PlanetJava
Custom Search

java-ejbca-devel
[Top] [All Lists]

Re: ant install --- Error creating CRL

Subject: Re: ant install --- Error creating CRL
Date: Fri, 04 Apr 2008 18:31:50 -0700
Hi,
Where can I fetch the server.log file?
Cheers,
Tomas
zhiqian wrote:
> Hi Tomas,
> 
> I've uploaded the server.log file. I'd just like you to know that I switched
> back to 2048 for ca key 
> as it didn't seem to be the problem...
> 
> Thank you so much for your time and help. Please let me know if you need
> more info from me.
> 
> Zhiqian
> 
> 
> Ejbca support wrote:
>>
>> Can you send some errors from JBOSS_HOME/server/default/log/server.log. 
>> It should be visible clearly what the underlyng problem is.
>>
>> Regards,
>> Tomas
>>
>>
>> zhiqian wrote:
>>> Hi Johan,
>>>
>>> I've changed the CA key as 1024 bit, but I'm still having the same
>>> errors.
>>> It didn't seem to take a long time before it put out the error messages.
>>> Would you please let me know what else could be wrong? By the way I
>>> simply
>>> copied catoken.properties.sample as catoken.properties. I tried both
>>> situations: with or without catoken.properties, the result is the
>>> same....
>>>
>>> Thank you so much for your help and time! The detail info is as the
>>> following:
>>>
>>> ant install
>>> Buildfile: build.xml
>>>      [echo] Merging available external modifications from
>>> /export/home/zxu/ejbca-custom.
>>>      [copy] Warning: /export/home/zxu/ejbca-custom not found.
>>> Trying to override old definition of task apt
>>>
>>> install:
>>>
>>> check:bootstrapdone:
>>>
>>> ejbca:noprompt:
>>>
>>> ejbca:prompt:
>>>     [input] skipping input as property ca.name has already been set.
>>>     [input] skipping input as property ca.dn has already been set.
>>>     [input] skipping input as property ca.keyspec has already been set.
>>>     [input] skipping input as property ca.keytype has already been set.
>>>     [input] skipping input as property ca.signaturealgorithm has already
>>> been set.
>>>     [input] skipping input as property ca.validity has already been set.
>>>     [input] skipping input as property ca.policy has already been set.
>>>     [input] skipping input as property httpsserver.hostname has already
>>> been
>>> set.
>>>     [input] Please enter the server dn (default: CN=localhost,O=EJBCA
>>> Sample,C=SE) ? [CN=localhost,O=EJBCA Sample,C=SE]
>>> [[email protected] ejbca_3_6_b1]# ant install
>>> Buildfile: build.xml
>>>      [echo] Merging available external modifications from
>>> /export/home/zxu/ejbca-custom.
>>>      [copy] Warning: /export/home/zxu/ejbca-custom not found.
>>> Trying to override old definition of task apt
>>>
>>> install:
>>>
>>> check:bootstrapdone:
>>>
>>> ejbca:noprompt:
>>>
>>> ejbca:prompt:
>>>     [input] skipping input as property ca.name has already been set.
>>>     [input] skipping input as property ca.dn has already been set.
>>>     [input] skipping input as property ca.keyspec has already been set.
>>>     [input] skipping input as property ca.keytype has already been set.
>>>     [input] skipping input as property ca.signaturealgorithm has already
>>> been set.
>>>     [input] skipping input as property ca.validity has already been set.
>>>     [input] skipping input as property ca.policy has already been set.
>>>     [input] skipping input as property httpsserver.hostname has already
>>> been
>>> set.
>>>     [input] Please enter the server dn (default: CN=localhost,O=EJBCA
>>> Sample,C=SE) ? [CN=localhost,O=EJBCA Sample,C=SE]
>>>
>>>     [input] Please enter the superadmin password (default: ejbca) ?
>>> [ejbca]
>>>
>>>     [input] Please enter the if superadmin keystore should be batched
>>> (default: true) ? [true]
>>>
>>>     [input] skipping input as property java.trustpassword has already
>>> been
>>> set.
>>>
>>> ejbca:init:
>>>      [echo]
>>>      [echo] ------------------- CA Properties ----------------
>>>      [echo] ca.name                : AdminCA1
>>>      [echo] ca.dn                  : CN=AdminCA1,O=EJBCA Sample,C=SE
>>>      [echo] ca.tokentype           : soft
>>>      [echo] ca.tokenpassword       : null
>>>      [echo] ca.keyspec             : 1024
>>>      [echo] ca.keytype             : RSA
>>>      [echo] ca.signaturealgorithm  : SHA1WithRSA
>>>      [echo] ca.validity            : 3650
>>>      [echo] ca.policy              : null
>>>      [echo] ca.tokenproperties     : conf/catoken.properties
>>>      [echo] httpsserver.hostname   : localhost
>>>      [echo] httpsserver.dn         : CN=localhost,O=EJBCA Sample,C=SE
>>>      [echo] httpsserver.password   : serverpwd
>>>      [echo] superadmin.password    : ejbca
>>>      [echo] superadmin.batch       : true
>>>      [echo] java.trustpassword     : changeit
>>>      [echo] appserver.home         : /home/zxu/jboss-4.2.2.GA
>>>      [echo]
>>>
>>> ejbca:install:
>>>      [echo] Initializing CA with AdminCA1 'CN=AdminCA1,O=EJBCA
>>> Sample,C=SE'
>>> soft null 1024 RSA 3650 null SHA1WithRSA conf/catoken.properties...
>>>      [echo] ca init AdminCA1 "CN=AdminCA1,O=EJBCA Sample,C=SE" soft null
>>> 1024 RSA 3650 null SHA1WithRSA conf/catoken.properties
>>>      [java] Initializing CA
>>>      [java] Generating rootCA keystore:
>>>      [java] CA name: AdminCA1
>>>      [java] DN: CN=AdminCA1,O=EJBCA Sample,C=SE
>>>      [java] CA token type: soft
>>>      [java] CA token password: null
>>>      [java] Keyspec: 1024
>>>      [java] Keytype: RSA
>>>      [java] Validity (days): 3650
>>>      [java] Policy ID: null
>>>      [java] Signature alg: SHA1WithRSA
>>>      [java] CA token properties: null
>>>      [java] Initalizing Temporary Authorization Module.
>>>      [java] Creating CA...
>>>      [java] org.jboss.tm.JBossTransactionRolledbackException:
>>> javax.ejb.TransactionRolledbackLocalException: Error creating CRL.;
>>> nested
>>> exception is:
>>>      [java]     javax.ejb.EJBException:
>>> javax.ejb.TransactionRolledbackLocalException: Error creating CRL.; -
>>> nested
>>> throwable: (javax.ejb.EJBException:
>>> javax.ejb.TransactionRolledbackLocalException: Error creating CRL.)
>>>      [java] Java Result: 255
>>>
>>> ejbca:adminweb:
>>>      [echo] setup setdefaultbaseurl localhost ejbca
>>>      [echo] ra adduser tomcat serverpwd "CN=localhost,O=EJBCA
>>> Sample,C=SE"
>>> "IPAddress=127.0.0.1" AdminCA1 null 1 JKS
>>>      [java] Error : Couldn't find CA in database.
>>>      [echo] ra setclearpwd tomcat serverpwd
>>>      [java] Setting clear text password serverpwd for user tomcat
>>>      [java] javax.ejb.ObjectNotFoundException: No such entity!
>>>      [java] Java Result: 255
>>>      [echo] ra adduser superadmin ejbca "CN=SuperAdmin" null AdminCA1
>>> null
>>> 65 P12
>>>      [java] Error : Couldn't find CA in database.
>>>      [echo] ra setclearpwd superadmin ejbca
>>>      [java] Setting clear text password ejbca for user superadmin
>>>      [java] javax.ejb.ObjectNotFoundException: No such entity!
>>>      [java] Java Result: 255
>>>      [java] 0    [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>> Generating keys in directory /export/home/zxu/ejbca_3_6_b1/p12.
>>>      [java] 1    [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>> Generating for all NEW.
>>>      [java] 36   [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>> Batch
>>> generating 0 users.
>>>      [java] 36   [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>> Generating for all FAILED.
>>>      [java] 51   [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>> Batch
>>> generating 0 users.
>>>
>>> BUILD FAILED
>>> /export/home/zxu/ejbca_3_6_b1/build.xml:40: The following error occurred
>>> while executing this line:
>>> /export/home/zxu/ejbca_3_6_b1/bin/cli.xml:116: The following error
>>> occurred
>>> while executing this line:
>>> /export/home/zxu/ejbca_3_6_b1/bin/cli.xml:140: Batch generation failed!
>>>
>>> Total time: 50 seconds
>>>
>>> Best Regards,
>>>
>>> Zhiqian 
>>>
>>>
>>> Ejbca support wrote:
>>>> Hi Zhiqian,
>>>>
>>>> JBossTransactionRolledbackException sounds like it took to long time to
>>>> generate the CA so the transaction timed out. You can try using 1024 bit
>>>> key for the initial CA just to see if this is the issue. If it is, you
>>>> probably have to change your database specific properties to allow
>>>> longer
>>>> transaction times.
>>>>
>>>> Best regards,
>>>> Johan Eklund
>>>>
>>>>
>>>> zhiqian skrev:
>>>>> Hi,
>>>>>
>>>>> I have deployed ejbca in JBoss without any error messages. When I ran
>>>>> ant
>>>>> install, I have the
>>>>> errors: Error creating CRL and Couldn't find CA in database. I've also
>>>>> checked JBoss log messages. I didn't find any error messages logged
>>>>> when
>>>>> the
>>>>> ear file is deployed.
>>>>>
>>>>> The detail error messages from ant install are the following:
>>>>>
>>>>> ant install
>>>>> Buildfile: build.xml
>>>>>      [echo] Merging available external modifications from
>>>>> /export/home/zxu/ejbca-custom.
>>>>>      [copy] Warning: /export/home/zxu/ejbca-custom not found.
>>>>> Trying to override old definition of task apt
>>>>>
>>>>> install:
>>>>>
>>>>> check:bootstrapdone:
>>>>>
>>>>> ejbca:noprompt:
>>>>>
>>>>> ejbca:prompt:
>>>>>     [input] skipping input as property ca.name has already been set.
>>>>>     [input] skipping input as property ca.dn has already been set.
>>>>>     [input] skipping input as property ca.keyspec has already been set.
>>>>>     [input] skipping input as property ca.keytype has already been set.
>>>>>     [input] skipping input as property ca.signaturealgorithm has
>>>>> already
>>>>> been set.
>>>>>     [input] skipping input as property ca.validity has already been
>>>>> set.
>>>>>     [input] skipping input as property ca.policy has already been set.
>>>>>     [input] skipping input as property httpsserver.hostname has already
>>>>> been
>>>>> set.
>>>>>     [input] Please enter the server dn (default: CN=localhost,O=EJBCA
>>>>> Sample,C=SE) ? [CN=localhost,O=EJBCA Sample,C=SE]
>>>>>
>>>>>     [input] Please enter the superadmin password (default: ejbca) ?
>>>>> [ejbca]
>>>>>
>>>>>     [input] Please enter the if superadmin keystore should be batched
>>>>> (default: true) ? [true]
>>>>>
>>>>>     [input] skipping input as property java.trustpassword has already
>>>>> been
>>>>> set.
>>>>>
>>>>> ejbca:init:
>>>>>      [echo]
>>>>>      [echo] ------------------- CA Properties ----------------
>>>>>      [echo] ca.name                : AdminCA1
>>>>>      [echo] ca.dn                  : CN=AdminCA1,O=EJBCA Sample,C=SE
>>>>>      [echo] ca.tokentype           : soft
>>>>>      [echo] ca.tokenpassword       : null
>>>>>      [echo] ca.keyspec             : 2048
>>>>>      [echo] ca.keytype             : RSA
>>>>>      [echo] ca.signaturealgorithm  : SHA1WithRSA
>>>>>      [echo] ca.validity            : 3650
>>>>>      [echo] ca.policy              : null
>>>>>      [echo] ca.tokenproperties     : conf/catoken.properties
>>>>>      [echo] httpsserver.hostname   : localhost
>>>>>      [echo] httpsserver.dn         : CN=localhost,O=EJBCA Sample,C=SE
>>>>>      [echo] httpsserver.password   : serverpwd
>>>>>      [echo] superadmin.password    : ejbca
>>>>>      [echo] superadmin.batch       : true
>>>>>      [echo] java.trustpassword     : changeit
>>>>>      [echo] appserver.home         : /home/zxu/jboss-4.2.2.GA
>>>>>      [echo]
>>>>>
>>>>> ejbca:install:
>>>>>      [echo] Initializing CA with AdminCA1 'CN=AdminCA1,O=EJBCA
>>>>> Sample,C=SE'
>>>>> soft null 2048 RSA 3650 null SHA1WithRSA conf/catoken.properties...
>>>>>      [echo] ca init AdminCA1 "CN=AdminCA1,O=EJBCA Sample,C=SE" soft
>>>>> null
>>>>> 2048 RSA 3650 null SHA1WithRSA conf/catoken.properties
>>>>>      [java] Initializing CA
>>>>>      [java] Generating rootCA keystore:
>>>>>      [java] CA name: AdminCA1
>>>>>      [java] DN: CN=AdminCA1,O=EJBCA Sample,C=SE
>>>>>      [java] CA token type: soft
>>>>>      [java] CA token password: null
>>>>>      [java] Keyspec: 2048
>>>>>      [java] Keytype: RSA
>>>>>      [java] Validity (days): 3650
>>>>>      [java] Policy ID: null
>>>>>      [java] Signature alg: SHA1WithRSA
>>>>>      [java] CA token properties: null
>>>>>      [java] Initalizing Temporary Authorization Module.
>>>>>      [java] Creating CA...
>>>>>      [java] org.jboss.tm.JBossTransactionRolledbackException:
>>>>> javax.ejb.TransactionRolledbackLocalException: Error creating CRL.;
>>>>> nested
>>>>> exception is:
>>>>>      [java]     javax.ejb.EJBException:
>>>>> javax.ejb.TransactionRolledbackLocalException: Error creating CRL.; -
>>>>> nested
>>>>> throwable: (javax.ejb.EJBException:
>>>>> javax.ejb.TransactionRolledbackLocalException: Error creating CRL.)
>>>>>      [java] Java Result: 255
>>>>>
>>>>> ejbca:adminweb:
>>>>>      [echo] setup setdefaultbaseurl localhost ejbca
>>>>>      [echo] ra adduser tomcat serverpwd "CN=localhost,O=EJBCA
>>>>> Sample,C=SE"
>>>>> "IPAddress=127.0.0.1" AdminCA1 null 1 JKS
>>>>>      [java] Error : Couldn't find CA in database.
>>>>>      [echo] ra setclearpwd tomcat serverpwd
>>>>>      [java] Setting clear text password serverpwd for user tomcat
>>>>>      [java] javax.ejb.ObjectNotFoundException: No such entity!
>>>>>      [java] Java Result: 255
>>>>>      [echo] ra adduser superadmin ejbca "CN=SuperAdmin" null AdminCA1
>>>>> null
>>>>> 65 P12
>>>>>      [java] Error : Couldn't find CA in database.
>>>>>      [echo] ra setclearpwd superadmin ejbca
>>>>>      [java] Setting clear text password ejbca for user superadmin
>>>>>      [java] javax.ejb.ObjectNotFoundException: No such entity!
>>>>>      [java] Java Result: 255
>>>>>      [java] 0    [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>>>> Generating keys in directory /export/home/zxu/ejbca_3_6_b1/p12.
>>>>>      [java] 1    [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>>>> Generating for all NEW.
>>>>>      [java] 32   [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>>>> Batch
>>>>> generating 0 users.
>>>>>      [java] 32   [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>>>> Generating for all FAILED.
>>>>>      [java] 53   [main] INFO  org.ejbca.ui.cli.batch.BatchMakeP12  -
>>>>> Batch
>>>>> generating 0 users.
>>>>>
>>>>> BUILD FAILED
>>>>> /export/home/zxu/ejbca_3_6_b1/build.xml:40: The following error
>>>>> occurred
>>>>> while executing this line:
>>>>> /export/home/zxu/ejbca_3_6_b1/bin/cli.xml:116: The following error
>>>>> occurred
>>>>> while executing this line:
>>>>> /export/home/zxu/ejbca_3_6_b1/bin/cli.xml:140: Batch generation failed!
>>>>>
>>>>>
>>>>> Thank you so much for your help!!
>>>>>
>>>>> Zhiqian
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>   
>>>> -- 
>>>> PrimeKey Solutions offers a commercial EJBCA support subscription and
>>>> training for EJBCA. Please see www.primekey.se or contact
>>>> info-3wPoBD9/[email protected]
>>>> for more information.
>>>> http://download.primekey.se/documents/ejbca_subscription.pdf
>>>> http://download.primekey.se/documents/ejbca_training.pdf
>>>>
>>>>
>>>>
>>>>  
>>>> -------------------------------------------------------------------------
>>>> Check out the new SourceForge.net Marketplace.
>>>> It's the best place to buy or sell services for
>>>> just about anything Open Source.
>>>> http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
>>>> _______________________________________________
>>>> Ejbca-develop mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>>>>
>>>>
>> -------------------------------------------------------------------------
>> Check out the new SourceForge.net Marketplace.
>> It's the best place to buy or sell services for
>> just about anything Open Source.
>> http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
>> _______________________________________________
>> Ejbca-develop mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop
>>
>>
> http://www.nabble.com/file/p16499202/server.log server.log 
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Register now and save $200. Hurry, offer ends at 11:59 p.m., 
Monday, April 7! Use priority code J8TLD2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
msgmiddle
<Prev in Thread] Current Thread [Next in Thread>
Current Sitemap | © 2012 planetjava | Contact | Privacy Policy