Hi Tomas,
Actually you are saying that after the reconfiguration, the errors about
the missing bouncycastle are no longer there.
You could increase the loglevel in
/etc/tomcat5/log4j-trustmanager.properties
and look for more clues in the trustmanager's logfile:
/var/log/tomcat5/glite-security-trustmanager.log
Best regards,
Dimitar
Dimitar Shiyachki wrote:
> Hi Tomas,
>
> Which is the version of the glite-security-trustmanager RPM on your VOMS
> host?
>
> There used to be a problem with its configuration script due to a change
> in the location of the
> bouncycastle jar in a newer version of the bouncycastle RPM in JPackage.
> But the fix has been
> in production for a long time.
>
> What is the contents of this directory:
>
> ls -l /var/lib/tomcat5/server/lib/
>
> If there is a new issue similar to the previous one (I'm not able to
> reproduce such a problem
> with the latest RPMS from gLite production and JPackage), the easiest
> way to fix it would be
> to create a link manually for bouncycastle in /var/lib/tomcat5/server/lib
>
> Something like:
>
> bcprov.jar -> /usr/share/java/bcprov.jar
>
> Actually which is the version of the bouncycastle RPM on your VOMS host?
> (Although the
> newest bouncycastle was able to copy with old versions of the
> bouncycastle RPMs.).
>
> Best regards,
> Dimitar
>
>
> Tomas Kouba wrote:
>
>> Hello,
>>
>> we have had a problem with our glite-VOMS_mysql service. The tomcat was
>> refusing to start with
>> java exception saying that some bouncycastle class could not be found. I
>> have reconfigured the service:
>> /opt/glite/etc/config/scripts/glite-voms-server-config.py --configure
>> and it seems to start ok now:
>>
>> # /etc/init.d/tomcat5 status
>> /etc/init.d/tomcat5 is already running (4418)
>> # lsof -i:8443
>> COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
>> java 4418 tomcat 79u IPv6 1174258 TCP *:8443 (LISTEN)
>> ....
>>
>> My problem now is that the connection to the port 8443 is refused by
>> firefox:
>>
>> Secure Connection Failed
>> An error occurred during a connection to voms1.egee.cesnet.cz:8443.
>> Peer reports it experienced an internal error.
>> (Error code: ssl_error_internal_error_alert)
>> The page you are trying to view can not be shown because the
>> authenticity of the received data could not be verified.
>> * Please contact the web site owners to inform them of this problem.
>>
>> And I cannot find any record in tomcat's log about this problem. Is it
>> possible to increase debug level
>> or is there any other log I should check?
>>
>> Thanks for any help,
>>
>> --
>> Tomas Kouba
>>
>>
|