Menu
▾
▴
ejbca-develop — Development discussions
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(3) |
Feb
(2) |
Mar
(8) |
Apr
(3) |
May
(6) |
Jun
(1) |
Jul
(15) |
Aug
(6) |
Sep
|
Oct
(10) |
Nov
(2) |
Dec
(4) |
| 2003 |
Jan
(1) |
Feb
(7) |
Mar
(3) |
Apr
(6) |
May
(7) |
Jun
(5) |
Jul
(5) |
Aug
(25) |
Sep
(14) |
Oct
(2) |
Nov
|
Dec
(2) |
| 2004 |
Jan
(7) |
Feb
(4) |
Mar
(12) |
Apr
(16) |
May
(43) |
Jun
(56) |
Jul
(43) |
Aug
(40) |
Sep
(66) |
Oct
(12) |
Nov
(26) |
Dec
(10) |
| 2005 |
Jan
(13) |
Feb
(33) |
Mar
(16) |
Apr
(7) |
May
(10) |
Jun
(34) |
Jul
(41) |
Aug
(8) |
Sep
(4) |
Oct
(32) |
Nov
(20) |
Dec
(25) |
| 2006 |
Jan
(30) |
Feb
(101) |
Mar
(5) |
Apr
(75) |
May
(74) |
Jun
(22) |
Jul
(6) |
Aug
(70) |
Sep
(19) |
Oct
(21) |
Nov
(31) |
Dec
(50) |
| 2007 |
Jan
(15) |
Feb
(20) |
Mar
(24) |
Apr
(33) |
May
(13) |
Jun
(18) |
Jul
(13) |
Aug
(7) |
Sep
(63) |
Oct
(68) |
Nov
(29) |
Dec
(68) |
| 2008 |
Jan
(30) |
Feb
(33) |
Mar
(30) |
Apr
(103) |
May
(78) |
Jun
(48) |
Jul
(72) |
Aug
(24) |
Sep
(62) |
Oct
(63) |
Nov
(70) |
Dec
(37) |
| 2009 |
Jan
(34) |
Feb
(35) |
Mar
(64) |
Apr
(34) |
May
(34) |
Jun
(58) |
Jul
(30) |
Aug
(30) |
Sep
(46) |
Oct
(52) |
Nov
(12) |
Dec
(23) |
| 2010 |
Jan
(121) |
Feb
(18) |
Mar
(53) |
Apr
(62) |
May
(62) |
Jun
(20) |
Jul
(33) |
Aug
(20) |
Sep
(36) |
Oct
(35) |
Nov
(44) |
Dec
(63) |
| 2011 |
Jan
(19) |
Feb
(32) |
Mar
(94) |
Apr
(41) |
May
(47) |
Jun
(25) |
Jul
(34) |
Aug
(20) |
Sep
(9) |
Oct
(41) |
Nov
(33) |
Dec
(24) |
| 2012 |
Jan
(12) |
Feb
(36) |
Mar
(48) |
Apr
(32) |
May
(20) |
Jun
(15) |
Jul
(32) |
Aug
(13) |
Sep
(33) |
Oct
(54) |
Nov
(25) |
Dec
(16) |
| 2013 |
Jan
(45) |
Feb
(39) |
Mar
(38) |
Apr
(50) |
May
(29) |
Jun
(30) |
Jul
(33) |
Aug
(12) |
Sep
(9) |
Oct
(25) |
Nov
(29) |
Dec
(20) |
| 2014 |
Jan
(25) |
Feb
(19) |
Mar
(16) |
Apr
(33) |
May
(27) |
Jun
(37) |
Jul
(29) |
Aug
(27) |
Sep
(37) |
Oct
(58) |
Nov
(109) |
Dec
(26) |
| 2015 |
Jan
(4) |
Feb
(35) |
Mar
(22) |
Apr
(35) |
May
(28) |
Jun
(20) |
Jul
(4) |
Aug
(16) |
Sep
(37) |
Oct
(13) |
Nov
(13) |
Dec
(14) |
| 2016 |
Jan
(22) |
Feb
(7) |
Mar
(23) |
Apr
(30) |
May
(10) |
Jun
(10) |
Jul
(15) |
Aug
(12) |
Sep
(22) |
Oct
(31) |
Nov
(5) |
Dec
(5) |
| 2017 |
Jan
(30) |
Feb
(25) |
Mar
(28) |
Apr
(4) |
May
(19) |
Jun
(13) |
Jul
(7) |
Aug
(1) |
Sep
(2) |
Oct
(5) |
Nov
(12) |
Dec
(2) |
| 2018 |
Jan
(7) |
Feb
|
Mar
(7) |
Apr
(2) |
May
(8) |
Jun
(18) |
Jul
(6) |
Aug
(3) |
Sep
(15) |
Oct
(33) |
Nov
(13) |
Dec
(7) |
| 2019 |
Jan
(5) |
Feb
(7) |
Mar
(30) |
Apr
(5) |
May
(4) |
Jun
(69) |
Jul
(86) |
Aug
(22) |
Sep
(6) |
Oct
(7) |
Nov
(5) |
Dec
(3) |
| 2020 |
Jan
(10) |
Feb
(12) |
Mar
(22) |
Apr
(5) |
May
(1) |
Jun
(4) |
Jul
(6) |
Aug
|
Sep
(9) |
Oct
|
Nov
|
Dec
(1) |
| 2021 |
Jan
(4) |
Feb
(11) |
Mar
(7) |
Apr
(7) |
May
|
Jun
(3) |
Jul
(10) |
Aug
(6) |
Sep
|
Oct
|
Nov
(18) |
Dec
(2) |
| 2022 |
Jan
(1) |
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
(5) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Tomas G. <to...@pr...> - 2014-02-23 20:32:03
|
Your server certificate does not seem to be proper. "java.security.cert.CertificateException: No subject alternative names present" means that you need to ensure your TLS server certificate is as it should be. Cheers, Tomas ----- PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact in...@pr... for more information. >" border="0">http://www.primekey.se/Services/Support/ <http://www.primekey.se/Services/Support/> >" border="0">http://www.primekey.se/Services/Training/ <http://www.primekey.se/Services/Training/> -----Original message----- From: Ebtehal Hassan <h.e...@ya...> Sent: Sunday 23rd February 2014 14:22 To: ejbca <ejb...@li...> Subject: [Ejbca-develop] Fw: CA stress test Hi, i would like to test my CA with the client tool box in ejbca , but when i run this command i get the following error: ./ejbcawsracli.sh EjbcaWsRaCli stress adminCA 20 500 javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl?wsdl. It failed with: java.security.cert.CertificateException: No subject alternative names present. org.ejbca.ui.cli.ErrorAdminCommandException: javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl?wsdl. It failed with: java.security.cert.CertificateException: No subject alternative names present. at org.ejbca.core.protocol.ws.client.StressTestCommand.execute(StressTestCommand.java:516) at org.ejbca.core.protocol.ws.client.ejbcawsracli.main(ejbcawsracli.java:36) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.ejbca.ui.cli.EjbcaWsRaCli.execute(EjbcaWsRaCli.java:36) at org.ejbca.ui.cli.ClientToolBox.executeIfSelected(ClientToolBox.java:40) at org.ejbca.ui.cli.ClientToolBox.main(ClientToolBox.java:70) Caused by: javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl?wsdl. It failed with: java.security.cert.CertificateException: No subject alternative names present. at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:151) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:133) at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:254) at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:217) at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:165) at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:93) at javax.xml.ws.Service.<init>(Service.java:76) at org.ejbca.core.protocol.ws.client.gen.EjbcaWSService.<init>(EjbcaWSService.java:36) at org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand.getEjbcaRAWS(EJBCAWSRABaseCommand.java:213) at org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand.getEjbcaRAWSFNewReference(EJBCAWSRABaseCommand.java:205) at org.ejbca.core.protocol.ws.client.StressTestCommand$MyCommandFactory.getCommands(StressTestCommand.java:86) at org.ejbca.util.PerformanceTest$TestInstance.<init>(PerformanceTest.java:129) at org.ejbca.util.PerformanceTest.execute(PerformanceTest.java:195) at org.ejbca.core.protocol.ws.client.StressTestCommand.execute(StressTestCommand.java:507) ... 8 more Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1715) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:257) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:251) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1168) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:609) at sun.security.ssl.Handshaker.process_record(Handshaker.java:545) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:963) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1208) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1235) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1219) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:440) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1139) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at java.net.URL.openStream(URL.java:1031) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:793) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:251) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:118) ... 20 more Caused by: java.security.cert.CertificateException: No subject alternative names present at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:159) at sun.security.util.HostnameChecker.match(HostnameChecker.java:92) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:285) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:271) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1147) ... 35 more please help me as soon as posible with regards Ebtehal ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Ejbca-develop mailing list Ejb...@li... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
From: Ebtehal H. <h.e...@ya...> - 2014-02-23 13:18:57
|
Hi, i would like to test my CA with the client tool box in ejbca , but when i run this command i get the following error: ./ejbcawsracli.sh EjbcaWsRaCli stress adminCA 20 500 javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl?wsdl. It failed with: java.security.cert.CertificateException: No subject alternative names present. org.ejbca.ui.cli.ErrorAdminCommandException: javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl?wsdl. It failed with: java.security.cert.CertificateException: No subject alternative names present. at org.ejbca.core.protocol.ws.client.StressTestCommand.execute(StressTestCommand.java:516) at org.ejbca.core.protocol.ws.client.ejbcawsracli.main(ejbcawsracli.java:36) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.ejbca.ui.cli.EjbcaWsRaCli.execute(EjbcaWsRaCli.java:36) at org.ejbca.ui.cli.ClientToolBox.executeIfSelected(ClientToolBox.java:40) at org.ejbca.ui.cli.ClientToolBox.main(ClientToolBox.java:70) Caused by: javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl?wsdl. It failed with: java.security.cert.CertificateException: No subject alternative names present. at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:151) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:133) at com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:254) at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:217) at com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:165) at com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:93) at javax.xml.ws.Service.<init>(Service.java:76) at org.ejbca.core.protocol.ws.client.gen.EjbcaWSService.<init>(EjbcaWSService.java:36) at org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand.getEjbcaRAWS(EJBCAWSRABaseCommand.java:213) at org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand.getEjbcaRAWSFNewReference(EJBCAWSRABaseCommand.java:205) at org.ejbca.core.protocol.ws.client.StressTestCommand$MyCommandFactory.getCommands(StressTestCommand.java:86) at org.ejbca.util.PerformanceTest$TestInstance.<init>(PerformanceTest.java:129) at org.ejbca.util.PerformanceTest.execute(PerformanceTest.java:195) at org.ejbca.core.protocol.ws.client.StressTestCommand.execute(StressTestCommand.java:507) ... 8 more Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1715) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:257) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:251) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1168) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:609) at sun.security.ssl.Handshaker.process_record(Handshaker.java:545) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:963) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1208) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1235) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1219) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:440) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1139) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at java.net.URL.openStream(URL.java:1031) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:793) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:251) at com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:118) ... 20 more Caused by: java.security.cert.CertificateException: No subject alternative names present at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:159) at sun.security.util.HostnameChecker.match(HostnameChecker.java:92) at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:285) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:271) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1147) ... 35 more please help me as soon as posible with regards Ebtehal |
|
From: sara i. <sar...@gm...> - 2014-02-18 09:25:14
|
hi,
i would like to test my CA with the client tool box in ejbca , but when i
run this command i get the following error:
./ejbcawsracli.sh stress adminCA 20 500
javax.xml.ws.WebServiceException: Failed to access the WSDL at:
https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl. It failed with:
java.security.cert.CertificateException: No subject alternative
names present.
org.ejbca.ui.cli.ErrorAdminCommandException:
javax.xml.ws.WebServiceException: Failed to access the WSDL at:
https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl. It failed with:
java.security.cert.CertificateException: No subject alternative
names present.
at
org.ejbca.core.protocol.ws.client.StressTestCommand.execute(StressTestCommand.java:516)
at
org.ejbca.core.protocol.ws.client.ejbcawsracli.main(ejbcawsracli.java:36)
Caused by: javax.xml.ws.WebServiceException: Failed to access the WSDL at:
https://192.168.20.4:8443/ejbca/ejbcaws/ejbcaws?wsdl. It failed with:
java.security.cert.CertificateException: No subject alternative
names present.
at
com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:151)
at
com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:133)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:254)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:217)
at
com.sun.xml.internal.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:165)
at
com.sun.xml.internal.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:93)
at javax.xml.ws.Service.<init>(Service.java:76)
at
org.ejbca.core.protocol.ws.client.gen.EjbcaWSService.<init>(EjbcaWSService.java:36)
at
org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand.getEjbcaRAWS(EJBCAWSRABaseCommand.java:213)
at
org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand.getEjbcaRAWSFNewReference(EJBCAWSRABaseCommand.java:205)
at
org.ejbca.core.protocol.ws.client.StressTestCommand$MyCommandFactory.getCommands(StressTestCommand.java:86)
at
org.ejbca.util.PerformanceTest$TestInstance.<init>(PerformanceTest.java:129)
at org.ejbca.util.PerformanceTest.execute(PerformanceTest.java:195)
at
org.ejbca.core.protocol.ws.client.StressTestCommand.execute(StressTestCommand.java:507)
... 1 more
Caused by: javax.net.ssl.SSLHandshakeException:
java.security.cert.CertificateException: No subject alternative names
present
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1715)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:257)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:251)
at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1168)
at
sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:609)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:545)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:963)
at
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1208)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1235)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1219)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:440)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1139)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at java.net.URL.openStream(URL.java:1031)
at
com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:793)
at
com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:251)
at
com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:118)
... 13 more
Caused by: java.security.cert.CertificateException: No subject alternative
names present
at
sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:159)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:92)
at
sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:285)
at
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:271)
at
sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1147)
... 28 more
can you tell me where i went wrong ?!
regards,
Sara
|
|
From: Johan E. <ejb...@pr...> - 2014-02-10 13:21:24
|
Some path in JBoss has probably changed compared to what is defined in ejbca/modules/build-properties.xml. Look for the section where "lib.jsf.classpath.files" is defined. Best Regards, Johan 2014-02-07 09:17, giampaolo darelli skrev: > > Hello everyone, > First my software versions: > > Apache Ant version 1.7.1 compiled on April 26 2010 > Red Hat Enterprise Linux Server release 6.4 (Santiago) > java version "1.6.0_45" (with jce) > Jboss 5.1.2 > > an extract of ejbca.properties: > appserver.home=/app/apo/jboss > > appserver.type=jboss > ejbca.productionmode=false > jboss.config=all > > I've already used ejbca with jboss 5.1.0 withouth problem, now i'm > installing it > on jboss 5.1.2 and i've got this error with ejbca during ant bootstrap: > > > compile: > [javac] Compiling 94 source files to > /app/apo/ejbca_4_0_16/modules/admin-gui/build/WEB-INF/classes > [javac] > /app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/BaseManagedBean.java:22: > package javax.faces.application does not exist > [javac] import javax.faces.application.FacesMessage; > [javac] ^ > [javac] > /app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/BaseManagedBean.java:23: > package javax.faces.context does not exist > [javac] import javax.faces.context.FacesContext; > [javac] ^ > [javac] > /app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/LegalCharsValidator.java:16: > package javax.faces.application does not exist > [javac] import javax.faces.application.FacesMessage; > [javac] ^ > [javac] > /app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/LegalCharsValidator.java:17: > package javax.faces.component does not exist > [javac] import javax.faces.component.UIComponent; > [javac] ^ > > > any hint? > Best Regards, > Giampaolo Darelli > > > > > ------------------------------------------------------------------------------ > Managing the Performance of Cloud-Based Applications > Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. > Read the Whitepaper. > http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Michael S. <mi...@st...> - 2014-02-10 09:36:49
|
On Mon, 10 Feb 2014 08:15:12 +0000 (GMT) Ebtehal Hassan <h.e...@ya...> wrote > i faced problem on publishing CRL and CA certificate to LDAP server: > i was use ejbca 4.0.16 , JBOSS 5.0.11 ,openldap-2.0.26 > when publish the CRL i get the following error on JBOSS log: > > 14:06:47,982 ERROR [LdapPublisher] LDAP ERROR: Error storing CRL > (certificateRevocationList;binary) in LDAP (top;cRLDistributionPoint;pkiCA) > for DN (CN=SampleCA,o=Sample,c=SE). Message: Unwilling To Perform. > LDAPException: Unwilling To Perform (53) Unwilling To Perform LDAPException: > Server Message: operation not permitted within namingContext LDAPException: This looks very much like a configuration issue in your LDAP server. BTW: Running ancient OpenLDAP 2.0.x is asking for trouble anyway. Ciao, Michael. |
|
From: Ebtehal H. <h.e...@ya...> - 2014-02-10 08:15:21
|
hi all; i faced problem on publishing CRL and CA certificate to LDAP server: i was use ejbca 4.0.16 , JBOSS 5.0.11 ,openldap-2.0.26 when publish the CRL i get the following error on JBOSS log: . . . 14:06:47,982 ERROR [LdapPublisher] LDAP ERROR: Error storing CRL (certificateRevocationList;binary) in LDAP (top;cRLDistributionPoint;pkiCA) for DN (CN=SampleCA,o=Sample,c=SE). Message: Unwilling To Perform. LDAPException: Unwilling To Perform (53) Unwilling To Perform LDAPException: Server Message: operation not permitted within namingContext LDAPException: Matched DN: at com.novell.ldap.LDAPResponse.getResultException(Unknown Source) at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source) at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source) at com.novell.ldap.LDAPConnection.add(Unknown Source) at org.ejbca.core.model.ca.publisher.LdapPublisher.storeCRL(LdapPublisher.java:535) at org.ejbca.core.ejb.ca.publisher.PublisherQueueSessionBean.storeCRLNonTransactional(PublisherQueueSessionBean.java:376) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) at sun.reflect.GeneratedMethodAccessor421.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_900891812.invoke(InvocationContextInterceptor_z_fillMethod_900891812.java) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_900891812.invoke(InvocationContextInterceptor_z_setup_900891812.java) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.tx.TxPolicy.invokeInNoTx(TxPolicy.java:66) at org.jboss.ejb3.tx.TxInterceptor$NotSupported.invoke(TxInterceptor.java:92) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleB __________________________ so how i can solve this problem & how i can edit the schema... with regard; Ebtehal Hassan. |
|
From: Sriram <sri...@gm...> - 2014-02-07 12:09:04
|
Hi,
I am trying a test a scenario, where cmp client sends a certificate request
with no public key specified. (RFC 4210)
In response to that certificate request, Is it possible that CA generates
the certificate with public key and send it to client. Also private key by
some means.
But when i tested this scenario, I am getting logs like below,
Caused by: java.lang.NullPointerException
at org.bouncycastle.asn1.DERBitString.<init>(Unknown Source)
[bcprov-jdk15on-149.jar:1.49.0]
at
org.ejbca.core.protocol.cmp.CrmfRequestMessage.getPublicKey(CrmfRequestMessage.java:219)
[ejbca-common-web.jar:]
at
org.ejbca.core.protocol.cmp.CrmfRequestMessage.getRequestPublicKey(CrmfRequestMessage.java:212)
[ejbca-common-web.jar:]
at
org.ejbca.core.protocol.cmp.CrmfRequestMessage.verify(CrmfRequestMessage.java:485)
[ejbca-common-web.jar:]
at
org.ejbca.core.ejb.ca.sign.SignSessionBean.decryptAndVerify(SignSessionBean.java:443)
[ejbca-ejb.jar:]
at
org.ejbca.core.ejb.ca.sign.SignSessionBean.createCertificate(SignSessionBean.java:250)
[ejbca-ejb.jar:]
at sun.reflect.GeneratedMethodAccessor291.invoke(Unknown Source)
[:1.6.0_27]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.6.0_27]
at java.lang.reflect.Method.invoke(Method.java:622) [rt.jar:1.6.0_27]
Can this be resolved by proper configuration ? If so, please suggest.
Any help in this regard is appreciated.
Regards,
Sriram
|
|
From: giampaolo d. <gia...@gm...> - 2014-02-07 08:17:57
|
Hello everyone,
First my software versions:
Apache Ant version 1.7.1 compiled on April 26 2010
Red Hat Enterprise Linux Server release 6.4 (Santiago)
java version "1.6.0_45" (with jce)
Jboss 5.1.2
an extract of ejbca.properties:
appserver.home=/app/apo/jboss
appserver.type=jboss
ejbca.productionmode=false
jboss.config=all
I've already used ejbca with jboss 5.1.0 withouth problem, now i'm
installing it
on jboss 5.1.2 and i've got this error with ejbca during ant bootstrap:
compile:
[javac] Compiling 94 source files to
/app/apo/ejbca_4_0_16/modules/admin-gui/build/WEB-INF/classes
[javac]
/app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/BaseManagedBean.java:22:
package javax.faces.application does not exist
[javac] import javax.faces.application.FacesMessage;
[javac] ^
[javac]
/app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/BaseManagedBean.java:23:
package javax.faces.context does not exist
[javac] import javax.faces.context.FacesContext;
[javac] ^
[javac]
/app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/LegalCharsValidator.java:16:
package javax.faces.application does not exist
[javac] import javax.faces.application.FacesMessage;
[javac] ^
[javac]
/app/apo/ejbca_4_0_16/modules/admin-gui/src/org/ejbca/ui/web/admin/LegalCharsValidator.java:17:
package javax.faces.component does not exist
[javac] import javax.faces.component.UIComponent;
[javac] ^
any hint?
Best Regards,
Giampaolo Darelli
|
|
From: Roman C. <rom...@wi...> - 2014-02-06 09:07:04
|
Hi there,
I'm having problem importing CA from HSM using PKCS#11.
I'm running EJBCA 6.0.3 on JBoss 7.1.1.Final.
I run the following command to import CA:
./ejbca.sh ca importca TestRootCA org.cesecore.keys.token.PKCS11CryptoToken 87654321 /home/ejbca/testRootCA.properties /home/ejbca/testRootCA.pem
Where testRootCA.properties contains the following:
slotListIndex 0
sharedLibrary /home/ejbca/libpkcs11.so
pin 87654321
defaultKey testRSAKey
certSignKey testRSAKey
crlSignKey testRSAKey
testKey testRSAKey
I get the following error:
org.ejbca.ui.cli.ErrorAdminCommandException: org.cesecore.keys.token.CryptoTokenOfflineException: Slot not initialized.
at org.ejbca.ui.cli.ca.CaImportCACommand.execute(CaImportCACommand.java:117)
at org.ejbca.ui.cli.CliCommandHelper.executeCommand(CliCommandHelper.java:147)
at org.ejbca.ui.cli.CliCommandHelper.searchAndRun(CliCommandHelper.java:105)
at org.ejbca.ui.cli.EjbcaEjbCli.main(EjbcaEjbCli.java:25)
Caused by: org.cesecore.keys.token.CryptoTokenOfflineException: Slot not initialized.
at org.cesecore.keys.token.PKCS11CryptoToken.activate(PKCS11CryptoToken.java:122)
at org.cesecore.keys.token.CryptoTokenManagementSessionBean.createCryptoToken(CryptoTokenManagementSessionBean.java:148)
at org.cesecore.keys.token.CryptoTokenManagementSessionBean.createCryptoToken(CryptoTokenManagementSessionBean.java:181)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.jboss.as.ee.component.ManagedReferenceMethodInterceptorFactory$ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptorFactory.java:72)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)
at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:53)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.pool.PooledInstanceInterceptor.processInvocation(PooledInstanceInterceptor.java:51)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInCallerTx(CMTTxInterceptor.java:202)
at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:306)
at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:190)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:32)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:173)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72)
at org.cesecore.keys.token.CryptoTokenManagementSessionLocal$$$view13.createCryptoToken(Unknown Source)
at org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean.createCryptoTokenWithUniqueName(CAAdminSessionBean.java:1918)
at org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean.importCAFromHSM(CAAdminSessionBean.java:1870)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.jboss.as.ee.component.ManagedReferenceMethodInterceptorFactory$ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptorFactory.java:72)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53)
at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:36)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:53)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.pool.PooledInstanceInterceptor.processInvocation(PooledInstanceInterceptor.java:51)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:228)
at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:304)
at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:190)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.remote.EJBRemoteTransactionPropagatingInterceptor.processInvocation(EJBRemoteTransactionPropagatingInterceptor.java:80)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:43)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:302)
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:64)
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:196)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.ejb.client.remoting.InvocationExceptionResponseHandler$MethodInvocationExceptionResultProducer.getResult(InvocationExceptionResponseHandler.java:99)
at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:270)
at org.jboss.ejb.client.TransactionInterceptor.handleInvocationResult(TransactionInterceptor.java:47)
at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:272)
at org.jboss.ejb.client.ReceiverInterceptor.handleInvocationResult(ReceiverInterceptor.java:132)
at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:260)
at org.jboss.ejb.client.EJBClientInvocationContext.awaitResponse(EJBClientInvocationContext.java:399)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:140)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:121)
at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)
at com.sun.proxy.$Proxy2.importCAFromHSM(Unknown Source)
at org.ejbca.ui.cli.ca.CaImportCACommand.execute(CaImportCACommand.java:112)
... 3 more
Maybe it is worth to mention that I am able to use the HSM through web GUI in CryptoTokens.
But it seems that it can't be activated when importing CA from command line.
Do you know how to solve this?
With regards,
Roman |
|
From: Ebtehal H. <h.e...@ya...> - 2014-02-05 09:43:44
|
i was use the following paths /home/jboss.7.1.1.final/standalone/configuration/keystore/ ________________________________ From: Tomas Gustavsson <to...@pr...> To: ejb...@li... Sent: Wednesday, 5 February 2014, 12:05:13 Subject: Re: [Ejbca-develop] error on keystore & admin web You have some strange paths in your installation. /ho$ Just use normal paths with nothing strange and it should work /Tomas On 02/05/2014 08:31 AM, Ebtehal Hassan wrote: > Hi, > > i was working on ejbca 6.0.3 & JBOSS 7.1.1.final ; i was finishing from > deploying and installing of the packages > > but when i was opening the admin page ; the following error was occure : > > . > . > . > . > 10:29:04,425 ERROR [org.apache.tomcat.util.net.jsse.JSSESocketFactory] > (MSC service thread 1-4) Failed to load keystore type JKS with path /ho$ > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) > [rt.jar:1.7.0_25] > at > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) > [rt.jar:1.7.0_25] > at java.security.KeyStore.load(KeyStore.java:1214) > [rt.jar:1.7.0_25] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:381) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:347) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustManagers(JSSESocketFactory.java:546) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:452) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:168) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:977) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:190) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.catalina.connector.Connector.init(Connector.java:983) > [jbossweb-7.0.13.Final.jar:] > at > org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267) > [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] > at > org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) > [jboss-msc-1.0.2.GA.jar:1.0.2.G$ > at > org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) > [jboss-msc-1.0.2.GA.jar:1.0.2.GA] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > [rt.jar:1.7.0_25] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > [rt.jar:1.7.0_25] > at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] > Caused by: java.security.UnrecoverableKeyException: Password > verification failed > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) > [rt.jar:1.7.0_25] > > . > . > . > . > ______________ > how i can solve this problem please help me ..... > > > > ------------------------------------------------------------------------------ > Managing the Performance of Cloud-Based Applications > Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. > Read the Whitepaper. > http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk _______________________________________________ Ejbca-develop mailing list Ejb...@li... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
From: Tomas G. <to...@pr...> - 2014-02-05 09:05:24
|
You have some strange paths in your installation. /ho$ Just use normal paths with nothing strange and it should work /Tomas On 02/05/2014 08:31 AM, Ebtehal Hassan wrote: > Hi, > > i was working on ejbca 6.0.3 & JBOSS 7.1.1.final ; i was finishing from > deploying and installing of the packages > > but when i was opening the admin page ; the following error was occure : > > . > . > . > . > 10:29:04,425 ERROR [org.apache.tomcat.util.net.jsse.JSSESocketFactory] > (MSC service thread 1-4) Failed to load keystore type JKS with path /ho$ > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) > [rt.jar:1.7.0_25] > at > sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) > [rt.jar:1.7.0_25] > at java.security.KeyStore.load(KeyStore.java:1214) > [rt.jar:1.7.0_25] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:381) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:347) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustManagers(JSSESocketFactory.java:546) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:452) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:168) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:977) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:190) > [jbossweb-7.0.13.Final.jar:] > at > org.apache.catalina.connector.Connector.init(Connector.java:983) > [jbossweb-7.0.13.Final.jar:] > at > org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267) > [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] > at > org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) > [jboss-msc-1.0.2.GA.jar:1.0.2.G$ > at > org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) > [jboss-msc-1.0.2.GA.jar:1.0.2.GA] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > [rt.jar:1.7.0_25] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > [rt.jar:1.7.0_25] > at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] > Caused by: java.security.UnrecoverableKeyException: Password > verification failed > at > sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) > [rt.jar:1.7.0_25] > > . > . > . > . > ______________ > how i can solve this problem please help me ..... > > > > ------------------------------------------------------------------------------ > Managing the Performance of Cloud-Based Applications > Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. > Read the Whitepaper. > http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Ebtehal H. <h.e...@ya...> - 2014-02-05 07:31:11
|
Hi, i was working on ejbca 6.0.3 & JBOSS 7.1.1.final ; i was finishing from deploying and installing of the packages but when i was opening the admin page ; the following error was occure : . . . . 10:29:04,425 ERROR [org.apache.tomcat.util.net.jsse.JSSESocketFactory] (MSC service thread 1-4) Failed to load keystore type JKS with path /ho$ at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) [rt.jar:1.7.0_25] at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) [rt.jar:1.7.0_25] at java.security.KeyStore.load(KeyStore.java:1214) [rt.jar:1.7.0_25] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:381) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustStore(JSSESocketFactory.java:347) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getTrustManagers(JSSESocketFactory.java:546) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:452) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:168) [jbossweb-7.0.13.Final.jar:] at org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:977) [jbossweb-7.0.13.Final.jar:] at org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:190) [jbossweb-7.0.13.Final.jar:] at org.apache.catalina.connector.Connector.init(Connector.java:983) [jbossweb-7.0.13.Final.jar:] at org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.G$ at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_25] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_25] at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25] Caused by: java.security.UnrecoverableKeyException: Password verification failed at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) [rt.jar:1.7.0_25] . . . . ______________ how i can solve this problem please help me ..... |
|
From: Sriram <sri...@gm...> - 2014-01-30 10:49:46
|
Hi Aveen, Thanks for the reply. I was able to resolve it. I am using ejbca-6.0.3. I gave full URL as the name for the cmp configuration. That was the issue. Regards, Sriram On Thu, Jan 30, 2014 at 3:45 PM, Aveen Ismail <av...@pr...> wrote: > Hi Sriram, > > What EJBCA version are you running? What are your CMP configurations? Do > you have server logs I can look at? > > If you are using cmp alias, then the URL you should use in the openssl > command line is also: http://10.206.1.3:8080/ejbca/publicweb/cmp/cmpalias > If you don't put the alias "cmpalias" in the URL, then EJBCA will use the > alias "cmp", whose values might not be the ones you are expecting! > > Best regards, > Aveen > > > > On 01/28/2014 12:03 PM, Sriram wrote: > > Hello Everyone, > > Whenever I run openssl with cmp like below, > > /root/sriram/cmpforopenssl-code/src/openssl-1.0.1e-cmp/apps/openssl cmp > -cmd ir > -server 10.206.1.3:8080 -path ejbca/publicweb/cmp -srvcert > certs/ManagementCA.pem -user cmptest > -pass CMP-pwd -newkey certs/cl_key.pem -certout certs/cl_cert.pem -subject > "/CN=cmptest" > > it throws an error like "PKIStatus: rejection, PKIFailureInfo: > incorrectData" > > I am suspecting some configuration issue in ejbca.I have certificate > profile, end entity profile, > end entity and CA. I also did configuration of CMP. > CMP configuration alias is, > http://10.206.1.3:8080/ejbca/publicweb/cmp/cmpalias. > But when I paste that on the browser, its not giving any info. > Wireshark traces show that URL doesnt exists. > Any help on ejbca cmp configuration is welcome. > > > Regards, > Sriram > > > > ------------------------------------------------------------------------------ > WatchGuard Dimension instantly turns raw network data into actionable > security intelligence. It gives you real-time visual feedback on key > security issues and trends. Skip the complicated setup - simply import > a virtual appliance and go from zero to informed in seconds.http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing lis...@li...://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > -- > Med vänlig hälsning / Kind regards, > Aveen Ismail > PKI Specialist - R&D > > PrimeKey Solutions AB > Andertorpsv.16 > 17154 Solna > Sweden > > Phone. +46735881655 > Skype-ID: aveen47111www.primekey.se > > |
|
From: Ebtehal H. <h.e...@ya...> - 2014-01-29 07:48:38
|
ok now i was deploying successfully but in install step i was found the following error : . . . . appserver.error.message: [echo] jndi.properties.file: /home/ebtehal/lollah/ejbca_ce_6_0_3/conf/jndi.properties.jboss7 set-paths-jboss7: set-paths-not-jboss7: set-paths: jee:check: [echo] Using appserver.home : /home/ebtehal/lollah/jboss-as-7.1.1.Final jee:keystore: [echo] Using JBoss deploy directory /home/ebtehal/lollah/jboss-as-7.1.1.Final/standalone/deployments [copy] Copying 1 file to /home/ebtehal/lollah/jboss-as-7.1.1.Final/standalone/configuration/keystore customejbca.message: appserver.error.message: [echo] jndi.properties.file: /home/ebtehal/lollah/ejbca_ce_6_0_3/conf/jndi.properties.jboss7 set-paths-jboss7: set-paths-not-jboss7: set-paths: jee:deploytruststore: BUILD FAILED /home/ebtehal/lollah/ejbca_ce_6_0_3/build.xml:63: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:406: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:390: Missing JKS truststorestore file in '/home/ebtehal/lollah/ejbca_ce_6_0_3/p12/truststore.jks' Total time: 1 minute 52 seconds ___________________-- ________________________________ From: Roman Cinkais <rom...@wi...> To: 'Ebtehal Hassan' <h.e...@ya...>; ejb...@li... Sent: Tuesday, 28 January 2014, 14:03:27 Subject: RE: [Ejbca-develop] problem on deployment of EJBCA 6.0.3 Just follow this instruction for JBoss 7 and you will get the result: http://ejbca.org/docs/installation.html#JBoss It is not enough to just add driver to standalone.xml. You should create MySQL JDBC module and then register it. With regards, Roman From:Ebtehal Hassan [mailto:h.e...@ya...] Sent: Tuesday, January 28, 2014 11:54 AM To: ejbca Subject: [Ejbca-develop] problem on deployment of EJBCA 6.0.3 Hi, i had a problem on deploy the latest version of EJBCA; when i excute the ( ant deploy ) command the follwing error was occure: . . . jee:assert-runJBoss7: [echo] Checking if JBoss 7 is up and running... jee:deployServicesJBoss7: [echo] /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=ejbca-mail-smtp:add(port="25", host="localhost") [exec] {"outcome" => "success"} [echo] /subsystem=mail/mail-session="java:/EjbcaMail":add(jndi-name="java:/EjbcaMail" [exec] {"outcome" => "success"} [echo] /subsystem=mail/mail-session="java:/EjbcaMail"/server=smtp:add(outbound-socket-binding-ref=ejbca-mail-smtp, ssl="false") [exec] {"outcome" => "success"} jee:deployServices: jee:deployDSJBoss5: jee:deployDSJBoss7: [exec] Result: 1 [exec] Result: 1 [echo] data-source add --name=ejbcads --driver-name="com.mysql.jdbc.Driver" --connection-url="jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8" --jndi-name="java:/EjbcaDS" --use-ccm=true --user-name="ejbca" --password="ejbca" --validate-on-match=true --background-validation=false --prepared-statements-cache-size=50 --share-prepared-statements=true --min-pool-size=5 --max-pool-size=150 --pool-prefill=true --transaction-isolation=TRANSACTION_READ_COMMITTED --check-valid-connection-sql="select 1" [exec] JBAS010468: Driver named "com.mysql.jdbc.Driver" is not installed. BUILD FAILED /home/ebtehal/lollah/ejbca_ce_6_0_3/build.xml:635: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:265: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:501: exec returned: 1 Total time: 1 minute 10 seconds ______________ after that ia was added the driver and datasource on standalone.xml on JBOSS 7.1.1 server: <datasources> <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true"> <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url> <driver>h2</driver> <security> <user-name>sa</user-name> <password>sa</password> </security> </datasource> <datasource jndi-name="java:jboss/datasources/ejbcaDS" pool-name="ejbcalDS" enabled="true" use-java-context="true"> <connection-url>jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8</connection-url> <driver>com.mysql.jdbc.Driver</driver> <security> <user-name>ejbca</user-name> <password>ejbca</password> </security> </datasource> <drivers> <driver name="h2" module="com.h2database.h2"> <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class> </driver> <driver name="com.mysql.jdbc.Driver" module="com.mysql.jdbc.Driver"> <xa-datasource-class>com.mysql.jdbc.Driver</xa-datasource-class> </driver> </drivers> </datasources> _________________ but still the same error on deploy...... |
|
From: Ebtehal H. <h.e...@ya...> - 2014-01-29 06:29:52
|
________________________________ From: Ebtehal Hassan <h.e...@ya...> To: Roman Cinkais <rom...@wi...> Sent: Wednesday, 29 January 2014, 9:28:44 Subject: Re: [Ejbca-develop] problem on deployment of EJBCA 6.0.3 how i can running the commands in the JBoss administration tool; to register the Mysql driver ??? ________________________________ From: Roman Cinkais <rom...@wi...> To: 'Ebtehal Hassan' <h.e...@ya...>; ejb...@li... Sent: Tuesday, 28 January 2014, 14:03:27 Subject: RE: [Ejbca-develop] problem on deployment of EJBCA 6.0.3 Just follow this instruction for JBoss 7 and you will get the result: http://ejbca.org/docs/installation.html#JBoss It is not enough to just add driver to standalone.xml. You should create MySQL JDBC module and then register it. With regards, Roman From:Ebtehal Hassan [mailto:h.e...@ya...] Sent: Tuesday, January 28, 2014 11:54 AM To: ejbca Subject: [Ejbca-develop] problem on deployment of EJBCA 6.0.3 Hi, i had a problem on deploy the latest version of EJBCA; when i excute the ( ant deploy ) command the follwing error was occure: . . . jee:assert-runJBoss7: [echo] Checking if JBoss 7 is up and running... jee:deployServicesJBoss7: [echo] /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=ejbca-mail-smtp:add(port="25", host="localhost") [exec] {"outcome" => "success"} [echo] /subsystem=mail/mail-session="java:/EjbcaMail":add(jndi-name="java:/EjbcaMail" [exec] {"outcome" => "success"} [echo] /subsystem=mail/mail-session="java:/EjbcaMail"/server=smtp:add(outbound-socket-binding-ref=ejbca-mail-smtp, ssl="false") [exec] {"outcome" => "success"} jee:deployServices: jee:deployDSJBoss5: jee:deployDSJBoss7: [exec] Result: 1 [exec] Result: 1 [echo] data-source add --name=ejbcads --driver-name="com.mysql.jdbc.Driver" --connection-url="jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8" --jndi-name="java:/EjbcaDS" --use-ccm=true --user-name="ejbca" --password="ejbca" --validate-on-match=true --background-validation=false --prepared-statements-cache-size=50 --share-prepared-statements=true --min-pool-size=5 --max-pool-size=150 --pool-prefill=true --transaction-isolation=TRANSACTION_READ_COMMITTED --check-valid-connection-sql="select 1" [exec] JBAS010468: Driver named "com.mysql.jdbc.Driver" is not installed. BUILD FAILED /home/ebtehal/lollah/ejbca_ce_6_0_3/build.xml:635: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:265: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:501: exec returned: 1 Total time: 1 minute 10 seconds ______________ after that ia was added the driver and datasource on standalone.xml on JBOSS 7.1.1 server: <datasources> <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true"> <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url> <driver>h2</driver> <security> <user-name>sa</user-name> <password>sa</password> </security> </datasource> <datasource jndi-name="java:jboss/datasources/ejbcaDS" pool-name="ejbcalDS" enabled="true" use-java-context="true"> <connection-url>jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8</connection-url> <driver>com.mysql.jdbc.Driver</driver> <security> <user-name>ejbca</user-name> <password>ejbca</password> </security> </datasource> <drivers> <driver name="h2" module="com.h2database.h2"> <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class> </driver> <driver name="com.mysql.jdbc.Driver" module="com.mysql.jdbc.Driver"> <xa-datasource-class>com.mysql.jdbc.Driver</xa-datasource-class> </driver> </drivers> </datasources> _________________ but still the same error on deploy...... |
|
From: Roman C. <rom...@wi...> - 2014-01-28 11:33:57
|
Just follow this instruction for JBoss 7 and you will get the result: http://ejbca.org/docs/installation.html#JBoss It is not enough to just add driver to standalone.xml. You should create MySQL JDBC module and then register it. With regards, Roman From: Ebtehal Hassan [mailto:h.e...@ya...] Sent: Tuesday, January 28, 2014 11:54 AM To: ejbca Subject: [Ejbca-develop] problem on deployment of EJBCA 6.0.3 Hi, i had a problem on deploy the latest version of EJBCA; when i excute the ( ant deploy ) command the follwing error was occure: . . . jee:assert-runJBoss7: [echo] Checking if JBoss 7 is up and running... jee:deployServicesJBoss7: [echo] /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=ejbca-mail-smtp:add(port="25", host="localhost") [exec] {"outcome" => "success"} [echo] /subsystem=mail/mail-session="java:/EjbcaMail":add(jndi-name="java:/EjbcaMail" [exec] {"outcome" => "success"} [echo] /subsystem=mail/mail-session="java:/EjbcaMail"/server=smtp:add(outbound-socket-binding-ref=ejbca-mail-smtp, ssl="false") [exec] {"outcome" => "success"} jee:deployServices: jee:deployDSJBoss5: jee:deployDSJBoss7: [exec] Result: 1 [exec] Result: 1 [echo] data-source add --name=ejbcads --driver-name="com.mysql.jdbc.Driver" --connection-url="jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8" --jndi-name="java:/EjbcaDS" --use-ccm=true --user-name="ejbca" --password="ejbca" --validate-on-match=true --background-validation=false --prepared-statements-cache-size=50 --share-prepared-statements=true --min-pool-size=5 --max-pool-size=150 --pool-prefill=true --transaction-isolation=TRANSACTION_READ_COMMITTED --check-valid-connection-sql="select 1" [exec] JBAS010468: Driver named "com.mysql.jdbc.Driver" is not installed. BUILD FAILED /home/ebtehal/lollah/ejbca_ce_6_0_3/build.xml:635: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:265: The following error occurred while executing this line: /home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:501: exec returned: 1 Total time: 1 minute 10 seconds ______________ after that ia was added the driver and datasource on standalone.xml on JBOSS 7.1.1 server: <datasources> <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true"> <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url> <driver>h2</driver> <security> <user-name>sa</user-name> <password>sa</password> </security> </datasource> <datasource jndi-name="java:jboss/datasources/ejbcaDS" pool-name="ejbcalDS" enabled="true" use-java-context="true"> <connection-url>jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8</connection-url> <driver>com.mysql.jdbc.Driver</driver> <security> <user-name>ejbca</user-name> <password>ejbca</password> </security> </datasource> <drivers> <driver name="h2" module="com.h2database.h2"> <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class> </driver> <driver name="com.mysql.jdbc.Driver" module="com.mysql.jdbc.Driver"> <xa-datasource-class>com.mysql.jdbc.Driver</xa-datasource-class> </driver> </drivers> </datasources> _________________ but still the same error on deploy...... |
|
From: Sriram <sri...@gm...> - 2014-01-28 11:03:44
|
Hello Everyone, Whenever I run openssl with cmp like below, /root/sriram/cmpforopenssl-code/src/openssl-1.0.1e-cmp/apps/openssl cmp -cmd ir -server 10.206.1.3:8080 -path ejbca/publicweb/cmp -srvcert certs/ManagementCA.pem -user cmptest -pass CMP-pwd -newkey certs/cl_key.pem -certout certs/cl_cert.pem -subject "/CN=cmptest" it throws an error like "PKIStatus: rejection, PKIFailureInfo: incorrectData" I am suspecting some configuration issue in ejbca.I have certificate profile, end entity profile, end entity and CA. I also did configuration of CMP. CMP configuration alias is, http://10.206.1.3:8080/ejbca/publicweb/cmp/cmpalias. But when I paste that on the browser, its not giving any info. Wireshark traces show that URL doesnt exists. Any help on ejbca cmp configuration is welcome. Regards, Sriram |
|
From: Ebtehal H. <h.e...@ya...> - 2014-01-28 10:53:58
|
Hi,
i had a problem on deploy the latest version of EJBCA;
when i excute the ( ant deploy ) command the follwing error was occure:
.
.
.
jee:assert-runJBoss7:
[echo] Checking if JBoss 7 is up and running...
jee:deployServicesJBoss7:
[echo] /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=ejbca-mail-smtp:add(port="25", host="localhost")
[exec] {"outcome" => "success"}
[echo] /subsystem=mail/mail-session="java:/EjbcaMail":add(jndi-name="java:/EjbcaMail"
[exec] {"outcome" => "success"}
[echo] /subsystem=mail/mail-session="java:/EjbcaMail"/server=smtp:add(outbound-socket-binding-ref=ejbca-mail-smtp, ssl="false")
[exec] {"outcome" => "success"}
jee:deployServices:
jee:deployDSJBoss5:
jee:deployDSJBoss7:
[exec] Result: 1
[exec] Result: 1
[echo] data-source add --name=ejbcads --driver-name="com.mysql.jdbc.Driver" --connection-url="jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8" --jndi-name="java:/EjbcaDS" --use-ccm=true --user-name="ejbca" --password="ejbca" --validate-on-match=true --background-validation=false --prepared-statements-cache-size=50 --share-prepared-statements=true --min-pool-size=5 --max-pool-size=150 --pool-prefill=true --transaction-isolation=TRANSACTION_READ_COMMITTED --check-valid-connection-sql="select 1"
[exec] JBAS010468: Driver named "com.mysql.jdbc.Driver" is not installed.
BUILD FAILED
/home/ebtehal/lollah/ejbca_ce_6_0_3/build.xml:635: The following error occurred while executing this line:
/home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:265: The following error occurred while executing this line:
/home/ebtehal/lollah/ejbca_ce_6_0_3/bin/jboss.xml:501: exec returned: 1
Total time: 1 minute 10 seconds
______________
after that ia was added the driver and datasource on standalone.xml on JBOSS 7.1.1 server:
<datasources>
<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
<connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url>
<driver>h2</driver>
<security>
<user-name>sa</user-name>
<password>sa</password>
</security>
</datasource>
<datasource jndi-name="java:jboss/datasources/ejbcaDS" pool-name="ejbcalDS" enabled="true" use-java-context="true">
<connection-url>jdbc:mysql://127.0.0.1:3306/ejbca?characterEncoding=UTF-8</connection-url>
<driver>com.mysql.jdbc.Driver</driver>
<security>
<user-name>ejbca</user-name>
<password>ejbca</password>
</security>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="com.mysql.jdbc.Driver" module="com.mysql.jdbc.Driver">
<xa-datasource-class>com.mysql.jdbc.Driver</xa-datasource-class>
</driver>
</drivers>
</datasources>
_________________
but still the same error on deploy......
|
|
From: nouchi d. <dno...@ya...> - 2014-01-23 14:15:36
|
Hi tomas thanks for your return. Question : This capacity (20-200 certificates per second) is avaible with Web Services two ? Can you confirm me that EJBCA offers only SOAP Web Services ? not REST (easier to use currently)? It is important because we use an application to deploy certificats and private keys on mobile phone (for SSO and strong autentication). Thanks and regards David ------------------- David NOUCHI Le Mercredi 22 janvier 2014 15h02, Tomas Gustavsson <to...@pr...> a écrit : EJBCA can handle that in just a few minutes :-) http://ejbca.org/docs/adminguide.html#Maximizing%20performance You can calculate between 20-200 certificates per second, depending on your configuration. Cheers, Tomas ----- PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact in...@pr... for more information. http://www.primekey.se/Services/Support/ http://www.primekey.se/Services/Training/ On 01/22/2014 10:06 AM, nouchi david wrote: > Hi, > > We plan to install EJBCA as PKI for internel server and mobile > certificates in my company. > > Ours requirements : using EJBCA SOAP Web Services (not REST Web Service > for that moment for EJBCA ?) to generate, delete, update certificats. > goal : 500 certificats by hours average with a possible peak to 10 000 > by days. > If CA root private key is corrupt : we need to generate 100 000 > certificat in 1 day if possible. Actually with use openssh installed > locally on a server but it is not a true PKI ... > > So i would like to be sure that software can hold the charge. I did not > find anything about EJBCA benchmark on the Web. > > If you have any experience return it will be great. > > Thanks in advance > > Regards > ------------------- > David NOUCHI > > > ------------------------------------------------------------------------------ > CenturyLink Cloud: The Leader in Enterprise Cloud Services. > Learn Why More Businesses Are Choosing CenturyLink Cloud For > Critical Workloads, Development Environments & Everything In Between. > Get a Quote or Start a Free Trial Today. > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ Ejbca-develop mailing list Ejb...@li... https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
From: Tomas G. <to...@pr...> - 2014-01-22 14:00:50
|
EJBCA can handle that in just a few minutes :-) http://ejbca.org/docs/adminguide.html#Maximizing%20performance You can calculate between 20-200 certificates per second, depending on your configuration. Cheers, Tomas ----- PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact in...@pr... for more information. http://www.primekey.se/Services/Support/ http://www.primekey.se/Services/Training/ On 01/22/2014 10:06 AM, nouchi david wrote: > Hi, > > We plan to install EJBCA as PKI for internel server and mobile > certificates in my company. > > Ours requirements : using EJBCA SOAP Web Services (not REST Web Service > for that moment for EJBCA ?) to generate, delete, update certificats. > goal : 500 certificats by hours average with a possible peak to 10 000 > by days. > If CA root private key is corrupt : we need to generate 100 000 > certificat in 1 day if possible. Actually with use openssh installed > locally on a server but it is not a true PKI ... > > So i would like to be sure that software can hold the charge. I did not > find anything about EJBCA benchmark on the Web. > > If you have any experience return it will be great. > > Thanks in advance > > Regards > ------------------- > David NOUCHI > > > ------------------------------------------------------------------------------ > CenturyLink Cloud: The Leader in Enterprise Cloud Services. > Learn Why More Businesses Are Choosing CenturyLink Cloud For > Critical Workloads, Development Environments & Everything In Between. > Get a Quote or Start a Free Trial Today. > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: nouchi d. <dno...@ya...> - 2014-01-22 09:07:06
|
Hi, We plan to install EJBCA as PKI for internel server and mobile certificates in my company. Ours requirements : using EJBCA SOAP Web Services (not REST Web Service for that moment for EJBCA ?) to generate, delete, update certificats. goal : 500 certificats by hours average with a possible peak to 10 000 by days. If CA root private key is corrupt : we need to generate 100 000 certificat in 1 day if possible. Actually with use openssh installed locally on a server but it is not a true PKI ... So i would like to be sure that software can hold the charge. I did not find anything about EJBCA benchmark on the Web. If you have any experience return it will be great. Thanks in advance Regards ------------------- David NOUCHI |
|
From: Tomas G. <to...@pr...> - 2014-01-07 15:21:14
|
Hmm, the only thing I find in the internet about HIFN-7956 describes an integrated circuit. If you manage to make it accessible to software using a decent PKCS#11 driver, it should be possible to use it :-) Seriously, all EJBCA needs is a decent PKCS#11 driver (whatever that means of course). I haven't heard of HIFN-7956 before though. Reliefing system load for issuing certificates really is only needed if you plan to issue many many millions of certificates in short time. Using an HSM is not that much faster actually, but it's more secure. The largest use case for HSM on a CA is security/audit compliance, and not performance. But perhaps you have a use case where you need to issue hundreds of millions of certificates in a few days? Cheers, Tomas On 01/06/2014 08:26 AM, Hans Witvliet wrote: > Hi all, > > Perhaps someone on the list can comment on it: > > Next week or so i can retrieve some HIFN-7956 crypto accelerators. > They were intended to be used for VPN's, but i wonder if they can also > be used (relief system load) when creating a batch of certificates. > > > Hans > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. Most IT > organizations don't have a clear picture of how application performance > affects their revenue. With AppDynamics, you get 100% visibility into your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Hans W. <hw...@a-...> - 2014-01-06 07:27:00
|
Hi all, Perhaps someone on the list can comment on it: Next week or so i can retrieve some HIFN-7956 crypto accelerators. They were intended to be used for VPN's, but i wonder if they can also be used (relief system load) when creating a batch of certificates. Hans |
|
From: Tomas G. <to...@pr...> - 2014-01-06 06:46:18
|
Hi Hans, Cool, and thanks for the report. We never tested EJBCA 6 on JBoss 6 actually (just EAP 6 which is JBoss 7). Cool that it works. Cheers, Tomas Hans Witvliet <hw...@a-...> wrote: >Hi all, > >just want to let you know that i finished a test-installation of >ejbca-6.0.3 on SLES11SP3. Except for my typo's, a smooth run. >Details can be found at: http://ejbca.minoss.nl/vm0017.pdf > >In this test run, i still used openjdk-6 and jboss-6.1.0 >(just changing one parameter at the time) > >On following test runs i'll use both openjdk-7 and IBM's java, together >with a more recent version of jboss. > > >Hans. > > >------------------------------------------------------------------------------ >Rapidly troubleshoot problems before they affect your business. Most IT > >organizations don't have a clear picture of how application performance > >affects their revenue. With AppDynamics, you get 100% visibility into >your >Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >AppDynamics Pro! >http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk >_______________________________________________ >Ejbca-develop mailing list >Ejb...@li... >https://lists.sourceforge.net/lists/listinfo/ejbca-develop -- PrimeKey Solutions AB Internet: www.primekey.se Twitter: twitter.com/primekeyPKI Mob: +46 (0)707421096 |
|
From: Andreas B. <ab...@an...> - 2014-01-06 06:11:19
|
Hi Hans Cool. Thank your for sharing your instructions. I'm pretty sure, the EJBCA specialists will comment. And hopefully add instructions for other FOSS distros than SUSE as well (is not a critic). :-) cheeers, hugi Am 05.01.2014 23:20, schrieb Hans Witvliet: > Hi all, > > just want to let you know that i finished a test-installation of > ejbca-6.0.3 on SLES11SP3. Except for my typo's, a smooth run. > Details can be found at: http://ejbca.minoss.nl/vm0017.pdf > > In this test run, i still used openjdk-6 and jboss-6.1.0 > (just changing one parameter at the time) > > On following test runs i'll use both openjdk-7 and IBM's java, together > with a more recent version of jboss. > > > Hans. > > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. Most IT > organizations don't have a clear picture of how application performance > affects their revenue. With AppDynamics, you get 100% visibility into your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > -- Andreas Bürki ab...@an... S/MIME certificate - SHA1 fingerprint: ED:A5:F3:60:70:8B:4C:16:44:18:96:AE:67:B9:CA:77:AE:DA:83:11 GnuPG - GPG fingerprint: 5DA7 5F48 25BD D2D7 E488 05DF 5A99 A321 7E42 0227 |
106 messages has been excluded from this view by a project administrator.
