Re: [Ejbca-develop] EJBCA stacktraces when trying to import large CRL

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

 I spoke too soon :(!!

The program finished with this output:
Certificate '227E7E' missing in the databaseCertificate '355D78' missing in the databaseError: Failed to read response[root@ejbca bin]#
And in the Adminweb, that CA is still showing as NOT HAVING a CRL.
BUT, on the EJBCA server, the log had this:
13:04:54,158 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-1) 2019-06-28 13:04:54-04:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;ejbca;;;;resource0=/ca/116443389513:04:56,492 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-1) 2019-06-28 13:04:56-04:00;CRL_STORED;SUCCESS;CRL;CORE;ejbca;1164433895;;;msg=Stored CRL with CRLNumber=3167, fingerprint=1bdc4875f41e9e5d364c41e42247193e5f41b28c, issuerDN 'CN=XXXXXXXXXXX,...'.13:05:37,252 WARN  [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-1) SQL Error: 0, SQLState: S100013:05:37,258 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (default task-1) Packet for query is too large (74,450,611 > 4,194,304). You can change this value on the server by setting the 'max_allowed_packet' variable.13:05:37,578 ERROR [org.hibernate.internal.ExceptionMapperStandardImpl] (default task-1) HHH000346: Error during managed flush [org.hibernate.exception.GenericJDBCException: could not execute statement]13:05:37,608 WARN  [com.arjuna.ats.arjuna] (default task-1) ARJUNA012125: TwoPhaseCoordinator.beforeCompletion - failed for SynchronizationImple< 0:ffffc0a8001c:-2208842d:5d162e1c:606, org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization@63a7f3b8 >: javax.persistence.PersistenceException: org.hibernate.exception.GenericJDBCException: could not execute statement        at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:154)        at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:181)        at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:188)        at org.hibernate.internal.SessionImpl.doFlush(SessionImpl.java:1460)        at org.hibernate.internal.SessionImpl.managedFlush(SessionImpl.java:511)        at org.hibernate.internal.SessionImpl.flushBeforeTransactionCompletion(SessionImpl.java:3283)        at org.hibernate.internal.SessionImpl.beforeTransactionCompletion(SessionImpl.java:2479)        at org.hibernate.engine.jdbc.internal.JdbcCoordinatorImpl.beforeTransactionCompletion(JdbcCoordinatorImpl.java:473)        at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl.beforeCompletion(JtaTransactionCoordinatorImpl.java:352)        at org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorNonTrackingImpl.beforeCompletion(SynchronizationCallbackCoordinatorNonTrackingImpl.java:47)        at org.hibernate.resource.transaction.backend.jta.internal.synchronization.RegisteredSynchronization.beforeCompletion(RegisteredSynchronization.java:37)        at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.beforeCompletion(JCAOrderedLastSynchronizationList.java:113)        at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:236)        at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:247)        at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.beforeCompletion(AbstractTransaction.java:292)        at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.beforeCompletion(SynchronizationImple.java:76)        at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.beforeCompletion(TwoPhaseCoordinator.java:360)        at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:91)        at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162)        at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1288)        at com.arjuna.ats.internal.jta.transaction.arjunacore.BaseTransaction.commit(BaseTransaction.java:126)        at com.arjuna.ats.jbossatx.BaseTransactionManagerDelegate.commit(BaseTransactionManagerDelegate.java:89)        at org.wildfly.transaction.client.LocalTransaction.commitAndDissociate(LocalTransaction.java:77)        at org.wildfly.transaction.client.ContextTransactionManager.commit(ContextTransactionManager.java:71)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.endTransaction(CMTTxInterceptor.java:88)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:261)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:362)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:144)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:509)        at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:81)        at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:89)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.deployment.processors.EjbSuspendInterceptor.processInvocation(EjbSuspendInterceptor.java:57)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438)        at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:619)        at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)        at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)        at org.wildfly.security.auth.server.SecurityIdentity.runAsFunctionEx(SecurityIdentity.java:382)        at org.jboss.as.ejb3.remote.AssociationImpl.invokeWithIdentity(AssociationImpl.java:556)        at org.jboss.as.ejb3.remote.AssociationImpl.invokeMethod(AssociationImpl.java:537)        at org.jboss.as.ejb3.remote.AssociationImpl.lambda$receiveInvocationRequest$0(AssociationImpl.java:195)        at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)        at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)        at java.lang.Thread.run(Thread.java:748)Caused by: org.hibernate.exception.GenericJDBCException: could not execute statement        at org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)        at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)        at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)        at org.hibernate.engine.jdbc.internal.ResultSetReturnImpl.executeUpdate(ResultSetReturnImpl.java:178)        at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:3171)        at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:3686)        at org.hibernate.action.internal.EntityInsertAction.execute(EntityInsertAction.java:90)        at org.hibernate.engine.spi.ActionQueue.executeActions(ActionQueue.java:604)        at org.hibernate.engine.spi.ActionQueue.executeActions(ActionQueue.java:478)        at org.hibernate.event.internal.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:356)        at org.hibernate.event.internal.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:39)        at org.hibernate.internal.SessionImpl.doFlush(SessionImpl.java:1454)        ... 62 moreCaused by: com.mysql.cj.jdbc.exceptions.PacketTooBigException: Packet for query is too large (74,450,611 > 4,194,304). You can change this value on the server by setting the 'max_allowed_packet' variable.        at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:107)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeInternal(ClientPreparedStatement.java:955)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeUpdateInternal(ClientPreparedStatement.java:1094)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeUpdateInternal(ClientPreparedStatement.java:1042)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeLargeUpdate(ClientPreparedStatement.java:1345)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeUpdate(ClientPreparedStatement.java:1027)        at org.jboss.jca.adapters.jdbc.CachedPreparedStatement.executeUpdate(CachedPreparedStatement.java:121)        at org.jboss.jca.adapters.jdbc.WrappedPreparedStatement.executeUpdate(WrappedPreparedStatement.java:537)        at org.hibernate.engine.jdbc.internal.ResultSetReturnImpl.executeUpdate(ResultSetReturnImpl.java:175)        ... 70 more
13:05:38,023 ERROR [org.jboss.as.ejb3.invocation] (default task-1) WFLYEJB0034: EJB Invocation failed on component CrlStoreSessionBean for method public abstract void org.cesecore.certificates.crl.CrlStoreSession.storeCRL(org.cesecore.authentication.tokens.AuthenticationToken,byte[],java.lang.String,int,java.lang.String,java.util.Date,java.util.Date,int) throws org.cesecore.certificates.crl.CrlStoreException,org.cesecore.authorization.AuthorizationDeniedException: javax.ejb.EJBTransactionRolledbackException: javax.transaction.RollbackException: ARJUNA016053: Could not commit transaction.        at org.jboss.as.ejb3.tx.CMTTxInterceptor.endTransaction(CMTTxInterceptor.java:114)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:261)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:362)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:144)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:509)        at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:81)        at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:89)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.deployment.processors.EjbSuspendInterceptor.processInvocation(EjbSuspendInterceptor.java:57)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438)        at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:619)        at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57)        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)        at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)        at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)        at org.wildfly.security.auth.server.SecurityIdentity.runAsFunctionEx(SecurityIdentity.java:382)        at org.jboss.as.ejb3.remote.AssociationImpl.invokeWithIdentity(AssociationImpl.java:556)        at org.jboss.as.ejb3.remote.AssociationImpl.invokeMethod(AssociationImpl.java:537)        at org.jboss.as.ejb3.remote.AssociationImpl.lambda$receiveInvocationRequest$0(AssociationImpl.java:195)        at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)        at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)        at java.lang.Thread.run(Thread.java:748)Caused by: javax.transaction.RollbackException: ARJUNA016053: Could not commit transaction.        at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1300)        at com.arjuna.ats.internal.jta.transaction.arjunacore.BaseTransaction.commit(BaseTransaction.java:126)        at com.arjuna.ats.jbossatx.BaseTransactionManagerDelegate.commit(BaseTransactionManagerDelegate.java:89)        at org.wildfly.transaction.client.LocalTransaction.commitAndDissociate(LocalTransaction.java:77)        at org.wildfly.transaction.client.ContextTransactionManager.commit(ContextTransactionManager.java:71)        at org.jboss.as.ejb3.tx.CMTTxInterceptor.endTransaction(CMTTxInterceptor.java:88)        ... 41 more        Suppressed: javax.transaction.RollbackException: WFTXN0061: Transaction is marked rollback-only                at org.wildfly.transaction.client.AbstractTransaction.setRollbackOnly(AbstractTransaction.java:96)                at org.wildfly.transaction.client.LocalTransaction.setRollbackOnly(LocalTransaction.java:149)                at org.wildfly.transaction.client.ContextTransactionManager.setRollbackOnly(ContextTransactionManager.java:94)                at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionAdapterTransactionManagerImpl.markRollbackOnly(JtaTransactionAdapterTransactionManagerImpl.java:100)                at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl$TransactionDriverControlImpl.markRollbackOnly(JtaTransactionCoordinatorImpl.java:456)                at org.hibernate.engine.transaction.internal.TransactionImpl.markRollbackOnly(TransactionImpl.java:200)                at org.hibernate.internal.AbstractSharedSessionContract.markForRollbackOnly(AbstractSharedSessionContract.java:378)                at org.hibernate.internal.ExceptionConverterImpl.handlePersistenceException(ExceptionConverterImpl.java:297)                at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:155)                at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:181)                at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:188)                at org.hibernate.internal.SessionImpl.doFlush(SessionImpl.java:1460)                at org.hibernate.internal.SessionImpl.managedFlush(SessionImpl.java:511)                at org.hibernate.internal.SessionImpl.flushBeforeTransactionCompletion(SessionImpl.java:3283)                at org.hibernate.internal.SessionImpl.beforeTransactionCompletion(SessionImpl.java:2479)                at org.hibernate.engine.jdbc.internal.JdbcCoordinatorImpl.beforeTransactionCompletion(JdbcCoordinatorImpl.java:473)                at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl.beforeCompletion(JtaTransactionCoordinatorImpl.java:352)                at org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorNonTrackingImpl.beforeCompletion(SynchronizationCallbackCoordinatorNonTrackingImpl.java:47)                at org.hibernate.resource.transaction.backend.jta.internal.synchronization.RegisteredSynchronization.beforeCompletion(RegisteredSynchronization.java:37)                at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.beforeCompletion(JCAOrderedLastSynchronizationList.java:113)                at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:236)                at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:247)                at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.beforeCompletion(AbstractTransaction.java:292)                at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.beforeCompletion(SynchronizationImple.java:76)                at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.beforeCompletion(TwoPhaseCoordinator.java:360)                at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:91)                at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162)                at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1288)                ... 46 more        Suppressed: javax.transaction.RollbackException: WFTXN0061: Transaction is marked rollback-only                at org.wildfly.transaction.client.AbstractTransaction.setRollbackOnly(AbstractTransaction.java:96)                at org.wildfly.transaction.client.LocalTransaction.setRollbackOnly(LocalTransaction.java:149)                at org.wildfly.transaction.client.ContextTransactionManager.setRollbackOnly(ContextTransactionManager.java:94)                at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionAdapterTransactionManagerImpl.markRollbackOnly(JtaTransactionAdapterTransactionManagerImpl.java:100)                at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl$TransactionDriverControlImpl.markRollbackOnly(JtaTransactionCoordinatorImpl.java:456)                at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl.beforeCompletion(JtaTransactionCoordinatorImpl.java:359)                at org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorNonTrackingImpl.beforeCompletion(SynchronizationCallbackCoordinatorNonTrackingImpl.java:47)                at org.hibernate.resource.transaction.backend.jta.internal.synchronization.RegisteredSynchronization.beforeCompletion(RegisteredSynchronization.java:37)                at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.beforeCompletion(JCAOrderedLastSynchronizationList.java:113)                at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:236)                at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:247)                at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.beforeCompletion(AbstractTransaction.java:292)                at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.beforeCompletion(SynchronizationImple.java:76)                at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.beforeCompletion(TwoPhaseCoordinator.java:360)                at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:91)                at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162)                at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1288)                ... 46 moreCaused by: javax.persistence.PersistenceException: org.hibernate.exception.GenericJDBCException: could not execute statement        at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:154)        at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:181)        at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:188)        at org.hibernate.internal.SessionImpl.doFlush(SessionImpl.java:1460)        at org.hibernate.internal.SessionImpl.managedFlush(SessionImpl.java:511)        at org.hibernate.internal.SessionImpl.flushBeforeTransactionCompletion(SessionImpl.java:3283)        at org.hibernate.internal.SessionImpl.beforeTransactionCompletion(SessionImpl.java:2479)        at org.hibernate.engine.jdbc.internal.JdbcCoordinatorImpl.beforeTransactionCompletion(JdbcCoordinatorImpl.java:473)        at org.hibernate.resource.transaction.backend.jta.internal.JtaTransactionCoordinatorImpl.beforeCompletion(JtaTransactionCoordinatorImpl.java:352)        at org.hibernate.resource.transaction.backend.jta.internal.synchronization.SynchronizationCallbackCoordinatorNonTrackingImpl.beforeCompletion(SynchronizationCallbackCoordinatorNonTrackingImpl.java:47)        at org.hibernate.resource.transaction.backend.jta.internal.synchronization.RegisteredSynchronization.beforeCompletion(RegisteredSynchronization.java:37)        at org.jboss.as.txn.service.internal.tsr.JCAOrderedLastSynchronizationList.beforeCompletion(JCAOrderedLastSynchronizationList.java:113)        at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:236)        at org.wildfly.transaction.client.AbstractTransaction.performConsumer(AbstractTransaction.java:247)        at org.wildfly.transaction.client.AbstractTransaction$AssociatingSynchronization.beforeCompletion(AbstractTransaction.java:292)        at com.arjuna.ats.internal.jta.resources.arjunacore.SynchronizationImple.beforeCompletion(SynchronizationImple.java:76)        at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.beforeCompletion(TwoPhaseCoordinator.java:360)        at com.arjuna.ats.arjuna.coordinator.TwoPhaseCoordinator.end(TwoPhaseCoordinator.java:91)        at com.arjuna.ats.arjuna.AtomicAction.commit(AtomicAction.java:162)        at com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.commitAndDisassociate(TransactionImple.java:1288)        ... 46 moreCaused by: org.hibernate.exception.GenericJDBCException: could not execute statement        at org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)        at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)        at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:99)        at org.hibernate.engine.jdbc.internal.ResultSetReturnImpl.executeUpdate(ResultSetReturnImpl.java:178)        at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:3171)        at org.hibernate.persister.entity.AbstractEntityPersister.insert(AbstractEntityPersister.java:3686)        at org.hibernate.action.internal.EntityInsertAction.execute(EntityInsertAction.java:90)        at org.hibernate.engine.spi.ActionQueue.executeActions(ActionQueue.java:604)        at org.hibernate.engine.spi.ActionQueue.executeActions(ActionQueue.java:478)        at org.hibernate.event.internal.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:356)        at org.hibernate.event.internal.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:39)        at org.hibernate.internal.SessionImpl.doFlush(SessionImpl.java:1454)        ... 62 moreCaused by: com.mysql.cj.jdbc.exceptions.PacketTooBigException: Packet for query is too large (74,450,611 > 4,194,304). You can change this value on the server by setting the 'max_allowed_packet' variable.        at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:107)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeInternal(ClientPreparedStatement.java:955)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeUpdateInternal(ClientPreparedStatement.java:1094)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeUpdateInternal(ClientPreparedStatement.java:1042)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeLargeUpdate(ClientPreparedStatement.java:1345)        at com.mysql.cj.jdbc.ClientPreparedStatement.executeUpdate(ClientPreparedStatement.java:1027)        at org.jboss.jca.adapters.jdbc.CachedPreparedStatement.executeUpdate(CachedPreparedStatement.java:121)        at org.jboss.jca.adapters.jdbc.WrappedPreparedStatement.executeUpdate(WrappedPreparedStatement.java:537)        at org.hibernate.engine.jdbc.internal.ResultSetReturnImpl.executeUpdate(ResultSetReturnImpl.java:175)        ... 70 more

I guess that I don't understand something...??  I thought that EJBCA was being used by some organizations that had rather large CRLs already?  If that is the case, then why am I running into this kind of problem now?  What am I doing wrong?
Thanks,Jim

    On Friday, June 28, 2019, 05:05:11 PM UTC, o haya <oh...@ya...> wrote:  

  Hi,
I modified the ejbca.sh file, to set -Xmx2g and -Xms2g and it (still) seems to be running, but it is spitting out a ton of messages like:
Certificate 'xxxx' missing in the database
This is even though I had set "-o LENIENT", which I thought meant that the program wouldn't care if the certificate in the CRL was not in the EJBCA database?
In our case, we are not using the EJBCA as CA, but rather just as an OCSP responder, so there will not be ANY certs in the EJBCA database, so is there a way to get the ejbca.sh to NOT spit out all of those "Certificate missing in database" messages?
I will report back after the program finishes...
Thanks,Jim
    On Friday, June 28, 2019, 04:02:25 PM UTC, o haya <oh...@ya...> wrote:  

  AAAARGH!!!!
 [root@ejbca bin]# ./ejbca.sh ca importcrl "XXXXCA_41" "/home/jl/ejbcabuild/XXX.crl" -o LENIENTCA: XXXXXException in thread "main" java.lang.OutOfMemoryError: Java heap space        at java.util.Vector.<init>(Vector.java:138)        at java.util.Vector.<init>(Vector.java:151)        at java.util.Vector.<init>(Vector.java:160)        at org.bouncycastle.asn1.ASN1EncodableVector.<init>(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildObject(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildEncodableVector(Unknown Source)        at org.bouncycastle.asn1.ASN1InputStream.buildDEREncodableVector(Unknown Source)

    On Friday, June 28, 2019, 03:50:26 PM UTC, o haya <oh...@ya...> wrote:  

  Hi,
The "importcrl" is running now, and is taking awhile, so it seems to be doing something.
Is there a way to DELETE the CRL from the DB?  The reason for my question is that one of things I need to test and document for our project is memory usage with large CRLs, but I forgot to check the memory before I started the importcrl :(...
Thanks,Jim

    On Friday, June 28, 2019, 03:37:07 PM UTC, o haya <oh...@ya...> wrote:  

  Tomas,
OOPS.  Sorry.  For some reason I am NOT receiving any emails from the mailing list, so I missed your response below.  Maybe it is because of Firefox.  Anyway I am typing this on Chrome this time.
I will try your suggestion and post back.
THANKS!!

Jim
    On Friday, June 28, 2019, 01:41:52 PM UTC, Tomas Gustavsson <to...@pr...> wrote:  

bin/ejbca.sh ca importcrl --help

Cheers,
Tomas

On 2019-06-28 15:37, ohaya--- via Ejbca-develop wrote:
> I think I found the command:
> 
> [root@ejbca bin]# ./ejbca.sh ca getcrl --help
> 
> GETCRL EJBCA CLI Commands Manual GETCRL
> 
> NAME
> getcrl - Retrieves a CRL from a CA. Either the latest CRL or a CRL with
> a specified CRL number.
> 
> SYNOPSIS
> getcrl <CA_NAME> <FILE_NAME> [OPTIONAL PARAMETERS]
> getcrl --caname <CA_NAME> -f <FILE_NAME> [OPTIONAL PARAMETERS]
> 
> DESCRIPTION
> Retrieves a CRL from a CA. Either the latest CRL or a CRL with a
> specified CRL number.
> 
> PARAMETERS
> Mandatory parameters:
> --caname <CA_NAME> (Switch is not required)
> The CA to get the CRL for.
> -f <FILE_NAME> (Switch is not required)
> The file to export to.
> 
> Optional parameters:
> --clipassword <CLI_PASSWORD>
> Set the password explicitely in the command line with
> --clipassword=<password>
> --verbose
> Set this value for verbose output of parameter values.
> -crlnumber <CRL_NUMBER>
> Get CRL with the specified CRL number, instead of the latest. Used to read
> historical CRLs.
> -delta
> Fetch the latest delta CRL. Default is regular CRL.
> -p <User will be prompted, input will not be shown>
> Set this flag to be prompted for the username password
> -pem
> Use PEM encoding. Default is DER encoding.
> -u <CLI_USERNAME>
> Username for the CLI user, if required.
> 
> 
> I am going to try it now...
> 
> Jim
> 
> 
> On Friday, June 28, 2019, 9:01:03 AM EDT, <oh...@ya...> wrote:
> 
> 
> You will DEFINITELY be missed!
> 
> If you have time before you go, can you point me to how to use the CLI
> to import the CRL?
> 
> Thanks,
> Jim
> 
> 
> On Friday, June 28, 2019, 8:30:17 AM EDT, Tomas Gustavsson
> <to...@pr...> wrote:
> 
> 
> 
> I don't. Looks like the security filter (OWASP CSRFGuard) has a built in
> size limit for uploads. As you are using the Web UI for this, you may
> try the CLI instead as that does not go via the web interface.
> 
> Cheers,
> Tomas
> 
> PS: I will be away on vacation after today and will not be active in
> this list for a couple of weeks now.
> 
> On 2019-06-28 14:24, ohaya--- via Ejbca-develop wrote:
>> Does anyone have any solution to this problem?
>>
>> Thanks,
>> Jim
>>
>>
>> On Thursday, June 27, 2019, 3:12:35 PM EDT, <oh...@ya...
> <mailto:oh...@ya...>> wrote:
>>
>>
>> Hi,
>>
>> I tried changing the <http-listener> in the standalone.xml to:
>>
>> <https-listener name="httpspub" socket-binding="httpspub"
>> max-post-size="100000000" max-parameters="2048" ssl-context="httpspub"/>
>> <https-listener name="httpspriv" socket-binding="httpspriv"
>> max-post-size="100000000" max-parameters="2048" ssl-context="httpspriv"/>
>>
>> and now when I try to import the CRL, I get:
>>
>> 14:53:10,355 ERROR [io.undertow.request] (default task-1) UT005023:
>> Exception handling request to /ejbca/adminweb/ca/cafunctions.jsp:
>> java.lang.IllegalArgumentException: byte limit exceeded: -58
>> at
>>
> org.owasp.csrfguard.MultipartFormData.decrementLimit(MultipartFormData.java:1339)
>> at
>>
> org.owasp.csrfguard.MultipartFormData.readData(MultipartFormData.java:1305)
>> at
>>
> org.owasp.csrfguard.MultipartFormData.readPart(MultipartFormData.java:1145)
>>
>>
>> On Thursday, June 27, 2019, 2:25:39 PM EDT, <oh...@ya...
> <mailto:oh...@ya...>> wrote:
>>
>>
>> Hi,
>>
>> I am trying to import a somewhat large (> 70MB) CRL into EJBCA, and when
>> I try that it is throwing an exception and outputting the following
>> stacktrace:
>>
>> 14:17:41,407 ERROR [stderr] (default task-1)
>> io.undertow.server.RequestTooBigException: UT000020: Connection
>> terminated as request was larger than 10485760
>> 14:17:41,408 ERROR [stderr] (default task-1)    at
>>
> io.undertow.conduits.FixedLengthStreamSourceConduit.checkMaxSize(FixedLengthStreamSourceConduit.java:168)
>> 14:17:41,408 ERROR
>>
>> How can I import this CRL into EJBCA?
>>
>> Thanks,
>> Jim
> 
>>
>>
>> _______________________________________________
>> Ejbca-develop mailing list
>> Ejb...@li...
> <mailto:Ejb...@li...>
>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>>
> 
> 
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> <mailto:Ejb...@li...>
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> 
> 
> 
> _______________________________________________
> Ejbca-develop mailing list
> Ejb...@li...
> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
> 

_______________________________________________
Ejbca-develop mailing list
Ejb...@li...
https://lists.sourceforge.net/lists/listinfo/ejbca-develop