Menu
▾
▴
Re: [Ejbca-develop] Certificate specified doesn’t exist in database
|
From: Arnaud D. <arn...@gm...> - 2015-08-22 21:47:20
|
I find the problem. It was an SSL issue. In my situation, the client is an application deployed in glassfish (glassfishA). And ejbca in deployed to another glassfish server (glassfishB). The trust store of glassfishB does not contain the certificate of glassfishA. Thanks 2015-08-20 14:04 GMT+02:00 Arnaud Defos <arn...@gm...>: > Yes, it is the date of the moment we generate the certificate. > > Something strange is that we have another server where we do not have this > problem ! > > 2015-08-20 13:08 GMT+02:00 Tomas Gustavsson <to...@pr...>: > >> >> Hi, >> >> Your end entities have very strange names, todays date? Might be a web >> encoding issue of one of the characters when you try to view the >> certificate. >> >> Time to upgrade? >> >> Cheers, >> Tomas >> >> On 2015-08-20 12:54, Arnaud Defos wrote: >> > Hi Tomas, >> > >> > Thanks for your answer. >> > Yes, I use WS API. >> > >> > Yes, I'am sure that it is generated because the WS pkcs10Request returns >> > the certificate data which is generated and then I can use it and sign a >> > document. >> > >> > Any ideas ? >> > >> > 2015-08-19 20:58 GMT+02:00 Tomas Gustavsson <to...@pr... >> > <mailto:to...@pr...>>: >> > >> > >> > Looks like you have performed some action through the WS API right? >> > >> > Since the user status is still new, there "might" have been an error >> > generating the certificate so the transaction was rolled back, but >> the >> > log entry was committed. Ae you sure a certificate was issued, i.e. >> did >> > the user really receive a certificate? >> > >> > Cheers, >> > Tomas >> > >> > On 2015-08-19 17:58, Arnaud Defos wrote: >> > > Hi, >> > > >> > > I m using ejbca 4.0.16, I could generate a certificate and >> include it in >> > > a document when it has been signed. When I try to access to this >> > > certificate in admin ejbca, I click on "View certificate", I've >> got this >> > > message : "Certificate specified doesn’t exist in database, it >> may not >> > > have been generated.". >> > > >> > > In the history, I have this : >> > > *Certificate Comment* >> > > No certificate involved Changed status for '446_2015-08-19 >> > 14:39:01:928' >> > > to STATUS_GENERATED. >> > > No certificate involved Edited end entity 446_2015-08-19 >> > 14:39:01:928, >> > > new status 40. >> > > Certificate not known to database. Storing certificate request >> > history >> > > successful for user 446_2015-08-19 14:39:01:928. >> > > Certificate not known to database. Certificate issued to user >> > > 446_2015-08-19 14:39:01:928. >> > > Certificate not known to database. Certificate stored. >> > > No certificate involved Received certificate request for user >> > > 446_2015-08-19 14:39:01:928 for CA -931767617 with certificate >> > profile >> > > 40705019. >> > > No certificate involved Authenticated user 446_2015-08-19 >> > 14:39:01:928. >> > > No certificate involved Authenticated user 446_2015-08-19 >> > 14:39:01:928. >> > > No certificate involved Added end entity 446_2015-08-19 >> 14:39:01:928. >> > > >> > > >> > > The status associated with the user : New. >> > > >> > > However, we can see in history : changed status to >> > 'STATUS_GENERATED'. >> > > So it's strange ! >> > > >> > > I have one exception in server.log (glassfish 2.1.1) : >> > > >> > > >> > >> [#|2015-08-19T14:35:45.310+0200|INFO|sun-appserver2.1|javax.enterprise.resource.webservices.jaxws.server|_ThreadID=13;_ThreadName=httpSSLWorkerThread-8442-0;|Request >> > > had an unrecognized object ID >> 5587a8ce-5f42-4135-90de-41ad9952eab3|#] >> > > >> > > >> > >> [#|2015-08-19T14:35:45.318+0200|SEVERE|sun-appserver2.1|com.sun.xml.ws.server.sei.EndpointMethodHandler|_ThreadID=13;_ThreadName=httpSSLWorkerThread-8442-0;_RequestID=c797b1f0-f9d0-4e7e-8940-e26ed3e7e638;|The >> > > log message is null. >> > > java.lang.NullPointerException >> > > at >> > > >> > >> com.sun.xml.ws.api.addressing.WSEndpointReference.<init>(WSEndpointReference.java:145) >> > > at >> com.sun.xml.ws.tx.common.WsaHelper.sendFault(WsaHelper.java:143) >> > > at >> > > >> > >> com.sun.xml.ws.tx.coordinator.RegistrationManager.register(RegistrationManager.java:196) >> > > at >> > > >> > >> com.sun.xml.ws.tx.webservice.member.coord.RegistrationCoordinatorPortTypeImpl.registerOperation(RegistrationCoordinatorPortTypeImpl.java:106) >> > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> > > at >> > > >> > >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> > > at >> > > >> > >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> > > at java.lang.reflect.Method.invoke(Method.java:597) >> > > at >> > > >> > >> com.sun.xml.ws.api.server.InstanceResolver$1.invoke(InstanceResolver.java:246) >> > > at >> com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:146) >> > > at >> > > >> > >> com.sun.xml.ws.server.sei.EndpointMethodHandler.invoke(EndpointMethodHandler.java:257) >> > > at >> > > >> > >> com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:93) >> > > at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595) >> > > at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554) >> > > at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539) >> > > at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436) >> > > at >> > > >> > >> com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:106) >> > > at >> > > >> > >> com.sun.enterprise.webservice.MonitoringPipe.process(MonitoringPipe.java:147) >> > > at >> > > >> > >> com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115) >> > > at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595) >> > > at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554) >> > > at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539) >> > > at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436) >> > > at >> > > >> > >> com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:106) >> > > at >> > > >> > >> com.sun.enterprise.webservice.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:222) >> > > at >> > > >> > >> com.sun.enterprise.webservice.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:133) >> > > at >> > > >> > >> com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115) >> > > at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595) >> > > at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554) >> > > at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539) >> > > at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436) >> > > at >> > >> com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243) >> > > at >> > > >> > >> com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444) >> > > at >> > >> com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244) >> > > at >> > > >> > >> com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135) >> > > at >> > >> com.sun.enterprise.webservice.JAXWSServlet.doPost(JAXWSServlet.java:177) >> > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) >> > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) >> > > at >> > > >> > >> org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:427) >> > > at >> > > >> > >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:315) >> > > at >> > > >> > >> org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:287) >> > > at >> > > >> > >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:218) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) >> > > at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94) >> > > at >> > > >> > >> com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:98) >> > > at >> > > >> > >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:222) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) >> > > at >> > >> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1093) >> > > at >> > > >> > >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:166) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) >> > > at >> > > >> > >> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) >> > > at >> > >> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1093) >> > > at >> > >> org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:291) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:666) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:597) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:872) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.process(SSLReadTask.java:444) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.doTask(SSLReadTask.java:230) >> > > at >> > >> com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:264) >> > > at >> > > >> > >> com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106) >> > > |#] >> > > >> > > >> > >> [#|2015-08-19T14:36:25.355+0200|WARNING|sun-appserver2.1|javax.enterprise.resource.webservices.jaxws.wstx.wscoord|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8443-0;_RequestID=cef021e5-6c8e-43b3-8a12-1a1243fa9c47;|WSTX-COORDINATOR-3007 >> > > : Délai d'attente d'enregistrement écoulé pour l'ID d'activité >> > > 'uuid:WSCOOR-SUN-1cc1cf45-4038-4a90-a088-b1a8e58db20c'. Tentative >> > > d'enregistrement dans '<?xml version="1.0" encoding="UTF-8" >> > > standalone="yes"?><EndpointReference >> > > >> > xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><Address> >> https://debian:8442/__wstx-services/wscoor/coordinator/register >> </Address><ReferenceParameters><jaxws:objectId >> > > xmlns:ns2="http://schemas.xmlsoap.org/ws/2004/08/addressing" >> > > xmlns="http://schemas.xmlsoap.org/ws/2004/10/wscoor" >> > > xmlns:jaxws="http://jax-ws.dev.java.net/xml/ns/" >> > > xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" >> > > >> > xmlns:ns3="http://schemas.xmlsoap.org/soap/envelope/ >> ">5587a8ce-5f42-4135-90de-41ad9952eab3</jaxws:objectId></ReferenceParameters></EndpointReference>'|#] >> > > >> > > >> > > >> > > Do you have any ideas ? >> > > >> > > Thanks for your help ! >> > > >> > > >> > > Arnaud >> > > >> > > >> > > >> > >> ------------------------------------------------------------------------------ >> > > >> > > >> > > >> > > _______________________________________________ >> > > Ejbca-develop mailing list >> > > Ejb...@li... >> > <mailto:Ejb...@li...> >> > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > > >> > >> > >> ------------------------------------------------------------------------------ >> > _______________________________________________ >> > Ejbca-develop mailing list >> > Ejb...@li... >> > <mailto:Ejb...@li...> >> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > >> > >> > >> > >> > >> ------------------------------------------------------------------------------ >> > >> > >> > >> > _______________________________________________ >> > Ejbca-develop mailing list >> > Ejb...@li... >> > https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > >> >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> > > |
