[Pki-users] (Fedora 17) PKI-RA fails to start after install

John Magne jmagne at redhat.com
Tue Jun 11 16:52:54 UTC 2013 

First of all, that doesn't sound like it's one of the supported smart cards.
That is no sure bet that it won't work though.

Second, a look at the tps-debug.log for TPS would help.



----- Original Message -----
> From: "Brian Henson" <marine64 at gmail.com>
> To: "Andrew Wnuk" <awnuk at redhat.com>
> Cc: pki-users at redhat.com
> Sent: Monday, June 10, 2013 7:10:04 PM
> Subject: Re: [Pki-users] (Fedora 17) PKI-RA fails to start after install
> 
> Only error I am working with now is my test smart card (expresso pro 64k
> -fips) shows error 28 when I try to format it using the smart card manager.
> Anyone know how to fix that?
> 
> 
> On Mon, Jun 10, 2013 at 9:55 PM, Brian Henson < marine64 at gmail.com > wrote:
> 
> 
> 
> Perfect. Changed the two files and it installed perfectly. Thank you for your
> help.
> 
> 
> On Mon, Jun 10, 2013 at 8:39 PM, Andrew Wnuk < awnuk at redhat.com > wrote:
> 
> 
> 
> On 06/10/2013 12:56 PM, Brian Henson wrote:
> 
> 
> 
> I have SELinux completely disabled. SHould I skip the semanage part?
> Yes, check the earlier comments.
> 
> 
> 
> 
> 
> 
> On Mon, Jun 10, 2013 at 12:26 PM, Andrew Wnuk < awnuk at redhat.com > wrote:
> 
> 
> 
> Hi Brian,
> 
> it looks like you may have similar issue to
> https://bugzilla.redhat.com/show_bug.cgi?id=971031
> Could you try solution provided in 971031?
> 
> Thank you,
> Andrew
> 
> 
> On 06/09/2013 06:48 PM, Brian Henson wrote:
> 
> 
> 
> Log file
> 
> 
> On Sun, Jun 9, 2013 at 9:47 PM, Brian Henson < marine64 at gmail.com > wrote:
> 
> 
> 
> Changed the syntax checking now i get this when starting
> 
> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link
> `pkiuser/logs': No such file or directory
> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create
> 'pkiuser/logs' -> '/var/log/pki-tps'!
> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link 'pkiuser/run'
> does NOT exist!
> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create
> 'pkiuser/run' -> '/var/run/pki/tps' . . .
> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link
> `pkiuser/run': No such file or directory
> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create
> 'pkiuser/run' -> '/var/run/pki/tps'!
> Jun 09 21:43:11 server pkicontrol[1816]: WARNING: Symbolic link
> 'pkiuser/conf' does NOT exist!
> Jun 09 21:43:11 server pkicontrol[1816]: INFO: Attempting to create
> 'pkiuser/conf' -> '/etc/pki-tps' . . .
> Jun 09 21:43:11 server pkicontrol[1816]: ln: failed to create symbolic link
> `pkiuser/conf': No such file or directory
> Jun 09 21:43:11 server pkicontrol[1816]: ERROR: Failed to create
> 'pkiuser/conf' -> '/etc/pki-tps'!
> 
> 
> 
> On Wed, Jun 5, 2013 at 1:20 PM, Andrew Wnuk < awnuk at redhat.com > wrote:
> 
> 
> 
> On 06/04/2013 02:57 PM, Andrew Wnuk wrote:
> 
> 
> On 06/03/2013 07:10 AM, Ade Lee wrote:
> 
> 
> Can you attach the logs under /var/log/pki-tps ?
> Also, check /var/log/messages to see if there are any messages there.
> 
> Another thing you can try is to set selinux in permissive mode, and see
> if the server starts.
> 
> Ade
> You could also try to disable syntax checking in your directory server.
> https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/syntax-validation.html#syntax-validation-basic
> 
> 
> 
> 
> 
> 
> On Fri, 2013-05-31 at 17:46 -0400, Brian Henson wrote:
> 
> 
> This is the only error i see in the TPS install log [2013-05-29
> 03:37:20] [error] FAILED run_command("/bin/systemctl restart
> pki-tpsd at pki-tps.service "), exit status=1 output="Job failed. See
> system journal and 'systemctl status' for details." and the same
> error(minus service name on the other service)
> 
> 
> On Fri, May 31, 2013 at 5:14 PM, Andrew Wnuk < awnuk at redhat.com > wrote:
> On 05/31/2013 07:53 AM, Brian Henson wrote:
> > I don't mean to sound dumb but where is the logfiles? I am
> > using the wiki install page as a guide.
> Installation logs are under /var/log with names referring to
> subsystems like: pki-ca-install.log, pki-kra-install.log,
> pki-tks-install.log, pki-tks-install.log, . . .
> Each subsystem has its logs located under subsystem directory.
> For example
> * CA logs by default are located in /var/log/pki-ca
> * TPS logs by default are located in /var/log/pki-tps
> * . . .
> > 
> > 
> > On Thu, May 30, 2013 at 4:01 PM, Andrew Wnuk
> > < awnuk at redhat.com > wrote:
> > 
> > Is there anything in the log files pointing to your
> > failure?
> > If yes, could you provide these log entries?
> > 
> > On 05/30/2013 11:34 AM, Brian Henson wrote:
> > 
> > > Any Ideas on this? I need the TPS for the
> > > smartcard support.
> > > 
> > > 
> > > On Wed, May 29, 2013 at 1:24 PM, Brian Henson
> > > < marine64 at gmail.com > wrote:
> > > Fedora 17 and dogtag 9 via yum
> > > 
> > > On May 29, 2013 12:01 PM, "Andrew Wnuk"
> > > < awnuk at redhat.com > wrote:
> > > 
> > > On 05/28/2013 09:46 PM, Brian
> > > Henson wrote:
> > > 
> > > > Hello all,
> > > > 
> > > > 
> > > > When I try to configure the RA
> > > > subsystem after installing it I
> > > > get this error.
> > > > 
> > > > 
> > > > Installation information
> > > > recorded
> > > > in /var/log/pki-ra-install.log.
> > > > [debug]
> > > > run_command(/bin/systemctl
> > > > restart pki-rad at pki-ra.service )
> > > > [error] FAILED
> > > > run_command("/bin/systemctl
> > > > restart
> > > > pki-rad at pki-ra.service "), exit
> > > > status=1 output="Job failed. See
> > > > system journal and 'systemctl
> > > > status' for details."
> > > > Before proceeding with the
> > > > configuration, make sure
> > > > the firewall settings of this
> > > > machine permit proper
> > > > access to this subsystem.
> > > > 
> > > > 
> > > > Please start the configuration
> > > > by accessing:
> > > > 
> > > > 
> > > > https://(someaddress):12890/ra/admin/console/config/login?pin=XWdsV1oDtx9qQFcybzAr
> > > > 
> > > > 
> > > > After configuration, the server
> > > > can be operated by the command:
> > > > 
> > > > 
> > > > /bin/systemctl restart
> > > > pki-rad at pki-ra.service
> > > > 
> > > > 
> > > > 
> > > > 
> > > > Anyone know how to fix this? I
> > > > get it for the TPS module as
> > > > well.
> > > > 
> > > > 
> > > > Thanks
> > > > 
> > > > 
> > > > Brian Henson
> > > > 
> > > > 
> > > 
> > > Brian,
> > > 
> > > Could you provide OS and server
> > > versions?
> > > 
> > > Thank you,
> > > Andrew
> > > 
> > > 
> > > 
> > 
> > 
> > 
> > 
> 
> 
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
> 
> 
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
> 
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users

More information about the Pki-users mailing list