Menu
▾
▴
Re: [Ejbca-develop] setup-admin.sh Exception.
|
From: Developer <de...@bi...> - 2004-03-01 19:14:37
|
Yes, I followed every step except step 3. I skip it and went to the ca and setup-admin script. When this happens the subject, subjecaltname, subjectemailname are not populated and leads to the errors I got. I manually populated the database with this values for the superadmin and tomcat user and it appears to work ok afterwards. I do not reccommend this approach. The key is to follow the instructions. Thanks, Chris On Mon, 2004-03-01 at 02:45, Tomas Gustavsson wrote: > You should follow the installation instructions in doc/README, it says: > ----- > 1. Build and deploy everything with 'ant deploy'. > 2. Start JBoss, ejbca-ca.ear should be deployed. > 3. execute 'install.sh/cmd' in the ejbca directory. The installation script > will use the default javacacerts password. If you have changed it (from > changeit) > it you should use 'install.sh/cmd <javacacerts password>'. > ----- > > Now I suggest the following: > 1. Delete users created by setup-adminweb by running 'ra deluser tomcat' > and 'ra deluser superadmin'. > 2. Run 'install.sh' instead, this should do everything for you. > > The error you get is unknown for me and hopefully the above will fix it. > > Cheers, > Tomas > > > Developer wrote: > > >Hi, > > > >Please help with admin-GUI setup-admin.sh. Explanation is below. > >I'm new to ejbca and I've managed to get ejbca 3.0 beta configured and > >deployed on jboss 3.2.3 on Mandrake 9.1 linux and I can browse to > >http://localhost:8080/ejbca/publicweb/apply/index.html. However when I > >try to setup the admin-GUI I get an error while running setup-admin. > >What am I doing wrong? > > > >First, I run the ca.sh command as follows: > > > > ./ca.sh init TestRoot "C=US,O=PrimeKey,CN=Company" 2048 365 2.5.29.32.0 > > > >This command completes with success. Then I run the the setup-admin as > >follows: > > > > ./setup-adminweb.sh TestRoot SuperAdmin changeit changeit changeit > >mycomputername > > > > The output is below with the error message. > > > >Trying to add user: > >Username: tomcat > >Password (hashed only): changeit > >DN: SuperAdmin > >CA Name: TestRoot > >SubjectAltName: null > >Email: null > >Type: 1 > >Token: JKS > >Certificate profile: 1 > >End entity profile: 1 > >User 'tomcat' has been added. > > > >Note: If batch processing should be possible, > >also use 'ra setclearpwd tomcat <pwd>'. > >Trying to add user: > >Username: superadmin > >Password (hashed only): changeit > >DN: CN=SuperAdmin > >CA Name: TestRoot > >SubjectAltName: null > >Email: null > >Type: 65 > >Token: P12 > >Certificate profile: 1 > >End entity profile: 1 > >User 'superadmin' has been added. > > > >Note: If batch processing should be possible, > >also use 'ra setclearpwd superadmin <pwd>'. > >Setting clear text password changeit for user tomcat > >Setting clear text password changeit for user superadmin > >1 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Generating for > >all NEW. > >268 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Batch generating > >2 users. > >269 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Generating keys > >for tomcat > >2230 [main] ERROR se.anatom.ejbca.batch.BatchMakeP12 - An error > >happened, setting status to FAILED. > >java.lang.reflect.UndeclaredThrowableException > > at $Proxy5.createCertificate(Unknown Source) > > at > >se.anatom.ejbca.batch.BatchMakeP12.createUser(BatchMakeP12.java:232) > > at > >se.anatom.ejbca.batch.BatchMakeP12.processUser(BatchMakeP12.java:309) > > at > >se.anatom.ejbca.batch.BatchMakeP12.createAllWithStatus(BatchMakeP12.java:418) > > at > >se.anatom.ejbca.batch.BatchMakeP12.createAllNew(BatchMakeP12.java:321) > > at > >se.anatom.ejbca.batch.BatchMakeP12.main(BatchMakeP12.java:569) > >Caused by: java.io.NotSerializableException: > >java.security.cert.Certificate: X.509: X.509 Certificate is incomplete: > >subject field is empty, and SubjectAlternativeName extension is absent > > at > >java.security.cert.Certificate$CertificateRep.readResolve(Certificate.java:222) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > >sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > > at > >sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > > at java.lang.reflect.Method.invoke(Method.java:324) > > at > >java.io.ObjectStreamClass.invokeReadResolve(ObjectStreamClass.java:925) > > at > >java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1655) > > at > >java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274) > > at > >java.io.ObjectInputStream.readObject(ObjectInputStream.java:324) > > at java.rmi.MarshalledObject.get(MarshalledObject.java:135) > > at > >org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:136) > > at > >org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:96) > > at > >org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46) > > at > >org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45) > > at > >org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:100) > > at > >org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85) > > ... 6 more > >2543 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Generating keys > >for superadmin > >6545 [main] INFO se.anatom.ejbca.batch.BatchMakeP12 - Created Keystore > >for superadmin. > >java.lang.Exception: BatchMakeP12 failed for 1 users (1 succeeded) - > >:tomcat > > at > >se.anatom.ejbca.batch.BatchMakeP12.createAllWithStatus(BatchMakeP12.java:452) > > at > >se.anatom.ejbca.batch.BatchMakeP12.createAllNew(BatchMakeP12.java:321) > > at > >se.anatom.ejbca.batch.BatchMakeP12.main(BatchMakeP12.java:569) > >cp: cannot stat `p12/tomcat.jks': No such file or directory > >Wrote Root CA certificate to 'tmp/rootca.der' > > > >Importing certs in the JAVA trust store requires root privileges > >Enter the root password when prompted: > >Password: > >and again... > >Password: > >Owner: C=US, O=PrimeKey, CN=Company > >Issuer: C=US, O=PrimeKey, CN=Company > >Serial number: 2267ee5fa1d97e96 > >Valid from: Sun Feb 29 14:08:31 EST 2004 until: Mon Feb 28 14:18:31 EST > >2005 > >Certificate fingerprints: > > MD5: BE:4F:72:BB:D2:F1:64:AE:D6:AE:CE:1C:AF:55:BB:C5 > > SHA1: > >27:D4:DA:43:DA:38:3C:F6:52:5D:F7:2E:86:80:18:B0:52:FB:32:E9 > >Trust this certificate? [no]: yes > >Certificate was added to keystore > > > > > > > > > >------------------------------------------------------- > >SF.Net is sponsored by: Speed Start Your Linux Apps Now. > >Build and deploy apps & Web services for Linux with > >a free DVD software kit from IBM. Click Now! > >http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click > >_______________________________________________ > >Ejbca-develop mailing list > >Ejb...@li... > >https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > > > > > ------------------------------------------------------- > SF.Net is sponsored by: Speed Start Your Linux Apps Now. > Build and deploy apps & Web services for Linux with > a free DVD software kit from IBM. Click Now! > http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
