On 08/01/2017 01:32 AM, Ian Harding via FreeIPA-users wrote:
On 07/31/2017 11:34 AM, Rob Crittenden wrote:
> Ian Harding via FreeIPA-users wrote:
>> I had an unexpected restart of an IPA server that had apparently had
>> updates run but had not been restarted. ipactl says pki-tomcatd would
>> not start.
>>
>> Strangely, the actual service appears to be running:
>>
>
> dogtag is an application within tomcat so tomcat can run without dogtag
> running.
>
> We need to see more of the dogtag debug log to see what is going on.
>
It looks like an authentication problem...
[28/Jul/2017:10:08:47][localhost-startStop-1]: SSL handshake happened
Could not connect to LDAP server host seattlenfs.bpt.rocks port 636
Error netscape.ldap.LDAPException: Authentication failed (49)
Hi,
dogtag stores its internal data in the LDAP server and needs to
establish a secure LDAP connection. You can check how this connection is
configured in /etc/pki/pki-tomcat/ca/CS.cfg, look for the lines:
internaldb.ldapauth.authtype=SslClientAuth
internaldb.ldapauth.bindDN=cn=Directory Manager
internaldb.ldapauth.bindPWPrompt=internaldb
internaldb.ldapauth.clientCertNickname=subsystemCert cert-pki-ca
internaldb.ldapconn.host=vm-...
internaldb.ldapconn.port=636
internaldb.ldapconn.secureConn
authtype can be SslClientAuth (authentication with a ssl certificate) or
BasicAuth (authentication with a bind DN and password stored in
/var/lib/pki/pki-tomcat/conf/password.conf).
You can use this information to manually check the credentials. For
instance with sslclientauth:
export LDAPTLS_CACERTDIR=/etc/pki/pki-tomcat/alias
export LDAPTLS_CERT='subsystemCert cert-pki-ca'
ldapsearch -H ldaps://`hostname`:636 -b "" -s base -Y EXTERNAL
(provide the password from /etc/pki/pki-tomcat/alias/pwdfile.txt)
HTH,
Flo.
at
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1966)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Internal Database Error encountered: Could not connect to LDAP server
host seattlenfs.bpt.rocks port 636 Error netscape.ldap.LDAPException:
Authentication failed (49)
at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:676)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1172)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1078)
at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:570)
at com.netscape.certsrv.apps.CMS.init(CMS.java:188)
at com.netscape.certsrv.apps.CMS.start(CMS.java:1621)
at
com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:114)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:288)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:285)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:320)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:175)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:124)
at
org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1270)
at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1195)
at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1085)
at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5318)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5610)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:899)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:873)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:652)
at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:679)
at
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1966)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
[28/Jul/2017:09:56:24][localhost-startStop-1]: CMSEngine.shutdown()
[28/Jul/2017:10:08:46][localhost-startStop-1]:
============================================
[28/Jul/2017:10:08:46][localhost-startStop-1]: ===== DEBUG SUBSYSTEM
INITIALIZED =======
[28/Jul/2017:10:08:46][localhost-startStop-1]:
============================================
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: restart at
autoShutdown? false
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: autoShutdown
crumb file path? /var/lib/pki/pki-tomcat/logs/autoShutdown.crumb
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: about to look
for cert for auto-shutdown support:auditSigningCert cert-pki-ca
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: found
cert:auditSigningCert cert-pki-ca
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: done init
id=debug
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: initialized debug
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: initSubsystem
id=log
[28/Jul/2017:10:08:46][localhost-startStop-1]: CMSEngine: ready to init
id=log
[28/Jul/2017:10:08:46][localhost-startStop-1]: Creating
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/signedAudit/ca_audit)
[28/Jul/2017:10:08:46][localhost-startStop-1]: Creating
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/system)
[28/Jul/2017:10:08:47][localhost-startStop-1]: Creating
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/transactions)
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: restart at
autoShutdown? false
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: autoShutdown
crumb file path? /var/lib/pki/pki-tomcat/logs/autoShutdown.crumb
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: about to look
for cert for auto-shutdown support:auditSigningCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: found
cert:auditSigningCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: done init id=log
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: initialized log
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: initSubsystem
id=jss
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: ready to init
id=jss
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: restart at
autoShutdown? false
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: autoShutdown
crumb file path? /var/lib/pki/pki-tomcat/logs/autoShutdown.crumb
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: about to look
for cert for auto-shutdown support:auditSigningCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: found
cert:auditSigningCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: done init id=jss
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: initialized jss
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: initSubsystem
id=dbs
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine: ready to init
id=dbs
[28/Jul/2017:10:08:47][localhost-startStop-1]: DBSubsystem: init()
mEnableSerialMgmt=true
[28/Jul/2017:10:08:47][localhost-startStop-1]: Creating
LdapBoundConnFactor(DBSubsystem)
[28/Jul/2017:10:08:47][localhost-startStop-1]: LdapBoundConnFactory: init
[28/Jul/2017:10:08:47][localhost-startStop-1]:
LdapBoundConnFactory:doCloning true
[28/Jul/2017:10:08:47][localhost-startStop-1]: LdapAuthInfo: init()
[28/Jul/2017:10:08:47][localhost-startStop-1]: LdapAuthInfo: init begins
[28/Jul/2017:10:08:47][localhost-startStop-1]: LdapAuthInfo: init ends
[28/Jul/2017:10:08:47][localhost-startStop-1]: init: before
makeConnection errorIfDown is true
[28/Jul/2017:10:08:47][localhost-startStop-1]: makeConnection:
errorIfDown true
[28/Jul/2017:10:08:47][localhost-startStop-1]: TCP Keep-Alive: true
[28/Jul/2017:10:08:47][localhost-startStop-1]:
SSLClientCertificateSelectionCB: Setting desired cert nickname to:
subsystemCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: LdapJssSSLSocket: set
client auth cert nickname subsystemCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]:
SSLClientCertificatSelectionCB: Entering!
[28/Jul/2017:10:08:47][localhost-startStop-1]: Candidate cert:
ocspSigningCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: Candidate cert:
subsystemCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]:
SSLClientCertificateSelectionCB: desired cert found in list:
subsystemCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]:
SSLClientCertificateSelectionCB: returning: subsystemCert cert-pki-ca
[28/Jul/2017:10:08:47][localhost-startStop-1]: SSL handshake happened
Could not connect to LDAP server host seattlenfs.bpt.rocks port 636
Error netscape.ldap.LDAPException: Authentication failed (49)
at
com.netscape.cmscore.ldapconn.LdapBoundConnFactory.makeConnection(LdapBoundConnFactory.java:205)
at
com.netscape.cmscore.ldapconn.LdapBoundConnFactory.init(LdapBoundConnFactory.java:166)
at
com.netscape.cmscore.ldapconn.LdapBoundConnFactory.init(LdapBoundConnFactory.java:130)
at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:654)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1172)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1078)
at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:570)
at com.netscape.certsrv.apps.CMS.init(CMS.java:188)
at com.netscape.certsrv.apps.CMS.start(CMS.java:1621)
at
com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:114)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:288)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:285)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:320)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:175)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:124)
at
org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1270)
at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1195)
at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1085)
at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5318)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5610)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:899)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:873)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:652)
at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:679)
at
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1966)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Internal Database Error encountered: Could not connect to LDAP server
host seattlenfs.bpt.rocks port 636 Error netscape.ldap.LDAPException:
Authentication failed (49)
at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:676)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1172)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1078)
at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:570)
at com.netscape.certsrv.apps.CMS.init(CMS.java:188)
at com.netscape.certsrv.apps.CMS.start(CMS.java:1621)
at
com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:114)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:288)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:285)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:320)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:175)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:124)
at
org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1270)
at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1195)
at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1085)
at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5318)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5610)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:899)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:873)
at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:652)
at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:679)
at
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1966)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
[28/Jul/2017:10:08:47][localhost-startStop-1]: CMSEngine.shutdown()
[28/Jul/2017:10:13:29][localhost-startStop-2]:
============================================
[28/Jul/2017:10:13:29][localhost-startStop-2]: ===== DEBUG SUBSYSTEM
INITIALIZED =======
[28/Jul/2017:10:13:29][localhost-startStop-2]:
============================================
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: restart at
autoShutdown? false
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: autoShutdown
crumb file path? /var/lib/pki/pki-tomcat/logs/autoShutdown.crumb
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: about to look
for cert for auto-shutdown support:auditSigningCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: found
cert:auditSigningCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: done init
id=debug
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: initialized debug
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: initSubsystem
id=log
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: ready to init
id=log
[28/Jul/2017:10:13:29][localhost-startStop-2]: Creating
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/signedAudit/ca_audit)
[28/Jul/2017:10:13:29][localhost-startStop-2]: Creating
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/system)
[28/Jul/2017:10:13:29][localhost-startStop-2]: Creating
RollingLogFile(/var/lib/pki/pki-tomcat/logs/ca/transactions)
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: restart at
autoShutdown? false
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: autoShutdown
crumb file path? /var/lib/pki/pki-tomcat/logs/autoShutdown.crumb
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: about to look
for cert for auto-shutdown support:auditSigningCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: found
cert:auditSigningCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: done init id=log
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: initialized log
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: initSubsystem
id=jss
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: ready to init
id=jss
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: restart at
autoShutdown? false
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: autoShutdown
crumb file path? /var/lib/pki/pki-tomcat/logs/autoShutdown.crumb
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: about to look
for cert for auto-shutdown support:auditSigningCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: found
cert:auditSigningCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: done init id=jss
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: initialized jss
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: initSubsystem
id=dbs
[28/Jul/2017:10:13:29][localhost-startStop-2]: CMSEngine: ready to init
id=dbs
[28/Jul/2017:10:13:29][localhost-startStop-2]: DBSubsystem: init()
mEnableSerialMgmt=true
[28/Jul/2017:10:13:29][localhost-startStop-2]: Creating
LdapBoundConnFactor(DBSubsystem)
[28/Jul/2017:10:13:29][localhost-startStop-2]: LdapBoundConnFactory: init
[28/Jul/2017:10:13:29][localhost-startStop-2]:
LdapBoundConnFactory:doCloning true
[28/Jul/2017:10:13:29][localhost-startStop-2]: LdapAuthInfo: init()
[28/Jul/2017:10:13:29][localhost-startStop-2]: LdapAuthInfo: init begins
[28/Jul/2017:10:13:29][localhost-startStop-2]: LdapAuthInfo: init ends
[28/Jul/2017:10:13:29][localhost-startStop-2]: init: before
makeConnection errorIfDown is true
[28/Jul/2017:10:13:29][localhost-startStop-2]: makeConnection:
errorIfDown true
[28/Jul/2017:10:13:29][localhost-startStop-2]: TCP Keep-Alive: true
[28/Jul/2017:10:13:29][localhost-startStop-2]:
SSLClientCertificateSelectionCB: Setting desired cert nickname to:
subsystemCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: LdapJssSSLSocket: set
client auth cert nickname subsystemCert cert-pki-ca
[28/Jul/2017:10:13:29][localhost-startStop-2]: SSL handshake happened
Could not connect to LDAP server host seattlenfs.bpt.rocks port 636
Error netscape.ldap.LDAPException: Authentication failed (49)
at
com.netscape.cmscore.ldapconn.LdapBoundConnFactory.makeConnection(LdapBoundConnFactory.java:205)
at
com.netscape.cmscore.ldapconn.LdapBoundConnFactory.init(LdapBoundConnFactory.java:166)
at
com.netscape.cmscore.ldapconn.LdapBoundConnFactory.init(LdapBoundConnFactory.java:130)
at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:654)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1172)
at
com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1078)
at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:570)
at com.netscape.certsrv.apps.CMS.init(CMS.java:188)
at com.netscape.certsrv.apps.CMS.start(CMS.java:1621)
at
com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:114)
at javax.servlet.GenericServlet.init(GenericServlet.java:158)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:288)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:285)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:320)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:175)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:124)
at
org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1270)
at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1195)
at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1085)
at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5318)
at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5610)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:899)
at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:156)
> I don't think re-running the upgrade command would help.
>
> rob
>