Menu
▾
▴
Re: [Ejbca-develop] setup-admin.sh Exception.
|
From: Tomas G. <to...@pr...> - 2004-03-01 07:57:02
|
You should follow the installation instructions in doc/README, it says: ----- 1. Build and deploy everything with 'ant deploy'. 2. Start JBoss, ejbca-ca.ear should be deployed. 3. execute 'install.sh/cmd' in the ejbca directory. The installation script will use the default javacacerts password. If you have changed it (from changeit) it you should use 'install.sh/cmd <javacacerts password>'. ----- Now I suggest the following: 1. Delete users created by setup-adminweb by running 'ra deluser tomcat' and 'ra deluser superadmin'. 2. Run 'install.sh' instead, this should do everything for you. The error you get is unknown for me and hopefully the above will fix it. Cheers, Tomas Developer wrote: >Hi, > >Please help with admin-GUI setup-admin.sh. Explanation is below. >I'm new to ejbca and I've managed to get ejbca 3.0 beta configured and >deployed on jboss 3.2.3 on Mandrake 9.1 linux and I can browse to >http://localhost:8080/ejbca/publicweb/apply/index.html. However when I >try to setup the admin-GUI I get an error while running setup-admin. >What am I doing wrong? > >First, I run the ca.sh command as follows: > > ./ca.sh init TestRoot "C=US,O=PrimeKey,CN=Company" 2048 365 2.5.29.32.0 > >This command completes with success. Then I run the the setup-admin as >follows: > > ./setup-adminweb.sh TestRoot SuperAdmin changeit changeit changeit >mycomputername > > The output is below with the error message. > >Trying to add user: >Username: tomcat >Password (hashed only): changeit >DN: SuperAdmin >CA Name: TestRoot >SubjectAltName: null >Email: null >Type: 1 >Token: JKS >Certificate profile: 1 >End entity profile: 1 >User 'tomcat' has been added. > >Note: If batch processing should be possible, >also use 'ra setclearpwd tomcat <pwd>'. >Trying to add user: >Username: superadmin >Password (hashed only): changeit >DN: CN=SuperAdmin >CA Name: TestRoot >SubjectAltName: null >Email: null >Type: 65 >Token: P12 >Certificate profile: 1 >End entity profile: 1 >User 'superadmin' has been added. > >Note: If batch processing should be possible, >also use 'ra setclearpwd superadmin <pwd>'. >Setting clear text password changeit for user tomcat >Setting clear text password changeit for user superadmin >1 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Generating for >all NEW. >268 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Batch generating >2 users. >269 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Generating keys >for tomcat >2230 [main] ERROR se.anatom.ejbca.batch.BatchMakeP12 - An error >happened, setting status to FAILED. >java.lang.reflect.UndeclaredThrowableException > at $Proxy5.createCertificate(Unknown Source) > at >se.anatom.ejbca.batch.BatchMakeP12.createUser(BatchMakeP12.java:232) > at >se.anatom.ejbca.batch.BatchMakeP12.processUser(BatchMakeP12.java:309) > at >se.anatom.ejbca.batch.BatchMakeP12.createAllWithStatus(BatchMakeP12.java:418) > at >se.anatom.ejbca.batch.BatchMakeP12.createAllNew(BatchMakeP12.java:321) > at >se.anatom.ejbca.batch.BatchMakeP12.main(BatchMakeP12.java:569) >Caused by: java.io.NotSerializableException: >java.security.cert.Certificate: X.509: X.509 Certificate is incomplete: >subject field is empty, and SubjectAlternativeName extension is absent > at >java.security.cert.Certificate$CertificateRep.readResolve(Certificate.java:222) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at >sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at >sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > at >java.io.ObjectStreamClass.invokeReadResolve(ObjectStreamClass.java:925) > at >java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1655) > at >java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274) > at >java.io.ObjectInputStream.readObject(ObjectInputStream.java:324) > at java.rmi.MarshalledObject.get(MarshalledObject.java:135) > at >org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:136) > at >org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:96) > at >org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46) > at >org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45) > at >org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:100) > at >org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85) > ... 6 more >2543 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Generating keys >for superadmin >6545 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Created Keystore >for superadmin. >java.lang.Exception: BatchMakeP12 failed for 1 users (1 succeeded) - >:tomcat > at >se.anatom.ejbca.batch.BatchMakeP12.createAllWithStatus(BatchMakeP12.java:452) > at >se.anatom.ejbca.batch.BatchMakeP12.createAllNew(BatchMakeP12.java:321) > at >se.anatom.ejbca.batch.BatchMakeP12.main(BatchMakeP12.java:569) >cp: cannot stat `p12/tomcat.jks': No such file or directory >Wrote Root CA certificate to 'tmp/rootca.der' > >Importing certs in the JAVA trust store requires root privileges >Enter the root password when prompted: >Password: >and again... >Password: >Owner: C=US, O=PrimeKey, CN=Company >Issuer: C=US, O=PrimeKey, CN=Company >Serial number: 2267ee5fa1d97e96 >Valid from: Sun Feb 29 14:08:31 EST 2004 until: Mon Feb 28 14:18:31 EST >2005 >Certificate fingerprints: > MD5: BE:4F:72:BB:D2:F1:64:AE:D6:AE:CE:1C:AF:55:BB:C5 > SHA1: >27:D4:DA:43:DA:38:3C:F6:52:5D:F7:2E:86:80:18:B0:52:FB:32:E9 >Trust this certificate? [no]: yes >Certificate was added to keystore > > > > >------------------------------------------------------- >SF.Net is sponsored by: Speed Start Your Linux Apps Now. >Build and deploy apps & Web services for Linux with >a free DVD software kit from IBM. Click Now! >http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click >_______________________________________________ >Ejbca-develop mailing list >Ejb...@li... >https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > |
