field of the OCSP >> SingleResponse element, according to Common-PKI (see Common PKI Part 9 >> version 2.0 page 22, table row 4: _SingleResponse extension:_ […] ). >> >> >> >> In the attached patch, I implemented generic support for >> SingleExtensions in the OcspResponseGeneratorSessionBean together with >> an implementation of the CertHash extension for singleExtension. It >> shares code with the old extension to prevent code duplication, but it >> does not change the behavior of the old extension and will become >> active when configured explicitly in the ocsp.extensionclass property >> of the conf/ocsp.properties file. >> >> >> >> I’d like to contribute the patch to upstream; any feedback or change >> request is appreciated. Apply the patch with -p1 option in ejbca trunk root. >> >> >> >> This work is sponsored by Governikus GmbH & Co. KG. >> >> >> >> Regards, >> >> >> >> Moritz Horstmann >> Entwicklung >> -- >> >> *Governikus GmbH & Co. **KG* >> >> Am Fallturm 9 >> >> 28359 Bremen, Germany >> >> >> >> Phone +49 421 204 95 - 81 >> >> Fax +49 421 204 95 - 11 >> >> E-Mail mor...@go... >> <mailto:mor...@go...> >> >> www.governikus.com <http://www.governikus.com/> >> >> -- >> >> Governikus GmbH & Co. KG >> >> Aufsichtsratsvorsitzender: Dr. Martin Hagen | Amtsgericht Bremen HRA >> 22041 >> >> Geschäftsführer: Dr. Stephan Klein >> >> >> >> Persönlich haftende Gesellschafterin: Governikus Bremen GmbH >> >> Geschäftsführer: Dr. Stephan Klein | Amtsgericht Bremen HRB 18756 >> >> >> >> >> **************************************************** >> *Veranstaltungsvorschau: Besuchen Sie uns… *Governikus Jahrestagung >> <https://www.jahrestagung.governikus.de>| 07. + >> 08.11.2017 | dbb forum Berlin >> 9. Jahrestagung E-Akte >> <https://www.infora-mc.de/Jahrestagung-E-Akte-676078.html>| 15. + >> 16.11.2017 | Bundespresseamt Berlin >> >> >> >> Governikus KG >> Twitter Governikus KG <http://www.twitter.com/Governikus_KG> Youtube >> Governikus KG >> <https://www.youtube.com/watch?v=tR4dEHyUs9g&list=PLpn1VV_zfaVfaGGnxtB >> 06Bxo3Vb3RG_SV> >> >> AusweisApp2 >> Twitter AusweisApp2 <http://www.twitter.com/AusweisApp2> Facebook >> AusweisApp2 <http://www.facebook.com/AusweisApp2 > >> >> >> ---------------------------------------------------------------------- >> -------- Check out the vibrant tech community on one of the world's >> most engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> >> >> >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Tomas G. <to...@pr...> - 2017-11-15 10:09:07
|
On 2017-11-14 18:52, Jaime Hablutzel Egoavil wrote: > > > On Wed, Nov 8, 2017 at 3:03 AM, Tomas Gustavsson <to...@pr... > <mailto:to...@pr...>> wrote: > > > That depends highly on what your use case is. If you are enrolling a > large number of users there are many options used today: > - Microsoft autoenrollment for pure MS environments > > > Is this MS autoenrollment protocol open?, is there any chance that EJBCA > would implement it so it could interact with Windows users?. We have implemented MS Autoenrollment as an enrollment gateway for EJBCA. It's an EJBCA Enterprise components though, so not provided for free. https://www.primekey.com/wp-content/uploads/2017/06/product_sheet_certificate_autoenrollment.pdf Regards, Tomas > > > - A token management system for smart cards/USB tokens > - A token management systems for Virtual smart cards > > Another common approach, since browser enrollment is also not very user > friendly across different browsers (when most browsers had it) is to > issue server side generated keystores (PKCS#12) that are imported. > > Browser enrollment is typically only used in very low volume > environments and to scale additional systems are often used. > > Said that, there are also Javascript based alternatives being developed, > using WebCrypto to enroll to both smart cards and keystores. > > See for example: > https://pkijs.org/ > https://github.com/PeculiarVentures/graphene > <https://github.com/PeculiarVentures/graphene> > > Cheers, > Tomas > > On 2017-11-08 08:32, Ralf Hornik wrote: > > Hello, > > > > how will client side key enrollment work without browser in future? > > Kind regards > > > > Ralf > > ________________________________________ > > Von: Tomas Gustavsson <to...@pr... <mailto:to...@pr...>> > > Gesendet: Dienstag, 7. November 2017 17:25 > > An: ejb...@li... > <mailto:ejb...@li...> > > Betreff: Re: [Ejbca-develop] How to Create Browser Certificate > with 4096-bit key > > > > This is likely not possible as this is controlled by the web browser. > > You have to talk to Mozilla . > > As a side note, browser enrollment will dissapear on the near future > > completely, FireFox is the only browser that still has it for a little > > while longer. > > > > Cheers, > > Tomas > > > > On 2017-11-07 17:16, Cyril wrote: > >> Hello, > >> I have created a certificate profile for end users and allowed key > >> lengths of 4096 bits and above in that profile. However, when one > goes > >> to Create Browser Certificate with that profile, the only possible > >> choices of key length on the web page are 1024 (medium grade) and > 2048. > >> How can we enable 4096 bit length there? > >> > >> Regards, > >> Cyril > >> > >> > >> > > > ------------------------------------------------------------------------------ > >> Check out the vibrant tech community on one of the world's most > >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot > >> > >> > >> > >> _______________________________________________ > >> Ejbca-develop mailing list > >> Ejb...@li... > <mailto:Ejb...@li...> > >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop > <https://lists.sourceforge.net/lists/listinfo/ejbca-develop> > >> > > > > > > > > > ------------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > <mailto:Ejb...@li...> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > <https://lists.sourceforge.net/lists/listinfo/ejbca-develop> > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > <mailto:Ejb...@li...> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > <https://lists.sourceforge.net/lists/listinfo/ejbca-develop> > > > > > -- > Jaime Hablutzel - RPC 994690880 > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
106 messages has been excluded from this view by a project administrator.
