Menu
▾
▴
ejbca-develop — Development discussions
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(3) |
Feb
(2) |
Mar
(8) |
Apr
(3) |
May
(6) |
Jun
(1) |
Jul
(15) |
Aug
(6) |
Sep
|
Oct
(10) |
Nov
(2) |
Dec
(4) |
| 2003 |
Jan
(1) |
Feb
(7) |
Mar
(3) |
Apr
(6) |
May
(7) |
Jun
(5) |
Jul
(5) |
Aug
(25) |
Sep
(14) |
Oct
(2) |
Nov
|
Dec
(2) |
| 2004 |
Jan
(7) |
Feb
(4) |
Mar
(12) |
Apr
(16) |
May
(43) |
Jun
(56) |
Jul
(43) |
Aug
(40) |
Sep
(66) |
Oct
(12) |
Nov
(26) |
Dec
(10) |
| 2005 |
Jan
(13) |
Feb
(33) |
Mar
(16) |
Apr
(7) |
May
(10) |
Jun
(34) |
Jul
(41) |
Aug
(8) |
Sep
(4) |
Oct
(32) |
Nov
(20) |
Dec
(25) |
| 2006 |
Jan
(30) |
Feb
(101) |
Mar
(5) |
Apr
(75) |
May
(74) |
Jun
(22) |
Jul
(6) |
Aug
(70) |
Sep
(19) |
Oct
(21) |
Nov
(31) |
Dec
(50) |
| 2007 |
Jan
(15) |
Feb
(20) |
Mar
(24) |
Apr
(33) |
May
(13) |
Jun
(18) |
Jul
(13) |
Aug
(7) |
Sep
(63) |
Oct
(68) |
Nov
(29) |
Dec
(68) |
| 2008 |
Jan
(30) |
Feb
(33) |
Mar
(30) |
Apr
(103) |
May
(78) |
Jun
(48) |
Jul
(72) |
Aug
(24) |
Sep
(62) |
Oct
(63) |
Nov
(70) |
Dec
(37) |
| 2009 |
Jan
(34) |
Feb
(35) |
Mar
(64) |
Apr
(34) |
May
(34) |
Jun
(58) |
Jul
(30) |
Aug
(30) |
Sep
(46) |
Oct
(52) |
Nov
(12) |
Dec
(23) |
| 2010 |
Jan
(121) |
Feb
(18) |
Mar
(53) |
Apr
(62) |
May
(62) |
Jun
(20) |
Jul
(33) |
Aug
(20) |
Sep
(36) |
Oct
(35) |
Nov
(44) |
Dec
(63) |
| 2011 |
Jan
(19) |
Feb
(32) |
Mar
(94) |
Apr
(41) |
May
(47) |
Jun
(25) |
Jul
(34) |
Aug
(20) |
Sep
(9) |
Oct
(41) |
Nov
(33) |
Dec
(24) |
| 2012 |
Jan
(12) |
Feb
(36) |
Mar
(48) |
Apr
(32) |
May
(20) |
Jun
(15) |
Jul
(32) |
Aug
(13) |
Sep
(33) |
Oct
(54) |
Nov
(25) |
Dec
(16) |
| 2013 |
Jan
(45) |
Feb
(39) |
Mar
(38) |
Apr
(50) |
May
(29) |
Jun
(30) |
Jul
(33) |
Aug
(12) |
Sep
(9) |
Oct
(25) |
Nov
(29) |
Dec
(20) |
| 2014 |
Jan
(25) |
Feb
(19) |
Mar
(16) |
Apr
(33) |
May
(27) |
Jun
(37) |
Jul
(29) |
Aug
(27) |
Sep
(37) |
Oct
(58) |
Nov
(109) |
Dec
(26) |
| 2015 |
Jan
(4) |
Feb
(35) |
Mar
(22) |
Apr
(35) |
May
(28) |
Jun
(20) |
Jul
(4) |
Aug
(16) |
Sep
(37) |
Oct
(13) |
Nov
(13) |
Dec
(14) |
| 2016 |
Jan
(22) |
Feb
(7) |
Mar
(23) |
Apr
(30) |
May
(10) |
Jun
(10) |
Jul
(15) |
Aug
(12) |
Sep
(22) |
Oct
(31) |
Nov
(5) |
Dec
(5) |
| 2017 |
Jan
(30) |
Feb
(25) |
Mar
(28) |
Apr
(4) |
May
(19) |
Jun
(13) |
Jul
(7) |
Aug
(1) |
Sep
(2) |
Oct
(5) |
Nov
(12) |
Dec
(2) |
| 2018 |
Jan
(7) |
Feb
|
Mar
(7) |
Apr
(2) |
May
(8) |
Jun
(18) |
Jul
(6) |
Aug
(3) |
Sep
(15) |
Oct
(33) |
Nov
(13) |
Dec
(7) |
| 2019 |
Jan
(5) |
Feb
(7) |
Mar
(30) |
Apr
(5) |
May
(4) |
Jun
(69) |
Jul
(86) |
Aug
(22) |
Sep
(6) |
Oct
(7) |
Nov
(5) |
Dec
(3) |
| 2020 |
Jan
(10) |
Feb
(12) |
Mar
(22) |
Apr
(5) |
May
(1) |
Jun
(4) |
Jul
(6) |
Aug
|
Sep
(9) |
Oct
|
Nov
|
Dec
(1) |
| 2021 |
Jan
(4) |
Feb
(11) |
Mar
(7) |
Apr
(7) |
May
|
Jun
(3) |
Jul
(10) |
Aug
(6) |
Sep
|
Oct
|
Nov
(18) |
Dec
(2) |
| 2022 |
Jan
(1) |
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
(5) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Daniel J. <Dan...@e-...> - 2013-07-10 09:57:47
|
I don't understand why i can't create key with clientToolBox for the
following reason: slotListIndex is 1 but token only has 1 slots
ckinfo display:
PKCS#11 library CK_INFO
interface version 2.01
flags 0
manufacturerID "nCipher Corp. Ltd "
libraryDescription "nCipher PKCS#11 1.71.21 "
implementation version 1.71
slots[0] CK_SLOT_INFO
slotDescription "Racine "
manufacturerID "nCipher Corp. Ltd "
flags 6
flags & CKF_REMOVABLE_DEVICE
flags & CKF_HW_SLOT
hardware version 0.00
firmware version 0.00
slots[0] Token not present
slots[1] CK_SLOT_INFO
slotDescription "SRV "
manufacturerID "nCipher Corp. Ltd "
flags 6
flags & CKF_REMOVABLE_DEVICE
flags & CKF_HW_SLOT
hardware version 0.00
firmware version 0.00
slots[1] Token not present
I have created the file /opt/nfast/cknfastrc :
CKNFAST_LOADSHARING=1
CKNFAST_NO_ACCELERATOR_SLOTS=1
CKNFAST_NO_UNWRAP=1
CKNFAST_OVERRIDE_SECURITY_ASSURANCES=import
# CKNFAST_DEBUG=10
# CKNFAST_DEBUGFILE=/tmp/nfast.debug
the trace log is:
2013-07-10 09:36:01,053 DEBUG [org.ejbca.util.keystore.KeyTools] name =
libcknfast.so-slot1
library = /opt/nfast/toolkits/pkcs11/libcknfast.so
slotListIndex = 1
attributes(*, *, *) = {
CKA_TOKEN = true
}
attributes(*, CKO_PUBLIC_KEY, *) = {
CKA_ENCRYPT = true
CKA_VERIFY = true
CKA_WRAP = true
}
attributes(*, CKO_PRIVATE_KEY, *) = {
CKA_PRIVATE = true
CKA_SENSITIVE = true
CKA_EXTRACTABLE = false
CKA_DECRYPT = true
CKA_SIGN = true
CKA_UNWRAP = true
}
2013-07-10 09:36:01,054 DEBUG [org.ejbca.util.keystore.KeyTools]
{SLOT_ID=[1],
PKCS11_NATIVE_MODULE=/opt/nfast/toolkits/pkcs11/libcknfast.so}
2013-07-10 09:36:01,058 INFO [org.ejbca.util.keystore.KeyTools] Using SUN
PKCS11 provider: sun.security.pkcs11.SunPKCS11
2013-07-10 09:36:01,156 ERROR [org.ejbca.util.keystore.KeyTools] Error
constructing pkcs11 provider: null
2013-07-10 09:36:01,158 ERROR [org.ejbca.ui.cli.HSMKeyTool] Command
'PKCS11HSMKeyTool generate /opt/nfast/toolkits/pkcs11/libcknfast.so null
pkcs11 4096 defaultSRV i1' could not be executed.
java.io.IOException: Error constructing pkcs11 provider: null
at
org.ejbca.util.keystore.KeyTools.getP11Provider(KeyTools.java:908)
at
org.ejbca.util.keystore.KeyTools.getP11Provider(KeyTools.java:864)
at
org.ejbca.util.keystore.KeyStoreContainerP11.getInstance(KeyStoreContainerP11.java:51)
at
org.ejbca.util.keystore.KeyStoreContainerFactory.getInstance(KeyStoreContainerFactory.java:55)
at org.ejbca.ui.cli.HSMKeyTool.doIt(HSMKeyTool.java:137)
at org.ejbca.ui.cli.HSMKeyTool.execute(HSMKeyTool.java:290)
at
org.ejbca.ui.cli.PKCS11HSMKeyTool.execute(PKCS11HSMKeyTool.java:47)
at
org.ejbca.ui.cli.ClientToolBox.executeIfSelected(ClientToolBox.java:40)
at org.ejbca.ui.cli.ClientToolBox.main(ClientToolBox.java:70)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
at
org.ejbca.util.keystore.KeyTools.getP11Provider(KeyTools.java:905)
... 8 more
Caused by: java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:358)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:107)
... 13 more
Caused by: java.security.ProviderException: slotListIndex is 1 but token
only has 1 slots
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:340)
... 14 more
ckinfo give the index 1 for SRV. How do yo explain this ?
Kind regards
Daniel JAMET
Direction DPM
Tél : +33 1 55 23 31 70
dan...@e-...
____________________________
Société d'Exploitation de Réseaux et de Services Sécurisés
Immeuble "Le Linéa"
1, rue du Général Leclerc
92800 PUTEAUX
|
|
From: Henrik <Hen...@Go...> - 2013-07-05 09:16:13
|
Hi Andres, thanks! I replaced "USERGENERATED" with "CERTIFICATE" and it solved the issue. Seems I misinterpreted a response in an old thread.[1] Best regards, Henrik [1] http://old.nabble.com/Pkcs10-Request-failed-td30404440.html On Thu, Jul 4, 2013 at 8:37 PM, ejbca-support <ejb...@pr...>wrote: > On 2013-07-04 15:59, Henrik wrote: > > Hi, > Hi, > > > > I'm currently using the EJBCA SOAP API for version 4.0.13 (r16055) of > EJBCA. > > It's working fine for creating new users, though when I try to create a > new certificate via the pkcs10Request method, I'm receiving an internal > error as response. However, when I take a look at the web interface, then > the certificate is created and I can download it. > > I pasted the request, the response, as well as infos from the log below. > > > > Any ideas what's going wrong? > > arg4 looks a bit strange IMO. > > > http://www.ejbca.org/ws/org/ejbca/core/protocol/ws/client/gen/EjbcaWS.html#pkcs10Request(java.lang.String, > java.lang.String, java.lang.String, java.lang.String, java.lang.String) > > Cheers > Anders > tech support > > > > > Best, > > --henrik > > > > > > Request: > > > > <?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:xsd=" > http://www.w3.org/2001/XMLSchema" xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance" xmlns:tns=" > http://ws.protocol.core.ejbca.org/" xmlns:env=" > http://schemas.xmlsoap.org/soap/envelope/"><env:Body><tns:pkcs10Request><arg0>dummyuser1234</arg0><arg1>foobar</arg1><arg2>-----BEGIN > CERTIFICATE REQUEST----- > > MIICXTCCAUUCAQAwGDEWMBQGA1UEAwwNZHVtbXl1c2VyMTIzNDCCASIwDQYJKoZI > > hvcNAQEBBQADggEPADCCAQoCggEBAK4QURYx8iEiNcaqwmh9NI29JFJ7DmUH2rFm > > MvLBcfqnkJLt+QKthlqfbk1F9eDfftaSfUteYYJi/DAolm3uFTXP+AAx+PEuxd85 > > Dr77Zd9NeLqB6qdATXab3ORr0iCaoiMMB+ZPxw+rGv2dtAA2NHLZoktGJ1x3aPQa > > C6VH6/mehXzcV2VLAZArpZp3burec56/v7T0aSO9K+4APnODsiqBsfgaM7S3WLDE > > Trdt0e9G1R1Arct3wxYLGb9RG8bFrkOQngCgCu6CYTxkOxaccqlNfZJN1tWFGmBf > > OgdaddRissfeWsRu07SfgINhN4iWHdFkdmVJA9m6zwF757sXw0MCAwEAAaAAMA0G > > CSqGSIb3DQEBBQUAA4IBAQCIPZwPjKwQJ58NP87qdKWFbIYIqx7lYyXujEHfokjO > > Z5nQCn/w/gZEPLm1mnisr4M+t6CDfyvOIdgzBPdayNfHQj76YtJ27dzECtu0dtoK > > HssqZdOWeS2kFjhPrNTOFIbLs84CjNFWZ7D79SGj1kHPUVl2fVp+UT1DK3F2mo3f > > /yQuHV25N/mJHM7Yg4ujb5l1W28vi8/HAfCgDSycPJ1evvPRBPoNVjfnWmbpGr9T > > 8IEdvr2P0IPqpkORY2GAJwOuUECGehYEFeu0rzHyMtnj/q7IEDlg4EEuB+2s+aEJ > > fmDFdlNeVB89LlHDCjVFhZhjMeIasmwVMuCAXptKwM0f > > -----END CERTIFICATE REQUEST----- > > > </arg2><arg3>NULL</arg3><arg4>USERGENERATED</arg4></tns:pkcs10Request></env:Body></env:Envelope> > > > > > > Response: > > > > <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><env:Header></env:Header><env:Body><env:Fault > xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><faultcode>env:Server</faultcode><faultstring>org.ejbca.core.EjbcaException</faultstring><detail><ns2:EjbcaException > xmlns:ns2='http://ws.protocol.core.ejbca.org/ > '><errorCode><internalErrorCode>INTERNAL_ERROR</internalErrorCode></errorCode></ns2:EjbcaException></detail></env:Fault></env:Body></env:Envelope> > > > > > > Log and stacktrace from EJBCA: > > > > 12:05:59,619 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_USERAUTHENTICATION, Administrator : CLIENTCERT > : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", > User : dummyuser1234, Certificate : No certificate involved, Comment : > Authenticated user dummyuser1234. > > 12:05:59,636 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_USERAUTHENTICATION, Administrator : CLIENTCERT > : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", > User : dummyuser1234, Certificate : No certificate involved, Comment : > Authenticated user dummyuser1234. > > 12:05:59,648 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_REQUESTCERTIFICATE, Administrator : CLIENTCERT > : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", > User : dummyuser1234, Certificate : No certificate involved, Comment : > Received certificate request for user dummyuser1234 for CA -2132324774 with > certificate profile 1. > > 12:05:59,694 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_STORECERTIFICATE, Administrator : CLIENTCERT : > Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User > : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA > Tea,C=DE", Comment : Certificate stored. > > 12:05:59,705 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_CREATECERTIFICATE, Administrator : CLIENTCERT : > Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User > : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA > Tea,C=DE", Comment : Certificate issued to user dummyuser1234. > > 12:05:59,721 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_STORECERTIFICATE, Administrator : CLIENTCERT : > Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User > : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA > Tea,C=DE", Comment : Storing certificate request history successful for > user dummyuser1234. > > 12:05:59,743 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, RA, EVENT_INFO_CHANGEDENDENTITY, Administrator : INTERNALUSER, > User : dummyuser1234, Certificate : No certificate involved, Comment : > Edited end entity dummyuser1234, new status 40. > > 12:05:59,755 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, CA, EVENT_INFO_CHANGEDENDENTITY, Administrator : INTERNALUSER, > User : dummyuser1234, Certificate : No certificate involved, Comment : > Changed status for 'dummyuser1234' to STATUS_GENERATED. > > 12:05:59,766 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : > -2132324774, HARDTOKEN, EVENT_INFO_HARDTOKENCERTIFICATEMAP, Administrator : > CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA > Tea,C=DE", User : No user involved, Certificate : No certificate involved, > Comment : Certificate mapping added, certificatesn: 3E37355A9452FFF2, > tokensn: NULL. > > 12:05:59,771 ERROR [EjbcaWSHelper] EJBCA WebService error > > java.lang.NullPointerException > > at org.bouncycastle.util.encoders.Base64.encode(Unknown Source) > > at org.ejbca.util.Base64.encode(Base64.java:48) > > at org.ejbca.util.Base64.encode(Base64.java:37) > > at > org.ejbca.core.protocol.ws.objects.CertificateResponse.<init>(CertificateResponse.java:43) > > at > org.ejbca.core.protocol.ws.EjbcaWS.pkcs10Request(EjbcaWS.java:885) > > at sun.reflect.GeneratedMethodAccessor598.invoke(Unknown Source) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:616) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > > at > org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > > at > org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > > at > org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > > at sun.reflect.GeneratedMethodAccessor537.invoke(Unknown Source) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:616) > > at > org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > > at > org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1524145666.invoke(InvocationContextInterceptor_z_fillMethod_1524145666.java) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > > at > org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1524145666.invoke(InvocationContextInterceptor_z_setup_1524145666.java) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) > > at > org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:306) > > at > org.jboss.ejb3.stateless.StatelessContainer.invokeEndpoint(StatelessContainer.java:662) > > at > org.jboss.wsf.container.jboss50.invocation.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:96) > > at > org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:222) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:474) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:295) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:205) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:131) > > at > org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > > at > org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) > > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) > > at > org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) > > at > org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) > > at > org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > > at > org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) > > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) > > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > > at java.lang.Thread.run(Thread.java:679) > > 12:05:59,773 WARN [StatelessBeanContext] EJBTHREE-1337: do not get > WebServiceContext property from stateless bean context, it should already > have been injected > > 12:05:59,775 ERROR [SOAPFaultHelperJAXWS] SOAP request exception > > org.ejbca.core.EjbcaException > > at > org.ejbca.core.protocol.ws.EjbcaWSHelper.getEjbcaException(EjbcaWSHelper.java:824) > > at > org.ejbca.core.protocol.ws.EjbcaWSHelper.getInternalException(EjbcaWSHelper.java:816) > > at > org.ejbca.core.protocol.ws.EjbcaWS.pkcs10Request(EjbcaWS.java:897) > > at sun.reflect.GeneratedMethodAccessor598.invoke(Unknown Source) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:616) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > > at > org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > > at > org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > > at > org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > > at sun.reflect.GeneratedMethodAccessor537.invoke(Unknown Source) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:616) > > at > org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > > at > org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1524145666.invoke(InvocationContextInterceptor_z_fillMethod_1524145666.java) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > > at > org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1524145666.invoke(InvocationContextInterceptor_z_setup_1524145666.java) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) > > at > org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > > at > org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:306) > > at > org.jboss.ejb3.stateless.StatelessContainer.invokeEndpoint(StatelessContainer.java:662) > > at > org.jboss.wsf.container.jboss50.invocation.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:96) > > at > org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:222) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:474) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:295) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:205) > > at > org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:131) > > at > org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > > at > org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) > > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) > > at > org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) > > at > org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) > > at > org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > > at > org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) > > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) > > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > > at java.lang.Thread.run(Thread.java:679) > > > > > > > > > ------------------------------------------------------------------------------ > > This SF.net email is sponsored by Windows: > > > > Build for Windows Store. > > > > http://p.sf.net/sfu/windows-dev2dev > > > > > > > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > |
|
From: ejbca-support <ejb...@pr...> - 2013-07-04 18:37:57
|
On 2013-07-04 15:59, Henrik wrote: > Hi, Hi, > > I'm currently using the EJBCA SOAP API for version 4.0.13 (r16055) of EJBCA. > It's working fine for creating new users, though when I try to create a new certificate via the pkcs10Request method, I'm receiving an internal error as response. However, when I take a look at the web interface, then the certificate is created and I can download it. > I pasted the request, the response, as well as infos from the log below. > > Any ideas what's going wrong? arg4 looks a bit strange IMO. http://www.ejbca.org/ws/org/ejbca/core/protocol/ws/client/gen/EjbcaWS.html#pkcs10Request(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String) Cheers Anders tech support > > Best, > --henrik > > > Request: > > <?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tns="http://ws.protocol.core.ejbca.org/" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Body><tns:pkcs10Request><arg0>dummyuser1234</arg0><arg1>foobar</arg1><arg2>-----BEGIN CERTIFICATE REQUEST----- > MIICXTCCAUUCAQAwGDEWMBQGA1UEAwwNZHVtbXl1c2VyMTIzNDCCASIwDQYJKoZI > hvcNAQEBBQADggEPADCCAQoCggEBAK4QURYx8iEiNcaqwmh9NI29JFJ7DmUH2rFm > MvLBcfqnkJLt+QKthlqfbk1F9eDfftaSfUteYYJi/DAolm3uFTXP+AAx+PEuxd85 > Dr77Zd9NeLqB6qdATXab3ORr0iCaoiMMB+ZPxw+rGv2dtAA2NHLZoktGJ1x3aPQa > C6VH6/mehXzcV2VLAZArpZp3burec56/v7T0aSO9K+4APnODsiqBsfgaM7S3WLDE > Trdt0e9G1R1Arct3wxYLGb9RG8bFrkOQngCgCu6CYTxkOxaccqlNfZJN1tWFGmBf > OgdaddRissfeWsRu07SfgINhN4iWHdFkdmVJA9m6zwF757sXw0MCAwEAAaAAMA0G > CSqGSIb3DQEBBQUAA4IBAQCIPZwPjKwQJ58NP87qdKWFbIYIqx7lYyXujEHfokjO > Z5nQCn/w/gZEPLm1mnisr4M+t6CDfyvOIdgzBPdayNfHQj76YtJ27dzECtu0dtoK > HssqZdOWeS2kFjhPrNTOFIbLs84CjNFWZ7D79SGj1kHPUVl2fVp+UT1DK3F2mo3f > /yQuHV25N/mJHM7Yg4ujb5l1W28vi8/HAfCgDSycPJ1evvPRBPoNVjfnWmbpGr9T > 8IEdvr2P0IPqpkORY2GAJwOuUECGehYEFeu0rzHyMtnj/q7IEDlg4EEuB+2s+aEJ > fmDFdlNeVB89LlHDCjVFhZhjMeIasmwVMuCAXptKwM0f > -----END CERTIFICATE REQUEST----- > </arg2><arg3>NULL</arg3><arg4>USERGENERATED</arg4></tns:pkcs10Request></env:Body></env:Envelope> > > > Response: > > <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><env:Header></env:Header><env:Body><env:Fault xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><faultcode>env:Server</faultcode><faultstring>org.ejbca.core.EjbcaException</faultstring><detail><ns2:EjbcaException xmlns:ns2='http://ws.protocol.core.ejbca.org/'><errorCode><internalErrorCode>INTERNAL_ERROR</internalErrorCode></errorCode></ns2:EjbcaException></detail></env:Fault></env:Body></env:Envelope> > > > Log and stacktrace from EJBCA: > > 12:05:59,619 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_USERAUTHENTICATION, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : No certificate involved, Comment : Authenticated user dummyuser1234. > 12:05:59,636 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_USERAUTHENTICATION, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : No certificate involved, Comment : Authenticated user dummyuser1234. > 12:05:59,648 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_REQUESTCERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : No certificate involved, Comment : Received certificate request for user dummyuser1234 for CA -2132324774 with certificate profile 1. > 12:05:59,694 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_STORECERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA Tea,C=DE", Comment : Certificate stored. > 12:05:59,705 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_CREATECERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA Tea,C=DE", Comment : Certificate issued to user dummyuser1234. > 12:05:59,721 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_STORECERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA Tea,C=DE", Comment : Storing certificate request history successful for user dummyuser1234. > 12:05:59,743 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, RA, EVENT_INFO_CHANGEDENDENTITY, Administrator : INTERNALUSER, User : dummyuser1234, Certificate : No certificate involved, Comment : Edited end entity dummyuser1234, new status 40. > 12:05:59,755 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_CHANGEDENDENTITY, Administrator : INTERNALUSER, User : dummyuser1234, Certificate : No certificate involved, Comment : Changed status for 'dummyuser1234' to STATUS_GENERATED. > 12:05:59,766 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, HARDTOKEN, EVENT_INFO_HARDTOKENCERTIFICATEMAP, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : No user involved, Certificate : No certificate involved, Comment : Certificate mapping added, certificatesn: 3E37355A9452FFF2, tokensn: NULL. > 12:05:59,771 ERROR [EjbcaWSHelper] EJBCA WebService error > java.lang.NullPointerException > at org.bouncycastle.util.encoders.Base64.encode(Unknown Source) > at org.ejbca.util.Base64.encode(Base64.java:48) > at org.ejbca.util.Base64.encode(Base64.java:37) > at org.ejbca.core.protocol.ws.objects.CertificateResponse.<init>(CertificateResponse.java:43) > at org.ejbca.core.protocol.ws.EjbcaWS.pkcs10Request(EjbcaWS.java:885) > at sun.reflect.GeneratedMethodAccessor598.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:616) > at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > at sun.reflect.GeneratedMethodAccessor537.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:616) > at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1524145666.invoke(InvocationContextInterceptor_z_fillMethod_1524145666.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1524145666.invoke(InvocationContextInterceptor_z_setup_1524145666.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) > at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:306) > at org.jboss.ejb3.stateless.StatelessContainer.invokeEndpoint(StatelessContainer.java:662) > at org.jboss.wsf.container.jboss50.invocation.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:96) > at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:222) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:474) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:295) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:205) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:131) > at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) > at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > at java.lang.Thread.run(Thread.java:679) > 12:05:59,773 WARN [StatelessBeanContext] EJBTHREE-1337: do not get WebServiceContext property from stateless bean context, it should already have been injected > 12:05:59,775 ERROR [SOAPFaultHelperJAXWS] SOAP request exception > org.ejbca.core.EjbcaException > at org.ejbca.core.protocol.ws.EjbcaWSHelper.getEjbcaException(EjbcaWSHelper.java:824) > at org.ejbca.core.protocol.ws.EjbcaWSHelper.getInternalException(EjbcaWSHelper.java:816) > at org.ejbca.core.protocol.ws.EjbcaWS.pkcs10Request(EjbcaWS.java:897) > at sun.reflect.GeneratedMethodAccessor598.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:616) > at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) > at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) > at sun.reflect.GeneratedMethodAccessor537.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:616) > at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1524145666.invoke(InvocationContextInterceptor_z_fillMethod_1524145666.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1524145666.invoke(InvocationContextInterceptor_z_setup_1524145666.java) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) > at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) > at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:306) > at org.jboss.ejb3.stateless.StatelessContainer.invokeEndpoint(StatelessContainer.java:662) > at org.jboss.wsf.container.jboss50.invocation.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:96) > at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:222) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:474) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:295) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:205) > at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:131) > at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) > at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) > at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) > at java.lang.Thread.run(Thread.java:679) > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Henrik <Hen...@Go...> - 2013-07-04 14:00:05
|
Hi, I'm currently using the EJBCA SOAP API for version 4.0.13 (r16055) of EJBCA. It's working fine for creating new users, though when I try to create a new certificate via the pkcs10Request method, I'm receiving an internal error as response. However, when I take a look at the web interface, then the certificate is created and I can download it. I pasted the request, the response, as well as infos from the log below. Any ideas what's going wrong? Best, --henrik Request: <?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:xsd=" http://www.w3.org/2001/XMLSchema" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance" xmlns:tns=" http://ws.protocol.core.ejbca.org/" xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/"><env:Body><tns:pkcs10Request><arg0>dummyuser1234</arg0><arg1>foobar</arg1><arg2>-----BEGIN CERTIFICATE REQUEST----- MIICXTCCAUUCAQAwGDEWMBQGA1UEAwwNZHVtbXl1c2VyMTIzNDCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAK4QURYx8iEiNcaqwmh9NI29JFJ7DmUH2rFm MvLBcfqnkJLt+QKthlqfbk1F9eDfftaSfUteYYJi/DAolm3uFTXP+AAx+PEuxd85 Dr77Zd9NeLqB6qdATXab3ORr0iCaoiMMB+ZPxw+rGv2dtAA2NHLZoktGJ1x3aPQa C6VH6/mehXzcV2VLAZArpZp3burec56/v7T0aSO9K+4APnODsiqBsfgaM7S3WLDE Trdt0e9G1R1Arct3wxYLGb9RG8bFrkOQngCgCu6CYTxkOxaccqlNfZJN1tWFGmBf OgdaddRissfeWsRu07SfgINhN4iWHdFkdmVJA9m6zwF757sXw0MCAwEAAaAAMA0G CSqGSIb3DQEBBQUAA4IBAQCIPZwPjKwQJ58NP87qdKWFbIYIqx7lYyXujEHfokjO Z5nQCn/w/gZEPLm1mnisr4M+t6CDfyvOIdgzBPdayNfHQj76YtJ27dzECtu0dtoK HssqZdOWeS2kFjhPrNTOFIbLs84CjNFWZ7D79SGj1kHPUVl2fVp+UT1DK3F2mo3f /yQuHV25N/mJHM7Yg4ujb5l1W28vi8/HAfCgDSycPJ1evvPRBPoNVjfnWmbpGr9T 8IEdvr2P0IPqpkORY2GAJwOuUECGehYEFeu0rzHyMtnj/q7IEDlg4EEuB+2s+aEJ fmDFdlNeVB89LlHDCjVFhZhjMeIasmwVMuCAXptKwM0f -----END CERTIFICATE REQUEST----- </arg2><arg3>NULL</arg3><arg4>USERGENERATED</arg4></tns:pkcs10Request></env:Body></env:Envelope> Response: <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><env:Header></env:Header><env:Body><env:Fault xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><faultcode>env:Server</faultcode><faultstring>org.ejbca.core.EjbcaException</faultstring><detail><ns2:EjbcaException xmlns:ns2='http://ws.protocol.core.ejbca.org/ '><errorCode><internalErrorCode>INTERNAL_ERROR</internalErrorCode></errorCode></ns2:EjbcaException></detail></env:Fault></env:Body></env:Envelope> Log and stacktrace from EJBCA: 12:05:59,619 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_USERAUTHENTICATION, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : No certificate involved, Comment : Authenticated user dummyuser1234. 12:05:59,636 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_USERAUTHENTICATION, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : No certificate involved, Comment : Authenticated user dummyuser1234. 12:05:59,648 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_REQUESTCERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : No certificate involved, Comment : Received certificate request for user dummyuser1234 for CA -2132324774 with certificate profile 1. 12:05:59,694 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_STORECERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA Tea,C=DE", Comment : Certificate stored. 12:05:59,705 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_CREATECERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA Tea,C=DE", Comment : Certificate issued to user dummyuser1234. 12:05:59,721 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_STORECERTIFICATE, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : dummyuser1234, Certificate : 3E37355A9452FFF2 : issuer: "CN=TeaCA,O=EJBCA Tea,C=DE", Comment : Storing certificate request history successful for user dummyuser1234. 12:05:59,743 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, RA, EVENT_INFO_CHANGEDENDENTITY, Administrator : INTERNALUSER, User : dummyuser1234, Certificate : No certificate involved, Comment : Edited end entity dummyuser1234, new status 40. 12:05:59,755 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, CA, EVENT_INFO_CHANGEDENDENTITY, Administrator : INTERNALUSER, User : dummyuser1234, Certificate : No certificate involved, Comment : Changed status for 'dummyuser1234' to STATUS_GENERATED. 12:05:59,766 INFO [Log4jLogDevice] 2013-07-04 12:05:59+00:00, CAId : -2132324774, HARDTOKEN, EVENT_INFO_HARDTOKENCERTIFICATEMAP, Administrator : CLIENTCERT : Certificate SNR : 463B610FCE33AF3A : DN : "CN=TeaCA,O=EJBCA Tea,C=DE", User : No user involved, Certificate : No certificate involved, Comment : Certificate mapping added, certificatesn: 3E37355A9452FFF2, tokensn: NULL. 12:05:59,771 ERROR [EjbcaWSHelper] EJBCA WebService error java.lang.NullPointerException at org.bouncycastle.util.encoders.Base64.encode(Unknown Source) at org.ejbca.util.Base64.encode(Base64.java:48) at org.ejbca.util.Base64.encode(Base64.java:37) at org.ejbca.core.protocol.ws.objects.CertificateResponse.<init>(CertificateResponse.java:43) at org.ejbca.core.protocol.ws.EjbcaWS.pkcs10Request(EjbcaWS.java:885) at sun.reflect.GeneratedMethodAccessor598.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) at sun.reflect.GeneratedMethodAccessor537.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1524145666.invoke(InvocationContextInterceptor_z_fillMethod_1524145666.java) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1524145666.invoke(InvocationContextInterceptor_z_setup_1524145666.java) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:306) at org.jboss.ejb3.stateless.StatelessContainer.invokeEndpoint(StatelessContainer.java:662) at org.jboss.wsf.container.jboss50.invocation.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:96) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:222) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:474) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:295) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:205) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:131) at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:679) 12:05:59,773 WARN [StatelessBeanContext] EJBTHREE-1337: do not get WebServiceContext property from stateless bean context, it should already have been injected 12:05:59,775 ERROR [SOAPFaultHelperJAXWS] SOAP request exception org.ejbca.core.EjbcaException at org.ejbca.core.protocol.ws.EjbcaWSHelper.getEjbcaException(EjbcaWSHelper.java:824) at org.ejbca.core.protocol.ws.EjbcaWSHelper.getInternalException(EjbcaWSHelper.java:816) at org.ejbca.core.protocol.ws.EjbcaWS.pkcs10Request(EjbcaWS.java:897) at sun.reflect.GeneratedMethodAccessor598.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) at org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext(EJBContainerInvocationWrapper.java:69) at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:73) at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:59) at sun.reflect.GeneratedMethodAccessor537.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:72) at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1524145666.invoke(InvocationContextInterceptor_z_fillMethod_1524145666.java) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:88) at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1524145666.invoke(InvocationContextInterceptor_z_setup_1524145666.java) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:201) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:306) at org.jboss.ejb3.stateless.StatelessContainer.invokeEndpoint(StatelessContainer.java:662) at org.jboss.wsf.container.jboss50.invocation.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:96) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:222) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:474) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:295) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:205) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:131) at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:679) |
|
From: Branko M. <br...@ma...> - 2013-07-02 08:30:50
|
On Mon, 01 Jul 2013 21:49:48 +0200 Gémes Géza <ge...@kz...> wrote: > Hi, > > Looking for a way to generate cert for Samba4/Heimdal based pkinit (with > 1.3.6.1.5.2.3.5 eku) I've found: > https://jira.primekey.se/browse/ECA-2612 > This seems to be applied at 5.0.4, can I legally/technically apply it > against 4.0.16? > Will it be included in 4.0.x at some version? > > Cheers > > Geza Gemes > Hello Géza, There's neither technical nor legal problems to apply this to branch 4 (EJBCA is LGPLv2.1 or later). The above patch is more of a configuration thing than actual code. Just make sure you use the first next identifier number for oid and name in the file (e.g. extendedkeyusage.oid.26). We could/should probably apply this one against 4.0.x as well, to be honest (it's such a tiny thing). Best regards -- Branko Majic Jabber: br...@ma... Please use only Free formats when sending attachments to me. Бранко Мајић Џабер: br...@ma... Молим вас да додатке шаљете искључиво у слободним форматима. |
|
From: Gémes G. <ge...@kz...> - 2013-07-02 05:38:51
|
2013-07-02 06:41 keltezéssel, ejbca-support írta: > On 2013-07-02 06:34, Gémes Géza wrote: >> Hi, >> >> I've added a new EKU (from https://jira.primekey.se/browse/ECA-2612) to >> extendedkeyusage.properties and did an ant deploy. No errors were >> reported, but the new EKU is still missing when tried to add it to a >> certificate profile. > > Hi Geza, > Note that new extensions must be added in a strict numeric sequence as described in the file. > > Cheers > Anders > > Thank you Anders! That was it, I feel so dumb. Cheers Geza Gemes |
|
From: ejbca-support <ejb...@pr...> - 2013-07-02 04:41:29
|
On 2013-07-02 06:34, Gémes Géza wrote: > Hi, > > I've added a new EKU (from https://jira.primekey.se/browse/ECA-2612) to > extendedkeyusage.properties and did an ant deploy. No errors were > reported, but the new EKU is still missing when tried to add it to a > certificate profile. Hi Geza, Note that new extensions must be added in a strict numeric sequence as described in the file. Cheers Anders > > Thank you in advance! > > Cheers > > Geza Gemes > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Gémes G. <ge...@kz...> - 2013-07-02 04:35:23
|
Hi, I've added a new EKU (from https://jira.primekey.se/browse/ECA-2612) to extendedkeyusage.properties and did an ant deploy. No errors were reported, but the new EKU is still missing when tried to add it to a certificate profile. Thank you in advance! Cheers Geza Gemes |
|
From: Gémes G. <ge...@kz...> - 2013-07-01 19:50:17
|
Hi, Looking for a way to generate cert for Samba4/Heimdal based pkinit (with 1.3.6.1.5.2.3.5 eku) I've found: https://jira.primekey.se/browse/ECA-2612 This seems to be applied at 5.0.4, can I legally/technically apply it against 4.0.16? Will it be included in 4.0.x at some version? Cheers Geza Gemes |
|
From: Henrik <Hen...@Go...> - 2013-07-01 14:19:31
|
Hi Andres, So what you're suggesting is, that I build an own RA application with self service portal that uses the SOAP API of EJBCA to create certificates, rather than extending EJBCA with a custom data source. At the moment it sounds like a potentially error prone/insecure solution in a supposedly secure environment. Hm... I'll have to think about it some more. Though thanks for the suggestion! Gave me food for thought. Kind regards, Henrik On Mon, Jul 1, 2013 at 3:08 PM, ejbca-support <ejb...@pr...>wrote: > On 2013-07-01 14:50, Henrik wrote: > > Hi Anders, > > > > They'd be distributed via the self-service WebUI which EJBCA ships with. > > However, the people who're supposed to use the self-service UI would > need to have accounts first. And these accounts should use their already > stored passwords and should only allow them to request certificates for the > EndEntities they're responsible for. (Information that's stored in the > databases) > > > > That would be the intended use case. > > Hi Henrik, > This is a very common use-case and is usually addressed by a custom RA > application > which authenticates the user and starts the key generation in the user's > browser. > The custom RA typically uses Web Services to EJBCA or just some simple > scripting. > > That is, EJBCA is in this case used as a "certificate factory". > > Cheers > Anders > > > > > Kind regards, > > Henrik > > > > On Mon, Jul 1, 2013 at 2:35 PM, ejbca-support <ejb...@pr...<mailto: > ejb...@pr...>> wrote: > > > > On 2013-07-01 14:25, Henrik wrote: > > > Hi, > > > > > > I got the following (simplified) setup: > > > A database with user information (username, salted password hash, > as well as further user attributes), which is supposed to be read-only from > EJBCA perspective. > > > (It's actually two databases that need some logic to combine the > attributes.) > > > I'd like to use EJBCA in a way that the RA queries that setup when > a user wants to request a certificate for an end entity via the EJBCA web > interface. So when a user is supposed to log in with username and password, > these credentials should be retrieved from the custom setup. > > > I guess that is what the "Framework for External User Data > Sources" is for? > > > > http://www.ejbca.org/adminguide.html#Framework%20for%20External%20User%20Data%20Sources > > > > > > Is there a more detailed manual for this step available somewhere? > > > > > > My naive expectation was, that I'd have to implement an interface > with a function like fetchUser(name, passwd), where this would either > return nil if the user wasn't found or if the password didn't match, or it > would return a user/EndEntity instance if user was found and password did > match. > > > > > > However, what I found was some function fetch(Admin admin, Sting > searchstring), that returns a collection of UserDataSourceVO for all users > that matched the searchstring. > > > > > > It seems I'm misunderstanding the concept of a custom data source. > Can someone elaborate on it? > > > > > > So in a nutshell, my questions are: > > > > > > * How can I initialize users with username and password? > > > * What are custom data sources used for, if not for the above? > > > > I wouldn't bother too much with external data sources. > > The important thing is how certificates are to be distributed. > Cards, P12s, Browser, VPN-client etc. > > > > Cheers > > Anders > > tech support > > > > > > > > Kind regards, > > > Henrik > > > > > > > > > > ------------------------------------------------------------------------------ > > > This SF.net email is sponsored by Windows: > > > > > > Build for Windows Store. > > > > > > http://p.sf.net/sfu/windows-dev2dev > > > > > > > > > > > > _______________________________________________ > > > Ejbca-develop mailing list > > > Ejb...@li... <mailto: > Ejb...@li...> > > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > This SF.net email is sponsored by Windows: > > > > Build for Windows Store. > > > > http://p.sf.net/sfu/windows-dev2dev > > > > > > > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > |
|
From: ejbca-support <ejb...@pr...> - 2013-07-01 13:08:50
|
On 2013-07-01 14:50, Henrik wrote: > Hi Anders, > > They'd be distributed via the self-service WebUI which EJBCA ships with. > However, the people who're supposed to use the self-service UI would need to have accounts first. And these accounts should use their already stored passwords and should only allow them to request certificates for the EndEntities they're responsible for. (Information that's stored in the databases) > > That would be the intended use case. Hi Henrik, This is a very common use-case and is usually addressed by a custom RA application which authenticates the user and starts the key generation in the user's browser. The custom RA typically uses Web Services to EJBCA or just some simple scripting. That is, EJBCA is in this case used as a "certificate factory". Cheers Anders > > Kind regards, > Henrik > > On Mon, Jul 1, 2013 at 2:35 PM, ejbca-support <ejb...@pr... <mailto:ejb...@pr...>> wrote: > > On 2013-07-01 14:25, Henrik wrote: > > Hi, > > > > I got the following (simplified) setup: > > A database with user information (username, salted password hash, as well as further user attributes), which is supposed to be read-only from EJBCA perspective. > > (It's actually two databases that need some logic to combine the attributes.) > > I'd like to use EJBCA in a way that the RA queries that setup when a user wants to request a certificate for an end entity via the EJBCA web interface. So when a user is supposed to log in with username and password, these credentials should be retrieved from the custom setup. > > I guess that is what the "Framework for External User Data Sources" is for? > > http://www.ejbca.org/adminguide.html#Framework%20for%20External%20User%20Data%20Sources > > > > Is there a more detailed manual for this step available somewhere? > > > > My naive expectation was, that I'd have to implement an interface with a function like fetchUser(name, passwd), where this would either return nil if the user wasn't found or if the password didn't match, or it would return a user/EndEntity instance if user was found and password did match. > > > > However, what I found was some function fetch(Admin admin, Sting searchstring), that returns a collection of UserDataSourceVO for all users that matched the searchstring. > > > > It seems I'm misunderstanding the concept of a custom data source. Can someone elaborate on it? > > > > So in a nutshell, my questions are: > > > > * How can I initialize users with username and password? > > * What are custom data sources used for, if not for the above? > > I wouldn't bother too much with external data sources. > The important thing is how certificates are to be distributed. Cards, P12s, Browser, VPN-client etc. > > Cheers > Anders > tech support > > > > > Kind regards, > > Henrik > > > > > > ------------------------------------------------------------------------------ > > This SF.net email is sponsored by Windows: > > > > Build for Windows Store. > > > > http://p.sf.net/sfu/windows-dev2dev > > > > > > > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... <mailto:Ejb...@li...> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Henrik <Hen...@Go...> - 2013-07-01 12:51:26
|
Hi Anders, They'd be distributed via the self-service WebUI which EJBCA ships with. However, the people who're supposed to use the self-service UI would need to have accounts first. And these accounts should use their already stored passwords and should only allow them to request certificates for the EndEntities they're responsible for. (Information that's stored in the databases) That would be the intended use case. Kind regards, Henrik On Mon, Jul 1, 2013 at 2:35 PM, ejbca-support <ejb...@pr...>wrote: > On 2013-07-01 14:25, Henrik wrote: > > Hi, > > > > I got the following (simplified) setup: > > A database with user information (username, salted password hash, as > well as further user attributes), which is supposed to be read-only from > EJBCA perspective. > > (It's actually two databases that need some logic to combine the > attributes.) > > I'd like to use EJBCA in a way that the RA queries that setup when a > user wants to request a certificate for an end entity via the EJBCA web > interface. So when a user is supposed to log in with username and password, > these credentials should be retrieved from the custom setup. > > I guess that is what the "Framework for External User Data Sources" is > for? > > > http://www.ejbca.org/adminguide.html#Framework%20for%20External%20User%20Data%20Sources > > > > Is there a more detailed manual for this step available somewhere? > > > > My naive expectation was, that I'd have to implement an interface with a > function like fetchUser(name, passwd), where this would either return nil > if the user wasn't found or if the password didn't match, or it would > return a user/EndEntity instance if user was found and password did match. > > > > However, what I found was some function fetch(Admin admin, Sting > searchstring), that returns a collection of UserDataSourceVO for all users > that matched the searchstring. > > > > It seems I'm misunderstanding the concept of a custom data source. Can > someone elaborate on it? > > > > So in a nutshell, my questions are: > > > > * How can I initialize users with username and password? > > * What are custom data sources used for, if not for the above? > > I wouldn't bother too much with external data sources. > The important thing is how certificates are to be distributed. Cards, > P12s, Browser, VPN-client etc. > > Cheers > Anders > tech support > > > > > Kind regards, > > Henrik > > > > > > > ------------------------------------------------------------------------------ > > This SF.net email is sponsored by Windows: > > > > Build for Windows Store. > > > > http://p.sf.net/sfu/windows-dev2dev > > > > > > > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > |
|
From: ejbca-support <ejb...@pr...> - 2013-07-01 12:35:50
|
On 2013-07-01 14:25, Henrik wrote: > Hi, > > I got the following (simplified) setup: > A database with user information (username, salted password hash, as well as further user attributes), which is supposed to be read-only from EJBCA perspective. > (It's actually two databases that need some logic to combine the attributes.) > I'd like to use EJBCA in a way that the RA queries that setup when a user wants to request a certificate for an end entity via the EJBCA web interface. So when a user is supposed to log in with username and password, these credentials should be retrieved from the custom setup. > I guess that is what the "Framework for External User Data Sources" is for? > http://www.ejbca.org/adminguide.html#Framework%20for%20External%20User%20Data%20Sources > > Is there a more detailed manual for this step available somewhere? > > My naive expectation was, that I'd have to implement an interface with a function like fetchUser(name, passwd), where this would either return nil if the user wasn't found or if the password didn't match, or it would return a user/EndEntity instance if user was found and password did match. > > However, what I found was some function fetch(Admin admin, Sting searchstring), that returns a collection of UserDataSourceVO for all users that matched the searchstring. > > It seems I'm misunderstanding the concept of a custom data source. Can someone elaborate on it? > > So in a nutshell, my questions are: > > * How can I initialize users with username and password? > * What are custom data sources used for, if not for the above? I wouldn't bother too much with external data sources. The important thing is how certificates are to be distributed. Cards, P12s, Browser, VPN-client etc. Cheers Anders tech support > > Kind regards, > Henrik > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Henrik <Hen...@Go...> - 2013-07-01 12:26:18
|
Hi, I got the following (simplified) setup: A database with user information (username, salted password hash, as well as further user attributes), which is supposed to be read-only from EJBCA perspective. (It's actually two databases that need some logic to combine the attributes.) I'd like to use EJBCA in a way that the RA queries that setup when a user wants to request a certificate for an end entity via the EJBCA web interface. So when a user is supposed to log in with username and password, these credentials should be retrieved from the custom setup. I guess that is what the "Framework for External User Data Sources" is for? http://www.ejbca.org/adminguide.html#Framework%20for%20External%20User%20Data%20Sources Is there a more detailed manual for this step available somewhere? My naive expectation was, that I'd have to implement an interface with a function like fetchUser(name, passwd), where this would either return nil if the user wasn't found or if the password didn't match, or it would return a user/EndEntity instance if user was found and password did match. However, what I found was some function fetch(Admin admin, Sting searchstring), that returns a collection of UserDataSourceVO for all users that matched the searchstring. It seems I'm misunderstanding the concept of a custom data source. Can someone elaborate on it? So in a nutshell, my questions are: * How can I initialize users with username and password? * What are custom data sources used for, if not for the above? Kind regards, Henrik |
|
From: Daniel J. <Dan...@e-...> - 2013-07-01 09:34:54
|
Anders,
Thanks for your explanation, My problem with clientToolBox is solved.
But now, I have another problem when I create a CA :
sun.security.pkcs11.wrapper.PKCS11Exception: CKR_FUNCTION_FAILED
Do you see anything ?
I use Jboss 6.1.0, EJBCA 4.0.13 and MySQL 5.1.66.
the log is:
2013-07-01 09:06:18,387 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Removing old and adding new accessrules and admin entitites to admin group
Public Web Users
2013-07-01 09:06:18,387 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
removing entities and rules for Public Web Users
2013-07-01 09:06:18,387 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
create public web group
2013-07-01 09:06:18,387 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created admin entity UNUSED
2013-07-01 09:06:18,392 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /public_web_user
2013-07-01 09:06:18,392 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /ca_functionality/basic_functions
2013-07-01 09:06:18,392 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /ca_functionality/view_certificate
2013-07-01 09:06:18,392 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /ca_functionality/create_certificate
2013-07-01 09:06:18,392 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /ca_functionality/store_certificate
2013-07-01 09:06:18,393 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /ra_functionality/view_end_entity
2013-07-01 09:06:18,393 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /ca
2013-07-01 09:06:18,393 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46975])
Created accessrule : /endentityprofilesrules
2013-07-01 09:06:18,459 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Checking if update neccessary
2013-07-01 09:06:18,460 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
updateAuthorizationTree
2013-07-01 09:06:18,469 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Is special user: 2001
2013-07-01 09:06:18,472 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
CA Token is CATOKENTYPE_HSM
2013-07-01 09:06:18,472 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
>init: sSlotLabelKey=slot, Signaturealg=SHA1WithRSA
2013-07-01 09:06:18,472 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Prop: {attributesFile=/opt/ejbca_4_0_13/conf/ocs-sunpkcs11_4.cfg,
hardTokenEncrypt=cryptRoot,
sharedLibrary=/opt/nfast/toolkits/pkcs11/libcknfast.so, pin=hidden,
defaultKey=defaultRoot , slotListIndex=1 , keyEncryptKey=cryptRoot,
testKey=testRoot}
2013-07-01 09:06:18,472 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
MaxAllowedKeyLength for DES is: 2147483647
2013-07-01 09:06:18,473 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Using cleartext autoactivation pin
2013-07-01 09:06:18,473 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
<init: sSlotLabelKey=slot, Signaturealg=SHA1WithRSA
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Failed to initialize PKCS11 provider slot '1'.
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
java.security.KeyStoreException: KeyStore instantiation failed
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1722)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.model.ca.catoken.PKCS11CAToken.activate(PKCS11CAToken.java:74)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.model.ca.catoken.CATokenContainerImpl.activate(CATokenContainerImpl.java:302)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean.createCA(CAAdminSessionBean.java:249)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.lang.reflect.Method.invoke(Method.java:616)
2013-07-01 09:06:18,484 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.container.ContainerMethodInvocationWrapper.invokeNext(ContainerMethodInvocationWrapper.java:72)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:76)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:62)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.reflect.GeneratedMethodAccessor384.invoke(Unknown Source)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.lang.reflect.Method.invoke(Method.java:616)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:74)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_659873291.invoke(InvocationContextInterceptor_z_fillMethod_659873291.java)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:90)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_659873291.invoke(InvocationContextInterceptor_z_setup_659873291.java)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,485 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.async.impl.interceptor.AsynchronousServerInterceptor.invoke(AsynchronousServerInterceptor.java:128)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.core.context.SessionInvocationContextAdapter.proceed(SessionInvocationContextAdapter.java:95)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:247)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.impl.CMTTxInterceptor.required(CMTTxInterceptor.java:349)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invoke(CMTTxInterceptor.java:209)
2013-07-01 09:06:18,486 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.aop.CMTTxInterceptorWrapper.invoke(CMTTxInterceptorWrapper.java:52)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:182)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.core.context.CurrentInvocationContextInterceptor.invoke(CurrentInvocationContextInterceptor.java:47)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,487 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:392)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.session.InvokableContextClassProxyHack._dynamicInvoke(InvokableContextClassProxyHack.java:53)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:91)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:967)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.completeInvocation(ServerThread.java:791)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:744)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:548)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:234)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: java.io.IOException: load failed
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:864)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore.load(KeyStore.java:1235)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1684)
2013-07-01 09:06:18,488 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1673)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.AccessController.doPrivileged(Native Method)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1719)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 66 more
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: javax.security.auth.login.LoginException
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.SunPKCS11.login(SunPKCS11.java:1132)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.P11KeyStore.login(P11KeyStore.java:874)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:855)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 71 more
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception:
CKR_FUNCTION_FAILED
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.wrapper.PKCS11.C_Login(Native Method)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.SunPKCS11.login(SunPKCS11.java:1116)
2013-07-01 09:06:18,489 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 73 more
2013-07-01 09:06:18,497 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
2013-07-01 09:06:18+00:00, CAId : 0, CA, EVENT_ERROR_CACREATED,
Administrator : CACMDLINE, User : No user involved, Certificate : No
certificate involved, Comment : Error when creating hard CA token.
Authorization code was wrong.
2013-07-01 09:06:18,498 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Exception :
2013-07-01 09:06:18,498 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
org.ejbca.core.model.ca.catoken.CATokenAuthenticationFailedException:
Failed to initialize PKCS11 provider slot '1'.
2013-07-01 09:06:18,498 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.model.ca.catoken.PKCS11CAToken.activate(PKCS11CAToken.java:99)
2013-07-01 09:06:18,498 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.model.ca.catoken.CATokenContainerImpl.activate(CATokenContainerImpl.java:302)
2013-07-01 09:06:18,498 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean.createCA(CAAdminSessionBean.java:249)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.container.ContainerMethodInvocationWrapper.invokeNext(ContainerMethodInvocationWrapper.java:72)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:76)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:62)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.reflect.GeneratedMethodAccessor384.invoke(Unknown Source)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.lang.reflect.Method.invoke(Method.java:616)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,499 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:74)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_659873291.invoke(InvocationContextInterceptor_z_fillMethod_659873291.java)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:90)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_659873291.invoke(InvocationContextInterceptor_z_setup_659873291.java)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.async.impl.interceptor.AsynchronousServerInterceptor.invoke(AsynchronousServerInterceptor.java:128)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,500 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.core.context.SessionInvocationContextAdapter.proceed(SessionInvocationContextAdapter.java:95)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:247)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.impl.CMTTxInterceptor.required(CMTTxInterceptor.java:349)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invoke(CMTTxInterceptor.java:209)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.tx2.aop.CMTTxInterceptorWrapper.invoke(CMTTxInterceptorWrapper.java:52)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:182)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
2013-07-01 09:06:18,501 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.core.context.CurrentInvocationContextInterceptor.invoke(CurrentInvocationContextInterceptor.java:47)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:392)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.ejb3.session.InvokableContextClassProxyHack._dynamicInvoke(InvokableContextClassProxyHack.java:53)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:91)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:967)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.completeInvocation(ServerThread.java:791)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:744)
2013-07-01 09:06:18,502 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:548)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:234)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: java.security.KeyStoreException: KeyStore instantiation failed
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1722)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at
org.ejbca.core.model.ca.catoken.PKCS11CAToken.activate(PKCS11CAToken.java:74)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 65 more
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: java.io.IOException: load failed
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:864)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore.load(KeyStore.java:1235)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1684)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2$1.run(KeyStore.java:1673)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.AccessController.doPrivileged(Native Method)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at java.security.KeyStore$Builder$2.getKeyStore(KeyStore.java:1719)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 66 more
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: javax.security.auth.login.LoginException
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.SunPKCS11.login(SunPKCS11.java:1132)
2013-07-01 09:06:18,503 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.P11KeyStore.login(P11KeyStore.java:874)
2013-07-01 09:06:18,504 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.P11KeyStore.engineLoad(P11KeyStore.java:855)
2013-07-01 09:06:18,504 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 71 more
2013-07-01 09:06:18,504 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception:
CKR_FUNCTION_FAILED
2013-07-01 09:06:18,504 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.wrapper.PKCS11.C_Login(Native Method)
2013-07-01 09:06:18,504 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
at sun.security.pkcs11.SunPKCS11.login(SunPKCS11.java:1116)
2013-07-01 09:06:18,504 INFO [STDOUT] (WorkerThread#0[127.0.0.1:46977])
... 73 more
Kind regards
Daniel JAMET
Direction DPM
Tél : +33 1 55 23 31 70
dan...@e-...
____________________________
Société d'Exploitation de Réseaux et de Services Sécurisés
Immeuble "Le Linéa"
1, rue du Général Leclerc
92800 PUTEAUX
De : ejbca-support <ejb...@pr...>
A : ejb...@li...
Cc : Tomas Gustavsson <to...@pr...>, Daniel JAMET
<Dan...@e-...>
Date : 25/06/2013 15:36
Objet : Re: [Ejbca-develop] EJBCA - create key whith clientToolBox
It looks like the java installation already contains a provider
definition which makes your new definition ignored.
Cheers
Anders
tech support
On 2013-06-25 15:26, Daniel JAMET wrote:
> clientToolBox run fine when you give it the path of library
libcknfast.so ant slotListIndex=1
>
> clientToolBox is in error when you give the path of configuration file :
ocs-sunpkcs11.cfg
>
> ocs-sunpkcs11.cfg:
>
> *name=NFastJava*
> *library=/opt/nfast/toolkits/pkcs11/libcknfast.so*
> *slotListIndex=1*
>
> *attributes(*, *, *) = {*
> * CKA_TOKEN = true*
> *}*
>
> *attributes(*, CKO_PUBLIC_KEY, * ) = {*
> * CKA_ENCRYPT = true*
> * CKA_WRAP = true *
> * CKA_VERIFY = true*
> *}*
>
> *attributes( *, CKO_PRIVATE_KEY, *) = {*
> * CKA_PRIVATE = false *
> * CKA_SENSITIVE = true*
> * CKA_SIGN = true*
> * CKA_DECRYPT = true*
> * CKA_EXTRACTABLE = false *
> * CKA_UNWRAP = true*
> *}*
>
> The log trace:
>
>
> *2013-06-25 13:23:47,115 INFO [org.ejbca.util.keystore.KeyTools] Using
SUN PKCS11 provider: sun.security.pkcs11.SunPKCS11*
> *2013-06-25 13:23:47,123 DEBUG
[org.ejbca.util.keystore.KeyStoreContainerP11] Adding provider with name:
SunPKCS11-NFastJava*
> *2013-06-25 13:23:47,123 DEBUG
[org.ejbca.util.keystore.KeyStoreContainerP11] Provider already exists,
not adding.*
> *2013-06-25 13:23:47,132 DEBUG
[org.ejbca.util.keystore.KeyStoreContainerBase] generating...*
> *2013-06-25 13:23:52,920 DEBUG
[org.ejbca.util.keystore.KeyStoreContainerBase] keystore signing algorithm
SHA1withRSA*
> *2013-06-25 13:23:52,953 ERROR [org.ejbca.ui.cli.HSMKeyTool] Command
'PKCS11HSMKeyTool generate /opt/ejbca/conf/sunpkcs11.cfg null pkcs11 4096
defaultTEST' could not be executed.*
> *java.security.ProviderException: Initialization failed*
> * at
sun.security.pkcs11.P11Signature.initialize(P11Signature.java:312)*
> * at
sun.security.pkcs11.P11Signature.engineInitSign(P11Signature.java:393)*
> * at
java.security.Signature$Delegate.engineInitSign(Signature.java:1113)*
> * at java.security.Signature.initSign(Signature.java:497)*
> * at org.bouncycastle.x509.X509Util.calculateSignature(Unknown
Source)*
> * at
org.bouncycastle.x509.X509V3CertificateGenerator.generate(Unknown Source)*
> * at
org.bouncycastle.x509.X509V3CertificateGenerator.generate(Unknown Source)*
> * at
org.ejbca.util.keystore.KeyStoreContainerBase.getSelfCertificate(KeyStoreContainerBase.java:144)*
> * at
org.ejbca.util.keystore.KeyStoreContainerBase.generate(KeyStoreContainerBase.java:285)*
> * at
org.ejbca.util.keystore.KeyStoreContainerBase.generateRSA(KeyStoreContainerBase.java:202)*
> * at
org.ejbca.util.keystore.KeyStoreContainerBase.generate(KeyStoreContainerBase.java:234)*
> * at org.ejbca.ui.cli.HSMKeyTool.doIt(HSMKeyTool.java:139)*
> * at org.ejbca.ui.cli.HSMKeyTool.execute(HSMKeyTool.java:290)*
> * at
org.ejbca.ui.cli.PKCS11HSMKeyTool.execute(PKCS11HSMKeyTool.java:47)*
> * at
org.ejbca.ui.cli.ClientToolBox.executeIfSelected(ClientToolBox.java:40)*
> * at org.ejbca.ui.cli.ClientToolBox.main(ClientToolBox.java:70)*
> *Caused by: sun.security.pkcs11.wrapper.PKCS11Exception:
CKR_KEY_FUNCTION_NOT_PERMITTED*
> * at sun.security.pkcs11.wrapper.PKCS11.C_SignInit(Native
Method)*
> * at
sun.security.pkcs11.P11Signature.initialize(P11Signature.java:304)*
> * ... 15 more*
>
>
> How explain this ?
>
> kind regards
>
> Daniel JAMET
> Direction DPM
> Tél : +33 1 55 23 31 70
> dan...@e-...
> ____________________________
> Société d'Exploitation de Réseaux et de Services Sécurisés
> Immeuble "Le Linéa"
> 1, rue du Général Leclerc
> 92800 PUTEAUX
>
>
>
------------------------------------------------------------------------------
> This SF.net email is sponsored by Windows:
>
> Build for Windows Store.
>
> http://p.sf.net/sfu/windows-dev2dev
>
>
>
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Ejbca-develop mailing list
Ejb...@li...
https://lists.sourceforge.net/lists/listinfo/ejbca-develop
|
|
From: Gémes G. <ge...@kz...> - 2013-06-30 10:09:17
|
2013-06-30 10:20 keltezéssel, ejbca-support írta: > On 2013-06-30 08:07, Gémes Géza wrote: > > Hi Geza, > > See server.log: > > 10:16:54,494 INFO [Log4jLogDevice] 2013-06-30 10:16:53+02:00, CAId : 0, SERVICE, EVENT_INFO_STARTING, Administrator : INTERNALUSER, Use > r : No user involved, Certificate : No certificate involved, Comment : Init, EJBCA 4.0.15 (r16671) startup. > > If it shows the wrong version ejbca.ear has not been updated. It may be removed manually. > > Cheers > Anders > tech support > > Thank you! It was my error deploying it to the wrong jboss instance :-( Cheers Geza Gemes |
|
From: ejbca-support <ejb...@pr...> - 2013-06-30 08:20:45
|
On 2013-06-30 08:07, Gémes Géza wrote: Hi Geza, See server.log: 10:16:54,494 INFO [Log4jLogDevice] 2013-06-30 10:16:53+02:00, CAId : 0, SERVICE, EVENT_INFO_STARTING, Administrator : INTERNALUSER, Use r : No user involved, Certificate : No certificate involved, Comment : Init, EJBCA 4.0.15 (r16671) startup. If it shows the wrong version ejbca.ear has not been updated. It may be removed manually. Cheers Anders tech support > Hi, > > First, sorry for being an ejbca noob. > Trying to upgrade from 4.0.14 to 40.0.16, I've followed the upgrade > instructions in the source by copying the config files and the p12 > directory to the new source dir and then doing ant deploy, but the > adminweb still reports EJBCA 4.0.14 (r16117), even after I've stopped > jboss, removed the content of work and tmp directories and the restarted it. > > Thank you in advance for any idea! > > Cheers > > Geza Gemes > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
|
From: Gémes G. <ge...@kz...> - 2013-06-30 06:07:29
|
Hi, First, sorry for being an ejbca noob. Trying to upgrade from 4.0.14 to 40.0.16, I've followed the upgrade instructions in the source by copying the config files and the p12 directory to the new source dir and then doing ant deploy, but the adminweb still reports EJBCA 4.0.14 (r16117), even after I've stopped jboss, removed the content of work and tmp directories and the restarted it. Thank you in advance for any idea! Cheers Geza Gemes |
|
From: Rooms G. <Guy...@te...> - 2013-06-28 14:03:54
|
Thomas, > Are you expecting to create identical CAs by multiple threads all the > time? Sounds like an extremely strange use case? No, they are not identical; we're just creating two new (and different) CA's on two different threads. > Why JBoss 6.0.0 in a new setup when there is 6.1.0 since several years? Good question, I'll be testing it with 6.1.0 asap > What version of EJBCA? Sorry, good point, we're using EJBC4_0_14 PS1: I had some problem with replying to your post, hope this is picked up in the correct thread PS2: will be out of office next week , not sure if I can respond next week. KR, Guy |
|
From: Tomas G. <to...@pr...> - 2013-06-28 12:11:01
|
Are you expecting to create identical CAs by multiple threads all the time? Sounds like an extremely strange use case? If your test does not mimic a realistic use case, it's hard to spend time examining it. Why JBoss 6.0.0 in a new setup when there is 6.1.0 since several years? What version of EJBCA? Cheers, Tomas On 06/28/2013 01:42 PM, Rooms Guy wrote: > Hi, > > We're currently working on a proof of concept on using ejbca (on Jboss 6.0.0.Final) & encountered an issue when > - creating CAs concurrently (using two threads).. > - ..using CAAdminSession.createCA method, > > Is this known and expected behavior / restriction ? (ref stack trace) > Note: both on postgress / h2. > > Regards, > > Guy. > > Stacktrace: > 17:43:45,365 ERROR [org.hibernate.event.def.AbstractFlushingEventListener] Could not synchronize database state with session: org.hibernate.StaleObjectStateException: Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect): [org.ejbca.core.ejb.authorization.AdminGroupData#389683609] > at org.hibernate.persister.entity.AbstractEntityPersister.check(AbstractEntityPersister.java:1932) [:3.6.0.Final] > at org.hibernate.persister.entity.AbstractEntityPersister.update(AbstractEntityPersister.java:2576) [:3.6.0.Final] > at org.hibernate.persister.entity.AbstractEntityPersister.updateOrInsert(AbstractEntityPersister.java:2476) [:3.6.0.Final] > at org.hibernate.persister.entity.AbstractEntityPersister.update(AbstractEntityPersister.java:2803) [:3.6.0.Final] > at org.hibernate.action.EntityUpdateAction.execute(EntityUpdateAction.java:113) [:3.6.0.Final] > at org.hibernate.engine.ActionQueue.execute(ActionQueue.java:273) [:3.6.0.Final] > at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:265) [:3.6.0.Final] > at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:185) [:3.6.0.Final] > at org.hibernate.event.def.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:321) [:3.6.0.Final] > at org.hibernate.event.def.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:51) [:3.6.0.Final] > at org.hibernate.impl.SessionImpl.flush(SessionImpl.java:1216) [:3.6.0.Final] > at org.hibernate.impl.SessionImpl.forceFlush(SessionImpl.java:1237) [:3.6.0.Final] > at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:187) [:3.6.0.Final] > at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:143) [:3.6.0.Final] > at org.hibernate.ejb.event.EJB3PersistEventListener.saveWithGeneratedId(EJB3PersistEventListener.java:69) [:3.6.0.Final] > at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:179) [:3.6.0.Final] > at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:135) [:3.6.0.Final] > at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:61) [:3.6.0.Final] > at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:808) [:3.6.0.Final] > at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:782) [:3.6.0.Final] > at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:786) [:3.6.0.Final] > at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:672) [:3.6.0.Final] > at org.jboss.jpa.impl.tx.TransactionScopedEntityManager.persist(TransactionScopedEntityManager.java:206) [:2.0.0] > at org.ejbca.core.ejb.authorization.AdminGroupData.addAdminEntities(AdminGroupData.java:235) [:] > at org.cesecore.core.ejb.authorization.AdminGroupSessionBean.addDefaultPublicWebGroupRules(AdminGroupSessionBean.java:402) [:] > at org.cesecore.core.ejb.authorization.AdminGroupSessionBean.removeAndAddDefaultPublicWebGroupRules(AdminGroupSessionBean.java:447) [:] > at org.cesecore.core.ejb.authorization.AdminGroupSessionBean.init(AdminGroupSessionBean.java:136) [:] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24] > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [:1.6.0_24] > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [:1.6.0_24] > at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_24] > at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) [jboss-aop.jar:2.2.1.GA] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.interceptors.container.ContainerMethodInvocationWrapper.invokeNext(ContainerMethodInvocationWrapper.java:72) [:1.1.3] > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:76) [:1.1.3] > at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:62) [:1.1.3] > at sun.reflect.GeneratedMethodAccessor634.invoke(Unknown Source) [:1.6.0_24] > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [:1.6.0_24] > at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_24] > at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) [jboss-aop.jar:2.2.1.GA] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:74) [:1.1.3] > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_2612772.invoke(InvocationContextInterceptor_z_fillMethod_2612772.java) [:] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:90) [:1.1.3] > at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_2612772.invoke(InvocationContextInterceptor_z_setup_2612772.java) [:] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.async.impl.interceptor.AsynchronousServerInterceptor.invoke(AsynchronousServerInterceptor.java:128) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) [:1.0.3] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.core.context.SessionInvocationContextAdapter.proceed(SessionInvocationContextAdapter.java:95) [:1.7.17] > at org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invokeInCallerTx(CMTTxInterceptor.java:223) [:0.0.1] > at org.jboss.ejb3.tx2.impl.CMTTxInterceptor.required(CMTTxInterceptor.java:353) [:0.0.1] > at org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invoke(CMTTxInterceptor.java:209) [:0.0.1] > at org.jboss.ejb3.tx2.aop.CMTTxInterceptorWrapper.invoke(CMTTxInterceptorWrapper.java:52) [:0.0.1] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) [:1.0.0.GA] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) [:1.0.3] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:182) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.core.context.CurrentInvocationContextInterceptor.invoke(CurrentInvocationContextInterceptor.java:47) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) [:1.0.1] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:323) [:1.7.17] > at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:380) [:1.7.17] > at sun.reflect.GeneratedMethodAccessor633.invoke(Unknown Source) [:1.6.0_24] > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [:1.6.0_24] > at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_24] > at org.jboss.ejb3.proxy.impl.handler.session.SessionLocalProxyInvocationHandler$LocalContainerInvocation.invokeTarget(SessionLocalProxyInvocationHandler.java:184) [:1.0.11] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.async.impl.interceptor.AsynchronousClientInterceptor.invoke(AsynchronousClientInterceptor.java:143) [:1.7.17] > at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA] > at org.jboss.ejb3.proxy.impl.handler.session.SessionLocalProxyInvocationHandler$LocalInvokableContextHandler.invoke(SessionLocalProxyInvocationHandler.java:159) [:1.0.11] > at $Proxy269.invoke(Unknown Source) at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:185) [:1.0.11] > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: Rooms G. <Guy...@te...> - 2013-06-28 12:00:26
|
Hi,
We're currently working on a proof of concept on using ejbca (on Jboss 6.0.0.Final) & encountered an issue when
- creating CAs concurrently (using two threads)..
- ..using CAAdminSession.createCA method,
Is this known and expected behavior / restriction ? (ref stack trace)
Note: both on postgress / h2.
Regards,
Guy.
Stacktrace:
17:43:45,365 ERROR [org.hibernate.event.def.AbstractFlushingEventListener] Could not synchronize database state with session: org.hibernate.StaleObjectStateException: Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect): [org.ejbca.core.ejb.authorization.AdminGroupData#389683609]
at org.hibernate.persister.entity.AbstractEntityPersister.check(AbstractEntityPersister.java:1932) [:3.6.0.Final]
at org.hibernate.persister.entity.AbstractEntityPersister.update(AbstractEntityPersister.java:2576) [:3.6.0.Final]
at org.hibernate.persister.entity.AbstractEntityPersister.updateOrInsert(AbstractEntityPersister.java:2476) [:3.6.0.Final]
at org.hibernate.persister.entity.AbstractEntityPersister.update(AbstractEntityPersister.java:2803) [:3.6.0.Final]
at org.hibernate.action.EntityUpdateAction.execute(EntityUpdateAction.java:113) [:3.6.0.Final]
at org.hibernate.engine.ActionQueue.execute(ActionQueue.java:273) [:3.6.0.Final]
at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:265) [:3.6.0.Final]
at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:185) [:3.6.0.Final]
at org.hibernate.event.def.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:321) [:3.6.0.Final]
at org.hibernate.event.def.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:51) [:3.6.0.Final]
at org.hibernate.impl.SessionImpl.flush(SessionImpl.java:1216) [:3.6.0.Final]
at org.hibernate.impl.SessionImpl.forceFlush(SessionImpl.java:1237) [:3.6.0.Final]
at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:187) [:3.6.0.Final]
at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:143) [:3.6.0.Final]
at org.hibernate.ejb.event.EJB3PersistEventListener.saveWithGeneratedId(EJB3PersistEventListener.java:69) [:3.6.0.Final]
at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:179) [:3.6.0.Final]
at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:135) [:3.6.0.Final]
at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:61) [:3.6.0.Final]
at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:808) [:3.6.0.Final]
at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:782) [:3.6.0.Final]
at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:786) [:3.6.0.Final]
at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:672) [:3.6.0.Final]
at org.jboss.jpa.impl.tx.TransactionScopedEntityManager.persist(TransactionScopedEntityManager.java:206) [:2.0.0]
at org.ejbca.core.ejb.authorization.AdminGroupData.addAdminEntities(AdminGroupData.java:235) [:]
at org.cesecore.core.ejb.authorization.AdminGroupSessionBean.addDefaultPublicWebGroupRules(AdminGroupSessionBean.java:402) [:]
at org.cesecore.core.ejb.authorization.AdminGroupSessionBean.removeAndAddDefaultPublicWebGroupRules(AdminGroupSessionBean.java:447) [:]
at org.cesecore.core.ejb.authorization.AdminGroupSessionBean.init(AdminGroupSessionBean.java:136) [:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [:1.6.0_24]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [:1.6.0_24]
at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_24]
at org.jboss.aop.joinpoint.MethodInvocation.invokeTarget(MethodInvocation.java:122) [jboss-aop.jar:2.2.1.GA]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.interceptors.container.ContainerMethodInvocationWrapper.invokeNext(ContainerMethodInvocationWrapper.java:72) [:1.1.3]
at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke(InterceptorSequencer.java:76) [:1.1.3]
at org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke(InterceptorSequencer.java:62) [:1.1.3]
at sun.reflect.GeneratedMethodAccessor634.invoke(Unknown Source) [:1.6.0_24]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [:1.6.0_24]
at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_24]
at org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) [jboss-aop.jar:2.2.1.GA]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod(InvocationContextInterceptor.java:74) [:1.1.3]
at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_2612772.invoke(InvocationContextInterceptor_z_fillMethod_2612772.java) [:]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup(InvocationContextInterceptor.java:90) [:1.1.3]
at org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_2612772.invoke(InvocationContextInterceptor_z_setup_2612772.java) [:]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.async.impl.interceptor.AsynchronousServerInterceptor.invoke(AsynchronousServerInterceptor.java:128) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:62) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:56) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) [:1.0.3]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:68) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.core.context.SessionInvocationContextAdapter.proceed(SessionInvocationContextAdapter.java:95) [:1.7.17]
at org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invokeInCallerTx(CMTTxInterceptor.java:223) [:0.0.1]
at org.jboss.ejb3.tx2.impl.CMTTxInterceptor.required(CMTTxInterceptor.java:353) [:0.0.1]
at org.jboss.ejb3.tx2.impl.CMTTxInterceptor.invoke(CMTTxInterceptor.java:209) [:0.0.1]
at org.jboss.ejb3.tx2.aop.CMTTxInterceptorWrapper.invoke(CMTTxInterceptorWrapper.java:52) [:0.0.1]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76) [:1.0.0.GA]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.tx.NullInterceptor.invoke(NullInterceptor.java:42) [:1.0.3]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:182) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.core.context.CurrentInvocationContextInterceptor.invoke(CurrentInvocationContextInterceptor.java:47) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) [:1.0.1]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:323) [:1.7.17]
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:380) [:1.7.17]
at sun.reflect.GeneratedMethodAccessor633.invoke(Unknown Source) [:1.6.0_24]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [:1.6.0_24]
at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_24]
at org.jboss.ejb3.proxy.impl.handler.session.SessionLocalProxyInvocationHandler$LocalContainerInvocation.invokeTarget(SessionLocalProxyInvocationHandler.java:184) [:1.0.11]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:111) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.async.impl.interceptor.AsynchronousClientInterceptor.invoke(AsynchronousClientInterceptor.java:143) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.proxy.impl.handler.session.SessionLocalProxyInvocationHandler$LocalInvokableContextHandler.invoke(SessionLocalProxyInvocationHandler.java:159) [:1.0.11]
at $Proxy269.invoke(Unknown Source) at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:185) [:1.0.11]
|
|
From: Tomas G. <to...@pr...> - 2013-06-28 07:53:40
|
Hi, The PrimeKey EJBCA team is happy to announce that EJBCA 4.0.16 has been released! This is a maintenance release of the EJBCA Community version – 3 issues have been resolved. The most noteworthy changes can be seen below. This maintenance release contains 1 new feature and 2 bugfixes. - It is now possible to store the Base64 certificate data in a separate table. - Fixed possible database rollback when CRL publishing failed. - Fixed a possible exception viewing old log in the Admin GUI. Please visit http://www.ejbca.org/ for more information. Kind regards, PrimeKey EJBCA Team ********** PrimeKey Solutions AB Anderstorpsvägen 16, 171 54 Solna, Sweden Internet: www.primekey.se Twitter: twitter.com/primekeyPKI ********** |
|
From: Tomas G. <to...@pr...> - 2013-06-26 07:51:06
|
Hi EJBCA users, If you are running a trust center using EJBCA, you might be interested in participating in this EU survey. Cheers, Tomas -------- Original Message -------- Subject: ENISA's Trust Services Providers Survey Date: Sun, 23 Jun 2013 11:09:34 +0000 From: Manel Medina <Man...@en...> To: in...@pr... <in...@pr...> Dear Trust Service Provider, As you are probably aware, the European Commission presented in July 2012 a proposal for a new Regulation on electronic identification and trust services for electronic transactions(http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0238:FIN:en:PDF), which will supersede the current Directive 1999/93/EC on a Community framework for electronic signatures. Art. 15 of the proposed Regulation establishes certain provisions regarding the security requirements applicable to trust service providers. In order to facilitate the implementation of this provision, as well as to generally support trust service providers (TSP) in the introduction of best security practices, the European Network and Information Security Agency (ENISA) is working on 2013 on a series of studies on the security aspects of trust service providers issuing electronic certificates, as well as security and interoperability aspects specific to the new trust services foreseen in the proposed Regulation. ENISA is running a survey about the security mechanisms used by TSP in Europe, and their interoperability. This survey is part of the project and is addressed to every TSP offering, or intending to offer in the future, any of the services identified in the proposed Regulation: ·Electronic certificates, including e-Signature ones ·Electronic time stamps ·Electronically signed documents storage or management ·Electronic delivery services ·Validation of electronic signatures ·Longtime preservation of electronic signatures The survey is structured following these topics, and you only have to answer the questions related to the services you provide. You can fill in the survey in the following URL: https://www.enisa.europa.eu/trust-services-in-eu <https://www.enisa.europa.eu/trust-services-in-eu> It will take 10-30 minutes to complete the survey, depending on the number of services you provide or will do. Please do so at your earliest convenience, before the 14^th of July, but preferably before the 1^st of July. The results of the survey will be anonymous, but you can optionally introduce your organizational contact data. Doing so will enable us to include your organization in the acknowledgements of the final reports, if you indicate that you wish so. |
|
From: Tomas G. <to...@pr...> - 2013-06-25 13:43:11
|
I think you need to check what is the actual output of the clientToolBox sign command. It is probably not the same as the input required by openssl rsautl. There is no such thing as a "standard" here, if there is EJBCA follows it :-) Cheers, Tomas On 06/25/2013 02:54 AM, Robbie Gill wrote: > > I have EJBCA running with nCipher HSM and I am using EJBCA's > PKCS11HSMKeyTool to generate a Module key and then generate a RSA > signature. I am successful in generating the RSA signature but when I > try to verify the generated signature using openssl's rsautl, it fails > !!! What am I missing ? The verification succeeds if I use EJBCA's > PKCS11HSMKeyTool tool, but I need to be able to verify using openssl. > > Any ideas would be much appreciated. Below are the detailed steps I > carried out… > > > 1) Generate 2048 bit PKCS11 RSA Key on HSM (nCiher) - Module key > > $ /opt/ejbca/dist/clientToolBox/ejbcaClientToolBox.sh PKCS11HSMKeyTool > generate /home/rgill/pkcs11_config/CodeSigningServer1_pkcs11.cnf 2048 > TestingKey > 2013-06-24 17:19:04,381 INFO [org.ejbca.util.keystore.KeyTools] Using > SUN PKCS11 provider: sun.security.pkcs11.SunPKCS11 > Created certificate with entry TestingKey. > > 2) Generate CSR > > $ /opt/ejbca/dist/clientToolBox/ejbcaClientToolBox.sh PKCS11HSMKeyTool > certreq /opt/nfast/toolkits/pkcs11/libcknfast.so i0 TestingKey > 2013-06-24 17:19:17,495 INFO [org.ejbca.util.keystore.KeyTools] Using > SUN PKCS11 provider: sun.security.pkcs11.SunPKCS11 > 2013-06-24 17:19:17,657 INFO > [org.ejbca.util.keystore.KeyStoreContainerBase] Using named curve > parameter encoding for ECC key. > 2013-06-24 17:19:17,742 INFO > [org.ejbca.util.keystore.KeyStoreContainerBase] Wrote csr to file: > TestingKey.pem > > 3) Extract public key from CSR > > $ openssl req -pubkey -in Testing.pem -out PubKey-TestingKey.pem > > 4) Generate digest to be signed > > $ openssl dgst -binary -sha1 -out /tmp/t.dgst.sha1 < /tmp/t.txt > > > 5) Sign using private key on HSM (PKCS11) > > $ /opt/ejbca/dist/clientToolBox/ejbcaClientToolBox.sh PKCS11HSMKeyTool > sign /opt/nfast/toolkits/pkcs11/libcknfast.so i0 /tmp/t.dgst.sha1 > /tmp/t.dgst.sha1.HSMsigned TestingKey > 2013-06-24 17:20:12,678 INFO [org.ejbca.util.keystore.KeyTools] Using > SUN PKCS11 provider: sun.security.pkcs11.SunPKCS11 > > > 6) Try and verify using openssl …!!!FAILS!!! > $ openssl rsautl -in /tmp/t.dgst.sha1.HSMsigned -out > /tmp/t.dgst.sha1.OUTfromsig -inkey PubKey-TestingKey.pem -pubin -verify > RSA operation error > 23304:error:0406706C:rsa routines:RSA_EAY_PUBLIC_DECRYPT:data greater > than mod len:rsa_eay.c:656: > > > # Check the public key > $ openssl rsa -in PubKey-TestingKey.pem -text -pubin > Public-Key: (2048 bit) > Modulus: > 00:b2:b6:de:b6:4c:1f:56:e2:7d:17:e6:f6:b8:d7: > a0:0d:49:f2:42:ba:16:a7:9f:b9:7e:e1:80:8b:eb: > 7b:27:a9:b9:be:db:b1:a9:3d:d5:7f:ae:a0:c5:9b: > a6:5f:33:dd:13:fd:e9:87:27:82:ba:94:97:ef:8a: > 4c:df:5d:6c:1a:fc:f9:cd:7b:29:3f:a2:2b:7d:03: > 30:7f:d4:e2:db:34:a8:da:08:8b:1e:c7:4f:e0:81: > 76:20:1c:5a:a5:57:c2:ff:d1:16:bd:6a:24:a3:c3: > 1d:91:10:46:9e:ec:ea:d4:c5:d6:f0:8a:7e:a7:bb: > dc:75:44:99:24:ea:8a:b6:c8:98:dd:fb:76:8e:f2: > e1:82:89:1d:55:99:fb:9c:d3:41:cb:64:ec:61:3f: > 7e:77:38:6f:9a:2c:1e:27:01:83:7b:e7:ab:6b:ee: > 27:f3:41:23:06:87:a1:ec:2c:65:c3:58:69:c8:c1: > 54:6e:76:1d:ea:39:d8:05:72:b4:3e:71:dc:59:6d: > 46:17:61:4f:1d:72:26:69:ed:00:11:d9:50:bb:8d: > 95:77:53:69:7d:ed:30:ea:ab:90:db:57:13:6d:21: > 73:f1:45:25:7b:02:c2:48:78:6d:45:96:aa:63:fa: > 19:64:4b:8e:47:59:61:0b:22:58:19:b6:e0:b9:47: > a7:2d > Exponent: 65537 (0x10001) > > Regards > Robbie > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
|
From: ejbca-support <ejb...@pr...> - 2013-06-25 13:34:32
|
It looks like the java installation already contains a provider
definition which makes your new definition ignored.
Cheers
Anders
tech support
On 2013-06-25 15:26, Daniel JAMET wrote:
> clientToolBox run fine when you give it the path of library libcknfast.so ant slotListIndex=1
>
> clientToolBox is in error when you give the path of configuration file : ocs-sunpkcs11.cfg
>
> ocs-sunpkcs11.cfg:
>
> *name=NFastJava*
> *library=/opt/nfast/toolkits/pkcs11/libcknfast.so*
> *slotListIndex=1*
>
> *attributes(*, *, *) = {*
> * CKA_TOKEN = true*
> *}*
>
> *attributes(*, CKO_PUBLIC_KEY, * ) = {*
> * CKA_ENCRYPT = true*
> * CKA_WRAP = true *
> * CKA_VERIFY = true*
> *}*
>
> *attributes( *, CKO_PRIVATE_KEY, *) = {*
> * CKA_PRIVATE = false *
> * CKA_SENSITIVE = true*
> * CKA_SIGN = true*
> * CKA_DECRYPT = true*
> * CKA_EXTRACTABLE = false *
> * CKA_UNWRAP = true*
> *}*
>
> The log trace:
>
>
> *2013-06-25 13:23:47,115 INFO [org.ejbca.util.keystore.KeyTools] Using SUN PKCS11 provider: sun.security.pkcs11.SunPKCS11*
> *2013-06-25 13:23:47,123 DEBUG [org.ejbca.util.keystore.KeyStoreContainerP11] Adding provider with name: SunPKCS11-NFastJava*
> *2013-06-25 13:23:47,123 DEBUG [org.ejbca.util.keystore.KeyStoreContainerP11] Provider already exists, not adding.*
> *2013-06-25 13:23:47,132 DEBUG [org.ejbca.util.keystore.KeyStoreContainerBase] generating...*
> *2013-06-25 13:23:52,920 DEBUG [org.ejbca.util.keystore.KeyStoreContainerBase] keystore signing algorithm SHA1withRSA*
> *2013-06-25 13:23:52,953 ERROR [org.ejbca.ui.cli.HSMKeyTool] Command 'PKCS11HSMKeyTool generate /opt/ejbca/conf/sunpkcs11.cfg null pkcs11 4096 defaultTEST' could not be executed.*
> *java.security.ProviderException: Initialization failed*
> * at sun.security.pkcs11.P11Signature.initialize(P11Signature.java:312)*
> * at sun.security.pkcs11.P11Signature.engineInitSign(P11Signature.java:393)*
> * at java.security.Signature$Delegate.engineInitSign(Signature.java:1113)*
> * at java.security.Signature.initSign(Signature.java:497)*
> * at org.bouncycastle.x509.X509Util.calculateSignature(Unknown Source)*
> * at org.bouncycastle.x509.X509V3CertificateGenerator.generate(Unknown Source)*
> * at org.bouncycastle.x509.X509V3CertificateGenerator.generate(Unknown Source)*
> * at org.ejbca.util.keystore.KeyStoreContainerBase.getSelfCertificate(KeyStoreContainerBase.java:144)*
> * at org.ejbca.util.keystore.KeyStoreContainerBase.generate(KeyStoreContainerBase.java:285)*
> * at org.ejbca.util.keystore.KeyStoreContainerBase.generateRSA(KeyStoreContainerBase.java:202)*
> * at org.ejbca.util.keystore.KeyStoreContainerBase.generate(KeyStoreContainerBase.java:234)*
> * at org.ejbca.ui.cli.HSMKeyTool.doIt(HSMKeyTool.java:139)*
> * at org.ejbca.ui.cli.HSMKeyTool.execute(HSMKeyTool.java:290)*
> * at org.ejbca.ui.cli.PKCS11HSMKeyTool.execute(PKCS11HSMKeyTool.java:47)*
> * at org.ejbca.ui.cli.ClientToolBox.executeIfSelected(ClientToolBox.java:40)*
> * at org.ejbca.ui.cli.ClientToolBox.main(ClientToolBox.java:70)*
> *Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_FUNCTION_NOT_PERMITTED*
> * at sun.security.pkcs11.wrapper.PKCS11.C_SignInit(Native Method)*
> * at sun.security.pkcs11.P11Signature.initialize(P11Signature.java:304)*
> * ... 15 more*
>
>
> How explain this ?
>
> kind regards
>
> Daniel JAMET
> Direction DPM
> Tél : +33 1 55 23 31 70
> dan...@e-...
> ____________________________
> Société d'Exploitation de Réseaux et de Services Sécurisés
> Immeuble "Le Linéa"
> 1, rue du Général Leclerc
> 92800 PUTEAUX
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Windows:
>
> Build for Windows Store.
>
> http://p.sf.net/sfu/windows-dev2dev
>
>
>
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>
|
106 messages has been excluded from this view by a project administrator.
