#2557 CA Cloning: Failed to update number range in few cases
Closed: fixed a year ago by gkapoor. Opened 2 years ago by gkapoor.

I am still seeing this issue.I have shared my master's CS.cfg (attached in associated bug).

This is fixed as part of PKI TRAC Ticket #1544 - CA cloning when serial number range is less than serialCloneTransferNumber throws an exception, but i could still see some failures and if we try to access URL
https://pki1.example.com:20443/ca/admin/ca/updateNumberRange, it always shows a NPE.

<URL>
 The Certificate System has encountered an unrecoverable error.

Error Message:
java.lang.!NullPointerException

Please contact your local administrator for assistance.
</URL>

Steps to Reproduce:

Use the CS.cfg file of master and try to install clone.

Actual results:

Clone install fails

Expected results:

clone installation should pass

Additional info:

<log>
[07/Dec/2016:02:31:40][http-bio-31443-exec-3]: updateNumberRange start
host=pki1.example.com adminPort=20443 eePort=20443
[07/Dec/2016:02:31:40][http-bio-31443-exec-3]: ConfigurationUtils: POST
https://pki1.example.com:20443/ca/admin/ca/updateNumberRange
[07/Dec/2016:02:31:41][http-bio-31443-exec-3]: content from admin interface
=<?xml version="1.0" encoding="UTF-8"
standalone="no"?><XMLResponse><Status>1</Status><Error>Error: Failed to update
number range.</Error></XMLResponse>
[07/Dec/2016:02:31:41][http-bio-31443-exec-3]: updateNumberRange(): status=1
java.io.IOException: Error: Failed to update number range.
        at com.netscape.cms.servlet.csadmin.ConfigurationUtils.updateNumberRang
e(ConfigurationUtils.java:691)
        at com.netscape.cms.servlet.csadmin.ConfigurationUtils.getConfigEntries
FromMaster(ConfigurationUtils.java:556)
        at org.dogtagpki.server.rest.SystemConfigService.configureClone(SystemC
onfigService.java:882)
</log>

I am slightly confused by this bug/ticket, as the referenced bug/ticket, PKI TRAC Ticket #1544 - CA cloning when serial number range is less than serialCloneTransferNumber throws an exception, is not closed.

In fact, during triage, that ticket was deemed a corner case and was given a Milestone of Future and a priority of minor.

Consequently, I have proposed a Milestone of Future and priority of minor for this ticket as well.

Per PKI Bug Council of 12/08/2016: FUTURE - minor

Hello, I was able to reproduce the same issue with one more config setup where in i have below parameters set.This is how it can be reproduced.

  1. Install Master CA.
  2. Stop master CA instance.Change below parameters in CS.cfg of master.

dbs.beginSerialNumber=1
dbs.endSerialNumber=30
dbs.serialCloneTransferNumber=8
dbs.serialIncrement=100
dbs.serialLowWaterMark=6

  1. Restart the master CA.
  2. Now try to setup clone .I always encounter this "Failed to update number range"

Later, i have tried with the config attached with the BZ.So i think this needs to be investigated.I think this could happen in many cases.

Note:

If we setup master and clone ( with default config) and after that we do changes in CS.cfg of both master and clone based on our requirement than we skip this issue.

Metadata Update from @gkapoor:
- Issue set to the milestone: FUTURE

2 years ago

Metadata Update from @mharmsen:
- Custom field feature adjusted to ''
- Custom field proposedmilestone adjusted to ''
- Custom field reviewer adjusted to ''
- Custom field version adjusted to ''
- Issue close_status updated to: None
- Issue priority set to: critical (was: minor)
- Issue set to the milestone: 10.4 (was: FUTURE)

a year ago

Moved back to 10.4 - critical as it may block "https://pagure.io/dogtagpki/issue/1549 - Enabling random serial number management does not enable the same in clone"

Metadata Update from @mharmsen:
- Issue set to the milestone: 10.5 (was: 10.4)

a year ago

Metadata Update from @mharmsen:
- Issue priority set to: major (was: critical)
- Issue set to the milestone: FUTURE (was: 10.5)

a year ago

Fix was merged to master some time ago:

  • 8c0a7eee3bbfe01b2d965dbe09e95221c5031c8b pkispawn: make security domain login sleep duration configurable
  • fa2d731b6ce51c5db9fb0b004d586b8f3e1decd3 Sleep after security domain login during configuration
  • 9eb354883c9d965bb271223bf870839bb756db26 TokenAuthentication: log error message on error
  • bc329a0162ae9af382c81e75742b282ea8c5df0d TokenAuthenticate: avoid NPE on null session table

Metadata Update from @ftweedal:
- Issue assigned to ftweedal

a year ago

Metadata Update from @ftweedal:
- Issue close_status updated to: fixed

a year ago

Metadata Update from @mharmsen:
- Issue set to the milestone: 10.5.4 (was: FUTURE)

a year ago

Metadata Update from @mharmsen:
- Custom field fixedinversion adjusted to pki-core-10.5.4-1.fc27

11 months ago

Login to comment on this ticket.

Metadata