Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8512

Init CA command fails with p11-ng

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 7.3.0
    • Component/s: None
    • Labels:
      None
    • Provenance:
      Internal Delivery
    • Epic Link:
    • Sprint:
      EJBCA Team Alice - 2019 w37

      Description

      Seems like it tries to use Sun PKCS11 by default.

      {color:#000000}2019-09-11 14:44:00,576 INFO  [org.cesecore.certificates.ca.CaSessionBean] (default task-2) CA with name ManagementCA does not exist.{color}
      {color:#000000}2019-09-11 14:44:00,797 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-2) 2019-09-11 14:44:00+02:00;ROLE_ACCESS_USER_ADDITION;SUCCESS;ROLES;CORE;ejbca;;;;msg=Added administrator aspect(s) SuperAdmin to role Super Administrator Role.;id=851546057;tokenType=CertificateAuthenticationToken;tokenIssuerId=1023881705;tokenMatchKey=WITH_COMMONNAME (8);tokenMatchOperator=TYPE_EQUALCASE (1000);tokenMatchValue=SuperAdmin;roleId=1;nameSpace=;roleName=Super Administrator Role;description={color}
      {color:#000000}2019-09-11 14:44:01,150 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-2) 2019-09-11 14:44:01+02:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;ejbca;;;;resource0=/cryptotoken/modify{color}
      {color:#000000}2019-09-11 14:44:01,884 INFO  [org.cesecore.keys.token.PKCS11CryptoToken] (default task-2) Configured to not add PKCS#11 Provider: SunPKCS11-hsm_pkcs11.so-slot0{color}
      {color:#000000}2019-09-11 14:44:01,915 INFO  [org.cesecore.keys.token.PKCS11CryptoToken] (default task-2) Activated Crypto Token with ID -473815477.{color}
      {color:#000000}2019-09-11 14:44:02,080 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-2) 2019-09-11 14:44:02+02:00;ACCESS_CONTROL;SUCCESS;ACCESSCONTROL;CORE;ejbca;;;;resource0=/cryptotoken/modify{color}
      {color:#000000}2019-09-11 14:44:02,153 INFO  [org.cesecore.keys.token.PKCS11CryptoToken] (default task-2) Configured to not add PKCS#11 Provider: SunPKCS11-hsm_pkcs11.so-slot0{color}
      {color:#000000}2019-09-11 14:44:02,176 INFO  [org.cesecore.keys.token.PKCS11CryptoToken] (default task-2) Activated Crypto Token with ID -1785740156.{color}
      {color:#000000}2019-09-11 14:44:02,203 INFO  [org.cesecore.audit.impl.log4j.Log4jDevice] (default task-2) 2019-09-11 14:44:02+02:00;CRYPTOTOKEN_CREATE;SUCCESS;CRYPTOTOKEN;CORE;ejbca;-1785740156;;;msg=Created CryptoToken with id -1785740156;name=ManagementCA_20190911144402;encProviderName=SunPKCS11-hsm_pkcs11.so-slot0;signProviderName=SunPKCS11-hsm_pkcs11.so-slot0;added:slotLabelType=SLOT_LABEL;added:tokenName=ManagementCA_20190911144402;added:slotLabelValue=dbprotect;added:sharedLibrary=/opt/hsm_pkcs11.so{color}
      {color:#000000}2019-09-11 14:44:02,438 INFO  [org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean] (default task-2) Creating an X509 CA: ManagementCA{color}
      {color:#000000}2019-09-11 14:44:02,504 WARN  [org.cesecore.keys.token.BaseCryptoToken] (default task-2) Can not read private key with alias 'dbProtect00001' from Crypto Token, got null. If the key was generated after the latest application server start then restart the application server.{color}
      
      

        Attachments

          Activity

            People

            Assignee:
            hsunmark Henrik Sunmark
            Reporter:
            hsunmark Henrik Sunmark
            Verified by:
            Amin Khorsandi
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: