Menu
▾
▴
Re: [Ejbca-develop] Several problems after migration
|
From: Arnaud D. <arn...@gm...> - 2019-02-25 08:48:23
|
Hi Tomas, Thanks for your answer. We made new tests, I will respond to your last questions and provide new the exact situation with logs: >>>Did you check wildfly/standalone/tmp? Yes, the directory is empty during the docker build, we try to clean /data /tmp /logs in wildfly/standalone, but the problem still exist. >>> The: javax.ejb.EJBException: java.lang.StringIndexOutOfBoundsException: You're right, this error message appears in 6.3.1.1 only when we access Internal Key Bindings> OcspKeyBinding> Click on Ocsp certificate Serial Number. In version 6.3.1.1, two out of three certificates return the "StringIndexOutOfBoundsException" error when clicking on the serial number. However, their status is good at Active. https://pasteboard.co/I2aUEfL.png Following the upgrade in 6.10.1.2, we no longer have the same error and the same display. Two certificates are passed in Revoked and the click on the serial number displays the error below: https://pasteboard.co/I2aUUG8.png When we click on the Revoked serial number: https://pasteboard.co/I2aIseO.png The detail of the stack trace resulting from the server.log (To improve the reading of this thread I put the log in attachment mode) -> https://pastebin.com/i2mLQwzS >>> Is something in the database. Some certificate in a chain is missing? I think this is an issue fixed in later releases. Yes maybe, we find this in the server.log: 2019-02-21 09:42:25,568 INFO [org.cesecore.certificates.certificate.CertificateStoreSessionBean] (EJB default - 7) Reloading CA certificate cache. 2019-02-21 09:42:25,577 INFO [org.cesecore.certificates.certificate.CertificateStoreSessionBean] (EJB default - 7) Reloaded CA certificate cache with 12 certificates 2019-02-21 09:42:47,635 WARN [org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean] (EJB default - 9) Unable to build certificate chain for OCSP signing certificate with Subject DN 'CN=OCSP Service 1 XXXXXXX SIGNATURE CA,OU=0002 XXXXXX,O=XXXXXXX,organizationIdentifier=XXXXXXXX,C=FR'. CA with Subject DN 'CN=XXXXXX - XXXXXXX SIGNATURE CA,OU=0002 XXXXXXX,O=XXXXXX,organizationIdentifier=XXXXXX,C=FR' is missing in the database. 2019-02-21 09:42:47,635 WARN [org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean] (EJB default - 9) OcspKeyBinding OcspKeyBinding XXXXXX CA ( -1904656213) has a signing certificate, but no chain and will be ignored. 2019-02-21 09:42:47,641 WARN [org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean] (EJB default - 9) Unable to build certificate chain for OCSP signing certificate with Subject DN 'CN=OCSP Service 1 XXXXXXXXXX CA,OU=0002 XXXXXX,O=XXXXXXX,organizationIdentifier=XXXXXXXX,C=FR'. CA with Subject DN 'CN=XXXXXX - XXXXXXX CA,OU=0002 XXXXXX,O=XXXXXX,organizationIdentifier=XXXXXXXXX,C=FR' is missing in the database. 2019-02-21 09:42:47,641 WARN [org.cesecore.certificates.ocsp.OcspResponseGeneratorSessionBean] (EJB default - 9) OcspKeyBinding OcspKeyBinding XXXXXX CA ( -1307162558) has a signing certificate, but no chain and will be ignored. -------------------------------------------------------- Regarding the problem on End Entity Profiles, in version 6.10.1.2 we found the problem. We use a newrelic java agent and this increase the size during the compilation. So, this point is OK. Regards, Le mer. 13 févr. 2019 à 11:09, Tomas Gustavsson <to...@pr...> a écrit : > > Hi, > > This one disturbs me the most right now. So let's take this first. > > > >> at java.lang.String.substring(String.java:1967) > >> at org.cesecore.util.CertTools.isDNReversed(CertTools.java:614) > >> at > org.cesecore.util.CertTools.stringToBCDNString(CertTools.java:467) > > Are from EJBCA 6.3, this error does not come from EJBCA 6.10. I think > your container is not updated with a new ejbca.ear file. > > > > It was the good version of the ear, we checked the version in admin > >page. > > That code is not from EJBCA 6.10, that's just how it is. Do you still > get that or is it from an older log from the old version? > > /Tomas > > On 2019-02-11 13:35, Arnaud Defos wrote: > > Hi Tomas, > > > > Thanks for your anwser. Here are my comments : > > > > Le jeu. 7 févr. 2019 à 14:07, Tomas Gustavsson <to...@pr... > > <mailto:to...@pr...>> a écrit : > > > > > > Did you check wildfly/standalone/tmp? > > > > > > No, we will check it asap but I think it was empty before starting ejbca. > > > > > > > > The issue: > > org.apache.jasper.JasperException: JBWEB004062: Unable to compile > class > > for JSP: > > Is something in with the file system. > > > > > > Ok, maybe these informations will help you : > > - we add custom profile in : profilemappings.properties : > > > "DN;2.5.4.97;200;2.5.4.97;200;OrganizationIdentifier;OrganizationIdentifier" > > - we add custom component in dncomponents.properties : > > "organizationIdentifier=2.5.4.97" > > - we add custom extension in certextensions.properties : > > id1.oid=1.3.6.1.5.5.7.1.3 > > > id1.classpath=org.cesecore.certificates.certificate.certextensions.BasicCertificateExtension > > id1.displayname=Custom qc statement 1 > > id1.used=true > > id1.translatable=false > > id1.critical=false > > id1.property.encoding=RAW > > id1.property.dynamic=false > > id1.property.value=... (could send it if you want) > > id2.oid=1.3.6.1.5.5.7.1.3 > > > id2.classpath=org.cesecore.certificates.certificate.certextensions.BasicCertificateExtension > > id2.displayname=Custom qc statement 2 > > id2.used=true > > id2.translatable=false > > id2.critical=false > > id2.property.encoding=RAW > > id2.property.dynamic=false > > id2.property.value=... (could send it if you want) > > > > - in $JBOSS_HOME/bin/standalone.conf : > > we replace "-Xms64m -Xmx512m -XX:MaxPermSize=256m > > -Djava.net.preferIPv4Stack=true" by : "-Xms2048m -Xmx2048m > > -XX:MaxPermSize=384m -Djava.net.preferIPv4Stack=true" > > > > Is there something wrong ? > > > > > > > > The: > > javax.ejb.EJBException: java.lang.StringIndexOutOfBoundsException: > > > > Is something in the database. Some certificate in a chain is missing? > > I think this is an issue fixed in later releases. > > > > > > Maybe but how could we check it ? Which SQL commands could we launch ? > > > > > > > > The: > > Caused by: java.lang.StringIndexOutOfBoundsException: String index > out > > of range: -1 > > Is something other as well. > > > > In fact the code the stacktraces you paste refer to: > > > > >> at java.lang.String.substring(String.java:1967) > > >> at org.cesecore.util.CertTools.isDNReversed(CertTools.java:614) > > >> at > org.cesecore.util.CertTools.stringToBCDNString(CertTools.java:467) > > > > Are from EJBCA 6.3, this error does not come from EJBCA 6.10. I think > > your container is not updated with a new ejbca.ear file. > > > > > > It was the good version of the ear, we checked the version in admin page. > > > > Thanks for your answers & have a good day ! > > > > Arnaud > > > > > > > > > > Regards, > > Tomas > > > > > > > > On 2019-02-07 12:05, Arnaud Defos wrote: > > > For sure, we didn't modify anything in the code. > > > > > > We do not have the problem in staging environment (same image) of > > > container. It means the problem seems to be in database (too much > > data ? > > > specific configuration ?). > > > > > > So ejbca 6.10.1.2 is working, but the migration/new version seems > to > > > trigger these 3 problems... > > > > > > Difficult to solve for us. > > > > > > Le jeu. 7 févr. 2019 à 11:49, Tomas Gustavsson <to...@pr... > > <mailto:to...@pr...> > > > <mailto:to...@pr... <mailto:to...@pr...>>> a écrit : > > > > > > > > > Hmm, 6.10.1.2 is run bu hundreds of users successfully. It has > > to be > > > something specific to your installation. I do not talk about > > the browser > > > cache. Perhaps you built in something in > > wildfly/standalone/tmp in your > > > docket image. > > > > > > Are you sure you have not modified EJBCA in any way? > > > > > > This error: > > > >> JBWEB004061: An error occurred at line: 325 in the > > generated java > > > file > > > >> The code of method _jspService(HttpServletRequest, > > > HttpServletResponse) > > > >> is exceeding the 65535 bytes limit > > > > > > Happens if you add things to endentityprofiles.jsp, because it > > is almost > > > full by default, so if you add any code of your own it will > > exceed the > > > limit. > > > > > > Regards, > > > Tomas > > > --- > > > Meet us at RSA Conference 2019 > > > San Francisco, March 4-8 > > > Booth #1935 > > > FREE Expo pass code: XEU9PRIMEKEY > > > > > > On 2019-02-07 11:42, Arnaud Defos wrote: > > > > Hi Tomas, > > > > > > > > Thanks for your answer. We use wildfly 10.1.0. We delete > > cache with > > > > admin page but it does not work. We use docker so the image > was > > > cleaned. > > > > > > > > Any ideas to resolve these 3 problems ? > > > > > > > > Have a good day ! > > > > > > > > Le jeu. 31 janv. 2019 à 22:18, Tomas Gustavsson > > <to...@pr... <mailto:to...@pr...> > > > <mailto:to...@pr... <mailto:to...@pr...>> > > > > <mailto:to...@pr... <mailto:to...@pr...> > > <mailto:to...@pr... <mailto:to...@pr...>>>> a écrit : > > > > > > > > > > > > What version of JBoss/WildFly are you using? > > > > > > > > And yes, a new versio is planned rather soon. If you > > want to test > > > > something new you can also check out the docker image on > > > dockerhub. > > > > > > > > https://hub.docker.com/r/primekey/ejbca-ce > > > > > > > > Regards, > > > > Tomas > > > > > > > > > > > > On 2019-01-31 22:15, Tomas Gustavsson wrote: > > > > > > > > > > I think you need to clean the JBoss temp directory. > > Sometimes it > > > > leaves > > > > > behind old files, causing jsp errors (it tries to use > old > > > cached pages > > > > > in temp with new ejbca version). > > > > > > > > > > Regards, > > > > > Tomas > > > > > --- > > > > > Meet us at RSA Conference 2019 > > > > > San Francisco, March 4-8 > > > > > Booth #1935 > > > > > FREE Expo pass code: XEU9PRIMEKEY > > > > > > > > > > On 2019-01-29 14:51, Arnaud Defos wrote: > > > > >> Hi, > > > > >> > > > > >> I try to upgrade from ejbca 6.3.1.1 to 6.10.1.2. When > I > > > start ejbca > > > > >> after doing all required steps, we have several > problems. > > > > >> > > > > >> _1st problem :_ > > > > >> > > > > >> When I try to go to the "end entity profiles" page, > > I've got > > > > blank page > > > > >> with "Internal server error". In log file, we can see > : > > > > >> (default task-1) UT005023: Exception handling request > to > > > > >> > > > > > /ejbca/adminweb/ra/editendentityprofiles/editendentityprofiles.jsp: > > > > >> org.apache.jasper.JasperException: JBWEB004062: > Unable to > > > compile > > > > class > > > > >> for JSP: > > > > >> > > > > >> JBWEB004061: An error occurred at line: 325 in the > > > generated java > > > > file > > > > >> The code of method _jspService(HttpServletRequest, > > > > HttpServletResponse) > > > > >> is exceeding the 65535 bytes limit > > > > >> > > > > >> Stacktrace: > > > > >> at > > > > >> > > > > > > > > > > org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:95) > > > > >> at > > > > >> > > > > > > > > > > org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:198) > > > > >> at > > > > >> > > > > > > > > > > org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:449) > > > > >> at > > > org.apache.jasper.compiler.Compiler.compile(Compiler.java:359) > > > > >> at > > > org.apache.jasper.compiler.Compiler.compile(Compiler.java:334) > > > > >> at > > > org.apache.jasper.compiler.Compiler.compile(Compiler.java:321) > > > > >> at > > > > >> > > > > > > > > > > org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:652) > > > > >> at > > > > >> > > > > > > > > > > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:358) > > > > >> at > > > > > > > > > > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402) > > > > >> at > > > > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346) > > > > >> at > > javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) > > > > >> at > > > > > > > > > > org.ejbca.ui.web.admin.NoCacheFilter.doFilter(NoCacheFilter.java:68) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > org.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:204) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > > > > > > org.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > org.ejbca.ui.web.admin.ProxiedAuthenticationFilter.doFilter(ProxiedAuthenticationFilter.java:104) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > > > > > > > org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > org.ejbca.util.owaspcsrfguard.EncodingFilter.doFilter(EncodingFilter.java:51) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > > > > >> at > > > > > > > > > > io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > > > > >> at > > > > >> > > > > > > > > > > org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > > > > >> at > > > > > > > > > > io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > > > > >> at > > > > > > > > > > io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805) > > > > >> at > > > > >> > > > > > > > > > > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > > > > >> at > > > > >> > > > > > > > > > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > > > > >> at java.lang.Thread.run(Thread.java:748) > > > > >> > > > > >> No problem with version 6.3.1.1. > > > > >> > > > > >> _2nd problem : > > > > >> _ > > > > >> > > > > >> When we go to When we go to Internal Key Bindings -> > > > > OcspKeyBinding, we > > > > >> can see two certificates revoked whereas they were > active > > > before the > > > > >> migration. > > > > >> > > > > >> _3rd problem :_ > > > > >> > > > > >> When we go to Internal Key Bindings -> OcspKeyBinding > > > > > Click on one > > > > >> serial number. We have got this error (in the web > page) : > > > > >> An exception has occurred. > > > > >> java.lang.StringIndexOutOfBoundsException: String > > index out of > > > > range: -1 > > > > >> > > > > >> javax.ejb.EJBException: > > > java.lang.StringIndexOutOfBoundsException: > > > > >> String index out of range: -1 > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.tx.CMTTxInterceptor.handleExceptionInNoTx(CMTTxInterceptor.java:213) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInNoTx(CMTTxInterceptor.java:265) > > > > >> at > > > > > > > > > > org.jboss.as.ejb3.tx.CMTTxInterceptor.supports(CMTTxInterceptor.java:374) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:243) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > > > > > > > org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:356) > > > > >> at > > > > >> > > > > > > > > > > org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:636) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > > > > > > > org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:356) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) > > > > >> at > > > > > > > > > > org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185) > > > > >> at > > > ��> >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:73) > > > > >> at > > > > >> > > > > > > > > > > org.cesecore.certificates.certificate.CertificateStoreSessionLocal$$$view55.findCertificateByIssuerAndSerno(Unknown > > > > >> Source) > > > > >> at > > > > >> > > > > > > > > > > org.ejbca.ui.web.admin.rainterface.RAInterfaceBean.loadCertificates(RAInterfaceBean.java:702) > > > > >> at > > > > >> > > > > > > > > > > org.apache.jsp.viewcertificate_jsp._jspService(viewcertificate_jsp.java:242) > > > > >> at > > > > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) > > > > >> at > > javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > > > > >> at > > > > >> > > > > > > > > > > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433) > > > > >> at > > > > > > > > > > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402) > > > > >> at > > > > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346) > > > > >> at > > javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) > > > > >> at > > > > >> > > > > > > > > > > org.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:198) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > > > > > > org.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > org.ejbca.ui.web.admin.ProxiedAuthenticationFilter.doFilter(ProxiedAuthenticationFilter.java:109) > > > > >> at > > > > > > > > > > io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > > > > >> at > > > > > > > > > > io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > > > > >> at > > > > >> > > > > > > > > > > org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > > > > >> at > > > > >> > > > > > > > > > > io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > > > > >> at > > > > > > > > > > io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > > > > >> at > > > > > > > > > > io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805) > > > > >> at > > > > >> > > > > > > > > > > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > > > > >> at > > > > >> > > > > > > > > > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > > > > >> at java.lang.Thread.run(Thread.java:748) > > > > >> Caused by: java.lang.StringIndexOutOfBoundsException: > > String > > > > index out > > > > >> of range: -1 > > > > >> at java.lang.String.substring(String.java:1967) > > > > >> at > > org.cesecore.util.CertTools.isDNReversed(CertTools.java:614) > > > > >> at > > > > org.cesecore.util.CertTools.stringToBCDNString(CertTools.java:467) > > > > >> at > > > > >> > > > > > > > > > > org.cesecore.certificates.certificate.CertificateStoreSessionBean.findCertificateByIssuerAndSerno(CertificateStoreSessionBean.java:584) > > > > >> at > sun.reflect.GeneratedMethodAccessor611.invoke(Unknown > > > Source) > > > > >> at > > > > >> > > > > > > > > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > > > > >> at java.lang.reflect.Method.invoke(Method.java:498) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:82) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:93) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ejb3.component.invocationmetrics.ExecutionTimeInterceptor.processInvocation(ExecutionTimeInterceptor.java:43) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.weld.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:73) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:83) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.as.ee.concurrent.ConcurrentContextInterceptor.processInvocation(ConcurrentContextInterceptor.java:45) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340) > > > > >> at > > > > >> > > > > > > > > > > org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21) > > > > >> at > > > > |
