The freeipa nightly tests using @pki/master copr repo are failing in ipa-server-install in the pkispawn step with the following error:
ipa-server-install
pkispawn
Installation failed: CA subsystem did not start after 60s
Logs available in the PR 186 at the following location. See the master's logs: - pki-ca-spawn.log:
2020-05-11 19:09:37 ERROR: Exception: CA subsystem did not start after 60s File "/usr/lib/python3.8/site-packages/pki/server/pkispawn.py", line 569, in main scriptlet.spawn(deployer) File "/usr/lib/python3.8/site-packages/pki/server/deployment/scriptlets/configuration.py", line 879, in spawn deployer.instance.wait_for_startup( File "/usr/lib/python3.8/site-packages/pki/server/deployment/pkihelper.py", line 919, in wait_for_startup raise Exception('%s subsystem did not start after %ds' %
and in the journal:
May 11 19:09:37 master.ipa.test server[28721]: java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_AES_256_GCM_SHA384 May 11 19:09:37 master.ipa.test server[28721]: at sun.security.ssl.CipherSuite.valueOf(CipherSuite.java:228) May 11 19:09:37 master.ipa.test server[28721]: at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:79) May 11 19:09:37 master.ipa.test server[28721]: at sun.security.ssl.SSLEngineImpl.setEnabledCipherSuites(SSLEngineImpl.java:2047) May 11 19:09:37 master.ipa.test server[28721]: at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLEngine(AbstractJsseEndpoint.java:121) May 11 19:09:37 master.ipa.test server[28721]: at org.apache.tomcat.util.net.SecureNioChannel.processSNI(SecureNioChannel.java:329) May 11 19:09:37 master.ipa.test server[28721]: at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:175) May 11 19:09:37 master.ipa.test server[28721]: at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1568) May 11 19:09:37 master.ipa.test server[28721]: at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) May 11 19:09:37 master.ipa.test server[28721]: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) May 11 19:09:37 master.ipa.test server[28721]: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) May 11 19:09:37 master.ipa.test server[28721]: at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) May 11 19:09:37 master.ipa.test server[28721]: at java.lang.Thread.run(Thread.java:748)
Packages (full list available here): pki-base-10.9.0-0.1.20200511155820.3242ab37.fc32.noarch tomcat-9.0.34-2.fc32.noarch tomcatjss-7.5.0-1.20200507170228.a51952ba.fc32.noarch
Seems to be fixed with the following versions: pki-base-10.9.0-0.1.20200523021925.617a3c1d.fc32.noarch tomcat-9.0.34-2.fc32.noarch tomcatjss-7.5.0-1.20200518183820.23655272.fc32.noarch
Successful logs.
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/3291
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Log in to comment on this ticket.