Menu
▾
▴
Re: [SignServer-develop] Issue with Timestamping
|
From: Markus K. <ma...@pr...> - 2015-06-01 10:01:16
|
On 06/01/2015 11:19 AM, Marcin Fabianczyk wrote: > Hello, Hello Marcin, > > When I try to sign a document timestamp gets > errors. SIGNSERVER_NODEID in the system variable is set. > > 10:59:57,754 ERROR [org.signserver.common.WorkerConfig] > (http--0.0.0.0-8080-1) Error, required environment variable > SIGNSERVER_NODEID isn't set. > 10:59:57,755 ERROR [org.signserver.common.WorkerConfig] > (http--0.0.0.0-8080-1) Error, required environment variable > SIGNSERVER_NODEID isn't set. > 10:59:57,755 ERROR [org.signserver.common.WorkerConfig] > (http--0.0.0.0-8080-1) Error, required environment variable > SIGNSERVER_NODEID isn't set. > 10:59:57,755 ERROR [org.signserver.common.WorkerConfig] > (http--0.0.0.0-8080-1) Error, required environment variable > SIGNSERVER_NODEID isn't set. > 10:59:57,756 ERROR [org.signserver.common.WorkerConfig] > (http--0.0.0.0-8080-1) Error, required environment variable > SIGNSERVER_NODEID isn't set. > 10:59:57,756 ERROR [org.signserver.common.WorkerConfig] > (http--0.0.0.0-8080-1) Error, required environment variable > SIGNSERVER_NODEID isn't set. The error about SIGNSERVER_NODEID is more of a warning. If you want to get rid of it you need to define it as an environment variable in place that is read by the application server. For instance ~/.bashrc might not work but /etc/environment or similar might depending on the system and how the application server is started. > 10:59:57,757 INFO [org.signserver.server.log.IWorkerLogger] > (http--0.0.0.0-8080-1) AUDIT; DefaultTimeStampLogger; LOG_ID: > 396652c8-edc8-4559-a969-07cc17b08283; CLIENT_IP: 10.0.0.27; > REQUEST_FULLURL: > http://tsa-01.company.local/signserver/process?workerName=TimeStampSigner; > RequestTime: 1433149197753; ResponseTime: 1; TimeStamp: 1433149197756; > TimeSource: LocalComputerTimeSource; PKIStatus: ${TSA_PKISTATUS}; > PKIFailureInfo: ${TSA_PKIFAILUREINFO}; SerialNumber: b889d6e3b9c7ea6; > TSA_POLICYID: 1.2.3; SIGNER_CERT_SERIALNUMBER: > ${SIGNER_CERT_SERIALNUMBER}; SIGNER_CERT_ISSUERDN: > ${SIGNER_CERT_ISSUERDN}; TIMESTAMPREQUEST_ENCODED: > MDECAQEwITAJBgUrDgMCGgUABBS9rHsjYWM6fCYkVPdKcSRUfwXi7wIGAU2uXXQnAQH/; > TSA_TIMESTAMPRESPONSE_ENCODED: ${TSA_TIMESTAMPRESPONSE_ENCODED}; > ARCHIVE_IDS: ${ARCHIVE_IDS}; PURCHASED: ${PURCHASED}; TSA_EXCEPTION: > ${TSA_EXCEPTION}; EXCEPTION: > org.signserver.common.CryptoTokenOfflineException: No certificate for > this signer > > The last sentence is the real issue you are facing: "No certificate for the signer". So you need to make sure the signer has a certificate configured. Best regards, Markus PrimeKey PrimeKey Solutions offers a commercial EJBCA & SignServer support subscription and training. Please see www.primekey.se or contact in...@pr... for more information. https://www.primekey.se/Services/Support/ https://www.primekey.se/Services/Training/ |
