[Pki-users] failed Administrator logon

Heyden, Klaus (Allianz ASIC) KLAUS.HEYDEN at ALLIANZ.DE
Wed Oct 29 18:35:55 UTC 2008 

Hello,
 
i have the problem the the CA don't accept the Administrator login. Either on HTTPS-interface or via pkiconsole. It's a new installation and the Admin-Certificate exists in the Browser with secret key. The problem ist that the CA first dor thier job normal. When i now try to login i got a catalina error like this. i dont reconfigure the CA only restart. I also configured an HSM (Luna) but dont use key's inside the HSM. 
-------------------catalina.out----------------------------------
Oct 29, 2008 5:43:55 PM org.apache.catalina.core.ApplicationContext log"
INFO: caListRequests: You did not provide a valid certificate for this operation
----------------------------------------------------------------------
 
the debug-file shows:
---------------------debug----------------------------------------
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet:service() uri = /ca/agent/header
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet::service() param name='selected' value='ca'
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet: caheader start to service.
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet.java: renderTemplate
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet: curDate=Wed Oct 29 18:15:07 CET 2008 id=caheader time=0
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet:service() uri = /ca/agent/ca/listRequests.html
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet: caListRequests start to service.
[29/Oct/2008:18:15:07][http-9443-Processor21]: DisplayHtmlServlet about to service
[29/Oct/2008:18:15:07][http-9443-Processor21]: IP: 10.94.112.222
[29/Oct/2008:18:15:07][http-9443-Processor21]: AuthMgrName: certUserDBAuthMgr
[29/Oct/2008:18:15:07][http-9443-Processor21]: CMSServlet: retrieving SSL certificate
[29/Oct/2008:18:15:07][http-9443-Processor21]: SignedAuditEventFactory: create() message=[AuditEvent=AUTH_FAIL][SubjectID=$Unidentified$][Outcome=Failure][AuthMgr=$Unidentified$][AttemptedCred=$Unidentified$] authentication failure
[29/Oct/2008:18:15:08][CRLIssuingPoint-MasterCRL]: getConn: mNumConns now 2
[29/Oct/2008:18:15:08][CRLIssuingPoint-MasterCRL]: ObjectStreamMapper:mapObjectToLDAPAttributeSet revokedCerts size=84
[29/Oct/2008:18:15:08][CRLIssuingPoint-MasterCRL]: ObjectStreamMapper:mapObjectToLDAPAttributeSet unrevokedCerts size=84
[29/Oct/2008:18:15:08][CRLIssuingPoint-MasterCRL]: ObjectStreamMapper:mapObjectToLDAPAttributeSet expiredCerts size=84
[29/Oct/2008:18:15:08][CRLIssuingPoint-MasterCRL]: returnConn: mNumConns now 3
----------------------------------------------------------------------
 
certutil -L -d . shows me:
----------------------------------------------------------------------
Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI
ocspSigningCert cert-ca4-1                                   u,u,u
subsystemCert cert-ca4-1                                     u,u,u
caSigningCert cert-ca4-1                                     CTu,Cu,Cu
Server-Cert cert-ca4-1                                       u,u,u
Allianz Group Root CA II - Allianz Group                     CT,C,C
----------------------------------------------------------------------
 
 
reagards
Klaus Heyden
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20081029/993508c2/attachment.htm>

More information about the Pki-users mailing list