The nightly test test_replication_layouts_TestCompleteTopologyWithCAKRA failed in PR #512 (master branch, selinux enabled) while installing the replica.
test_replication_layouts_TestCompleteTopologyWithCAKRA
Report:
self = <ipatests.test_integration.test_replication_layouts.TestCompleteTopologyWithCAKRA object at 0x7f95e5166dc0> def test_complete_topology_with_ca_kra(self): > tasks.install_topo('complete', self.master, self.replicas, [], setup_replica_cas=True, setup_replica_kras=True) test_integration/test_replication_layouts.py:120: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ pytest_ipa/integration/tasks.py:1297: in install_topo install_replica( pytest_ipa/integration/tasks.py:462: in install_replica result = replica.run_command(args, raiseonerr=raiseonerr, _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <ipatests.pytest_ipa.integration.host.Host replica2.ipa.test (replica)> argv = ['ipa-replica-install', '--admin-password', 'Secret.123', '--password', 'Secret.123', '-U', ...] set_env = True, stdin_text = None, log_stdout = True, raiseonerr = True cwd = None, bg = False, encoding = 'utf-8', ok_returncode = 0 def run_command(self, argv, set_env=True, stdin_text=None, log_stdout=True, raiseonerr=True, cwd=None, bg=False, encoding='utf-8', ok_returncode=0): """Wrapper around run_command to log stderr on raiseonerr=True :param ok_returncode: return code considered to be correct, you can pass an integer or sequence of integers """ result = super().run_command( argv, set_env=set_env, stdin_text=stdin_text, log_stdout=log_stdout, raiseonerr=False, cwd=cwd, bg=bg, encoding=encoding ) # in FIPS mode SSH may print noise to stderr, remove the string # "FIPS mode initialized" + optional newline. result.stderr_bytes = FIPS_NOISE_RE.sub(b'', result.stderr_bytes) try: result_ok = result.returncode in ok_returncode except TypeError: result_ok = result.returncode == ok_returncode if not result_ok and raiseonerr: result.log.error('stderr: %s', result.stderr_text) > raise subprocess.CalledProcessError( result.returncode, argv, result.stdout_text, result.stderr_text ) E subprocess.CalledProcessError: Command '['ipa-replica-install', '--admin-password', 'Secret.123', '--password', 'Secret.123', '-U', '--setup-ca', '--setup-kra', '--ip-address', '192.168.122.219', '--realm', 'IPA.TEST', '--domain', 'ipa.test']' returned non-zero exit status 1.
The failure happens in pkispawn while setting up sslserver certificate. The logs on the master show the following:
2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: HTTP request: POST /ca/admin/ca/tokenAuthenticate HTTP/1.1 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Content-Type: application/x-www-form-urlencoded 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Content-Length: 54 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Host: master.ipa.test:8443 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Connection: Keep-Alive 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: User-Agent: Apache-HttpClient/4.5.10 (Java/1.8.0_265) 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: HTTP response: HTTP/1.1 200 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Content-Type: application/xml 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Content-Length: 172 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Date: Mon, 02 Nov 2020 18:39:47 GMT 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Keep-Alive: timeout=300 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: Connection: keep-alive 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: EnrollProfile: Parsing PKCS #10 request: 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] INFO: EnrollProfile: createEnrollmentRequest 21 2020-11-02 18:39:47 [ajp-nio-127.0.0.1-8009-exec-2] WARNING: Invalid base64: [admin-replica2.ipa.test]: java.lang.IllegalArgumentException: Illegal base64 character 2e java.lang.IllegalArgumentException: Illegal base64 character 2e at java.util.Base64$Decoder.decode0(Base64.java:714) at java.util.Base64$Decoder.decode(Base64.java:526) at java.util.Base64$Decoder.decode(Base64.java:549) at org.mozilla.jss.netscape.security.util.Utils.base64decode(Utils.java:415) at org.dogtagpki.server.authentication.AuthToken.getInByteArray(AuthToken.java:113) at org.dogtagpki.server.authentication.AuthToken.getInStringArray(AuthToken.java:198) at com.netscape.cms.servlet.cert.CertProcessor.setAuthTokenIntoRequest(CertProcessor.java:132) at com.netscape.cms.servlet.cert.CertProcessor.populateRequests(CertProcessor.java:345) at com.netscape.cms.servlet.cert.EnrollmentProcessor.processEnrollment(EnrollmentProcessor.java:189) at com.netscape.cms.servlet.cert.EnrollmentProcessor.processEnrollment(EnrollmentProcessor.java:97) at com.netscape.cms.servlet.profile.ProfileSubmitServlet.processEnrollment(ProfileSubmitServlet.java:276) at com.netscape.cms.servlet.profile.ProfileSubmitServlet.process(ProfileSubmitServlet.java:130) at com.netscape.cms.servlet.base.CMSServlet.service(CMSServlet.java:494) at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) at sun.reflect.GeneratedMethodAccessor43.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:549) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:225) at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at sun.reflect.GeneratedMethodAccessor42.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:549) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:191) at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) at com.netscape.cms.tomcat.ExternalAuthenticationValve.invoke(ExternalAuthenticationValve.java:82) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:431) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748)
Tracked in dogtagpki with https://github.com/dogtagpki/pki/issues/3370
Not seen in a while. Closing.
Metadata Update from @fcami: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.