#1443 pkidaemon status tomcat list URLs under PKI subsystems which are not accessible
Closed: Fixed None Opened 5 years ago by mharmsen.

pkidaemon status tomcat list a URL under CA which is not accessible

Steps to Reproduce:

1. Install CA
2. [root@csqa2 dogtag]# pkidaemon status tomcat
Status for pki-new-master: pki-new-master is running ..

    [CA Status Definitions]
    Unsecure URL        =
http://csqa2.idm.lab.eng.rdu.redhat.com:30044/ca/ee/ca
    Secure Agent URL    =
https://csqa2.idm.lab.eng.rdu.redhat.com:30042/ca/agent/ca
    Secure EE URL       =
https://csqa2.idm.lab.eng.rdu.redhat.com:30042/ca/ee/ca
    Secure Admin URL    =
https://csqa2.idm.lab.eng.rdu.redhat.com:30042/ca/services
    EE Client Auth URL  =
https://csqa2.idm.lab.eng.rdu.redhat.com:30042/ca/eeca/ca
    PKI Console Command = pkiconsole
https://csqa2.idm.lab.eng.rdu.redhat.com:30042/ca
    Tomcat Port         = 30045 (for shutdown)

    [CA Configuration Definitions]
    PKI Instance Name:   pki-new-master

    PKI Subsystem Type:  Root CA (Security Domain)

    Registered PKI Security Domain Information:
    ==========================================================================
    Name:  idm.lab.eng.rdu.redhat.com
    URL:   https://csqa2.idm.lab.eng.rdu.redhat.com:30042
    ==========================================================================

Actual results:

URL https://csqa2.idm.lab.eng.rdu.redhat.com:30042/ca/eeca/ca is not accessible

*pkidaemon status tomcat list a URL under DRM which is not accessible

Steps to Reproduce:

1. pkispawn KRA
2. pkidaemon status tomcat

Actual results:

https://mgmt3.rhq.lab.eng.bos.redhat.com:30412/kra/ee/kra/ is not accessible

Expected results:

All URLs listed under KRA should be accessible and functional

pkidaemon status tomcat list a URL under TKS which is not accessible

Steps to Reproduce:

1. pkispawn tks
2. pkidaemon status tomcat

Actual results:

http://mgmt3.rhq.lab.eng.bos.redhat.com:30568/tks/ee/tks is not accessible

Expected results:

All URLs listed under tks should be accessible and functional

Per CS/DS Meeting of 6/29/2015: 10.2.6

Simply removing the lines from 'operations' did not seem to work.

Consequently, since this ticket was deemed Nice-To-Have in the 07/06/2015 CS/DS meeting, I am downgrading it to 'major' 10.2.6.

Checked into 'master':

  • d48dbcb710bde0df445ab190fe4dc77c4fe3861d

Re-opening this bug as 10.2.7 since the associated bug Failed QE.

There is another bug associated with this if a re-spin is needed -- PKI TRAC Ticket #1518 - OCSP ee url returned by pkidaemon status tomcat shows an error page.

Checked into 'master':

  • 5015475c6084d9397017e5531299f1545fae2a33

Metadata Update from @mharmsen:
- Issue assigned to mharmsen
- Issue set to the milestone: 10.2.6

4 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2003

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Login to comment on this ticket.

Metadata