'Not Logged In Client certificate authentication required' error #10

nirosha-r · 2022-08-22T07:46:48Z

nirosha-r
Aug 22, 2022

Hi,
I just deployed the signserver 5.2 docker image for testing before production and when I go to adminweb, the following error shows. And nothing happens when clicking the 'Use TLS client certificate'.

I am using the following command to run the docker.
docker run -it --name signserver -p 80:8080 -p 443:8443 -v $(pwd)/TrustedCA.pem:/mnt/external/secrets/tls/cas/ManagementCA.crt -h sign.xxxxxxxxxxx primekey/signserver-ce:5.2.0

The ubuntu terminal shows the following error:

2022-08-22 07:18:52,960+0000 SEVERE [javax.enterprise.resource.webcontainer.jsf.application] (default task-5) Error Rendering View[/workers.xhtml]: javax.el.ELException: /WEB-INF/templates/template.xhtml @43,103 value="#{authenticationBean.userDisplayName}": org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
        at [email protected]//com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:77)
        at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:170)
        at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:157)
        at [email protected]//javax.faces.component.UIOutput.getValue(UIOutput.java:140)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicInputRenderer.getValue(HtmlBasicInputRenderer.java:181)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.getCurrentValue(HtmlBasicRenderer.java:328)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeEnd(HtmlBasicRenderer.java:143)
        at [email protected]//javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:595)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeRecursive(HtmlBasicRenderer.java:286)
        at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.renderRow(GridRenderer.java:162)
        at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.encodeChildren(GridRenderer.java:105)
        at [email protected]//javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:566)
        at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1647)
        at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
        at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
        at [email protected]//com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:468)
        at [email protected]//com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:170)
        at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
        at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
        at [email protected]//com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:102)
        at [email protected]//com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76)
        at [email protected]//com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:199)
        at [email protected]//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:708)
        at [email protected]//javax.faces.webapp.FacesServlet.service(FacesServlet.java:451)
        at [email protected]//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
        at deployment.signserver.ear//org.signserver.web.common.filters.NoCacheFilter.doFilter(NoCacheFilter.java:41)
        at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:184)
        at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36)
        at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
        at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
        at [email protected]//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
        at [email protected]//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
        at [email protected]//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
        at [email protected]//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
        at [email protected]//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
        at [email protected]//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
        at [email protected]//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
        at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
        at [email protected]//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
        at [email protected]//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
        at [email protected]//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
        at [email protected]//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
        at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
        at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
        at [email protected]//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
        at [email protected]//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
        at [email protected]//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
        at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
        at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
        at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
        at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
        at [email protected]//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
        at java.base/java.lang.Thread.run(Unknown Source)
Caused by: javax.el.ELException: org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
        at [email protected]//javax.el.BeanELResolver.getValue(BeanELResolver.java:191)
        at [email protected]//com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:156)
        at [email protected]//com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:184)
        at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:114)
        at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:177)
        at [email protected]//com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
        at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
        at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
        at [email protected]//com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:73)
        ... 80 more
Caused by: org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
        at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getAdminCertificate(AuthenticationBean.java:52)
        at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getUserDisplayName(AuthenticationBean.java:60)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at [email protected]//javax.el.BeanELResolver.getValue(BeanELResolver.java:186)
        ... 88 more

2022-08-22 07:18:52,984+0000 ERROR [io.undertow.request] (default task-5) UT005023: Exception handling request to /signserver/adminweb/: javax.servlet.ServletException: Client certificate authentication required
        at [email protected]//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:725)
        at [email protected]//javax.faces.webapp.FacesServlet.service(FacesServlet.java:451)
        at [email protected]//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
        at deployment.signserver.ear//org.signserver.web.common.filters.NoCacheFilter.doFilter(NoCacheFilter.java:41)
        at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:184)
        at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36)
        at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at [email protected]//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
        at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
        at [email protected]//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
        at [email protected]//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
        at [email protected]//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
        at [email protected]//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
        at [email protected]//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
        at [email protected]//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
        at [email protected]//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
        at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
        at [email protected]//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
        at [email protected]//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
        at [email protected]//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
        at [email protected]//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
        at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
        at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
        at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
        at [email protected]//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
        at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
        at [email protected]//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
        at [email protected]//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
        at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
        at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
        at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
        at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
        at [email protected]//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
        at java.base/java.lang.Thread.run(Unknown Source)
Caused by: org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
        at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getAdminCertificate(AuthenticationBean.java:52)
        at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getUserDisplayName(AuthenticationBean.java:60)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.base/java.lang.reflect.Method.invoke(Unknown Source)
        at [email protected]//javax.el.BeanELResolver.getValue(BeanELResolver.java:186)
        at [email protected]//com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:156)
        at [email protected]//com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:184)
        at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:114)
        at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:177)
        at [email protected]//com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
        at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
        at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
        at [email protected]//com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:73)
        at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:170)
        at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:157)
        at [email protected]//javax.faces.component.UIOutput.getValue(UIOutput.java:140)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicInputRenderer.getValue(HtmlBasicInputRenderer.java:181)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.getCurrentValue(HtmlBasicRenderer.java:328)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeEnd(HtmlBasicRenderer.java:143)
        at [email protected]//javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:595)
        at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeRecursive(HtmlBasicRenderer.java:286)
        at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.renderRow(GridRenderer.java:162)
        at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.encodeChildren(GridRenderer.java:105)
        at [email protected]//javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:566)
        at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1647)
        at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
        at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
        at [email protected]//com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:468)
        at [email protected]//com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:170)
        at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
        at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
        at [email protected]//com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:102)
        at [email protected]//com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76)
        at [email protected]//com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:199)
        at [email protected]//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:708)
        ... 58 more

I am really new to signserver and docker. Please help me to solve the issue. Thank you,

netmackan · 2022-08-24T06:46:59Z

netmackan
Aug 24, 2022
Maintainer

This looks like an issue with your TLS client certificate that you need to use in your web browser when you login as an adinnistrator and/or the configuration of which CA to trust for it.

Please make sure you have a SSL/TLS client certificate and key installed into your web browser. It could for instance be a PKCS#12/PFX file that you got from EJBCA or an other CA software and which you have installed in the web browser.

Also check that there is a file TrustedCA.pem in the same folder as you run the docker command from and that it contains a PEM encoded certificate. That certificate should the CA certificate that issued your TLS client certificate (or the root CA of that certificate chain). Please also make sure that file can be read properly by your user that you run docker with.

You can also paste the first part of the output from the container as that will show any errors in reading your TrustedCA.pem which internally in the container is called ManagementCA.crt.

Cheers,
Markus

1 reply

nirosha-r Aug 24, 2022
Author

Thanks a lot for your kind help. I was using a self-signed certificate for testing. I couldn't find any guide on this.

nirosha-r · 2022-08-25T03:55:12Z

nirosha-r
Aug 25, 2022
Author

What could be this issue?
'/opt/primekey/secrets/external/tls/cas/ManagementCA.crt' exists but is not a file and will be ignored. (Does the file exist outside the container?)
I am binding the self-signed certificate as mentioned earlier.

2 replies

netmackan Aug 30, 2022
Maintainer

This could for instance mean that the TrustedCA.pem file is not found or that it can not be read by Docker.

In your command when you start the container you have this -v $(pwd)/TrustedCA.pem:/mnt/external/secrets/tls/cas/ManagementCA.crt this means that in the same folder as you are running the docker command from there needs to be a file called exactly TrustedCA.pem.

Can you try this before starting the container and provide the output:

ls -l $(pwd)/TrustedCA.pem
ls -l
pwd
docker run -it --name signserver -p 80:8080 -p 443:8443 -v $(pwd)/TrustedCA.pem:/mnt/external/secrets/tls/cas/ManagementCA.crt -h sign.xxxxxxxxxxx primekey/signserver-ce:5.2.0

nirosha-r Aug 31, 2022
Author

Following is the output.

root@sign:~/ssl# ls -l $(pwd)/TrustedCA.pem
-rw-r--r-- 1 root root 1363 Aug 31 13:47 /root/ssl/TrustedCA.pem
root@sign:~/ssl#
root@sign:~/ssl# ls -l
total 32
-rw-r--r-- 1 root root  232 Aug 25 10:13 cert.conf
-rw-r--r-- 1 root root  329 Aug 25 10:09 csr.conf
-rw-r--r-- 1 root root 1224 Aug 25 11:14 rootCA.crt
-rw------- 1 root root 1704 Aug 25 11:14 rootCA.key
-rw-r--r-- 1 root root 1363 Aug 25 11:15 server.crt
-rw-r--r-- 1 root root 1119 Aug 25 11:14 server.csr
-rw------- 1 root root 1704 Aug 25 11:14 server.key
-rw-r--r-- 1 root root 1363 Aug 31 13:47 TrustedCA.pem
root@sign:~/ssl#
root@sign:~/ssl# pwd
/root/ssl
root@sign:~/ssl#

`root@sign:~/ssl# docker run -it --rm --name signserver -p 80:8080 -p 443:8443 -v $(pwd)/TrustedCA.pem:/mnt/external/secrets/tls/cas/ManagementCA.crt -h sign.***** primekey/signserver-ce:5.2.0
2022-08-31 09:09:45,812+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Configure logging for Application Server
2022-08-31 09:09:45,818+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Configure logging for signserver
2022-08-31 09:09:45,827+0000 INFO [/opt/primekey/bin/start.sh] (process:1) uid=10001 gid=0(root) groups=0(root)
2022-08-31 09:09:45,923+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Detected 1 available core(s).
cat: /sys/fs/cgroup/memory/memory.limit_in_bytes: No such file or directory
2022-08-31 09:09:45,933+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Detected bytes available memory assigned to this container.
/opt/primekey/bin/start.sh: line 118: /1024/1024: syntax error: operand expected (error token is "/1024/1024")
2022-08-31 09:09:45,941+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Observable at 127.0.0.1:8090 under paths: /health /health/ready /health/live
sed: can't read /etc/ejbca/conf/ocsp.properties: No such file or directory
2022-08-31 09:09:45,955+0000 WARN [/opt/primekey/bin/start.sh] (process:1) Using the H2 in memory database which is only suitable for ephemeral testing. Please configure the container's environment variables:
DATABASE_JDBC_URL
jdbc:mysql://database:3306/signserver?characterEncoding=utf8
jdbc:postgresql://database/signserver
DATABASE_USER
DATABASE_PASSWORD

2022-08-31 09:09:45,969+0000 INFO [/opt/primekey/bin/start.sh] (process:1) External hostname env.HTTPSERVER_HOSTNAME is set to 'sign.*****'.
sed: can't read /etc/signserver/conf/cesecore.properties: No such file or directory
2022-08-31 09:09:45,979+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Starting application server:

JBoss Bootstrap Environment

JBOSS_HOME: /opt/primekey/appserver

JAVA: /usr/lib/jvm/java-11-slim/bin/java

JAVA_OPTS: -server -XX:+UseParallelGC -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:+ExitOnOutOfMemoryError -Djdk.tls.ephemeralDHKeySize=2048 -Djava.net.preferIPv4Stack=true -Djava.security.egd=file:/dev/random -Dcontainer.database.name=h2 -Dcontainer.hibernate.dialect=org.hibernate.dialect.H2Dialect -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true --add-exports=java.base/sun.nio.ch=ALL-UNNAMED --add-exports=jdk.unsupported/sun.misc=ALL-UNNAMED --add-exports=jdk.unsupported/sun.reflect=ALL-UNNAMED

=========================================================================

2022-08-31 09:09:48,396+0000 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0049: WildFly Full 22.0.1.Final (WildFly Core 14.0.1.Final) starting
2022-08-31 09:09:51,234+0000 WARN [org.jboss.as.server.deployment.scanner] (ServerService Thread Pool -- 6) WFLYDS0006: Reliable deployment behaviour is not possible when auto-deployment of exploded content is enabled (i.e. deployment without use of ".dodeploy"' marker files). Configuration of auto-deployment of exploded content is not recommended in any situation where reliability is desired. Configuring the deployment scanner's auto-deploy-exploded setting to "false" is recommended.
2022-08-31 09:09:51,375+0000 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
2022-08-31 09:09:51,707+0000 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0003: Undertow 2.2.4.Final starting
2022-08-31 09:09:53,038+0000 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0012: Started server default-server.
2022-08-31 09:09:53,131+0000 INFO [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0018: Host default-host starting
2022-08-31 09:09:53,429+0000 INFO [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0006: Undertow HTTP listener remoting listening on 127.0.0.1:4447
2022-08-31 09:09:53,819+0000 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread 1-2) WFLYDS0013: Started FileSystemDeploymentService for directory /opt/primekey/appserver/standalone/deployments
2022-08-31 09:09:58,397+0000 WARN [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0059: Class Path entry xml-apis.jar in /opt/primekey/appserver/standalone/deployments/signserver.ear/lib/serializer-2.7.2.jar does not point to a valid jar for a Class-Path reference.
2022-08-31 09:09:58,434+0000 WARN [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0059: Class Path entry xercesImpl.jar in /opt/primekey/appserver/standalone/deployments/signserver.ear/lib/xalan-2.7.2.jar does not point to a valid jar for a Class-Path reference.
2022-08-31 09:09:58,437+0000 WARN [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0059: Class Path entry xml-apis.jar in /opt/primekey/appserver/standalone/deployments/signserver.ear/lib/xalan-2.7.2.jar does not point to a valid jar for a Class-Path reference.
2022-08-31 09:09:58,438+0000 WARN [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0059: Class Path entry serializer.jar in /opt/primekey/appserver/standalone/deployments/signserver.ear/lib/xalan-2.7.2.jar does not point to a valid jar for a Class-Path reference.
2022-08-31 09:09:59,050+0000 INFO [org.jboss.as.jpa] (MSC service thread 1-2) WFLYJPA0002: Read persistence.xml for SignServerJPA
2022-08-31 09:09:59,061+0000 INFO [org.jboss.as.jpa] (MSC service thread 1-2) WFLYJPA0002: Read persistence.xml for ejbca
2022-08-31 09:10:00,565+0000 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 46) WFLYJPA0010: Starting Persistence Unit (phase 1 of 2) Service 'signserver.ear#ejbca'
2022-08-31 09:10:00,570+0000 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 47) WFLYJPA0010: Starting Persistence Unit (phase 1 of 2) Service 'signserver.ear#SignServerJPA'
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.jboss.as.server.deployment.reflect.ClassReflectionIndex (jar:file:/opt/primekey/appserver/modules/system/layers/base/org/jboss/as/server/main/wildfly-server-14.0.1.Final.jar!/) to field java.util.HashMap.serialVersionUID
WARNING: Please consider reporting this to the maintainers of org.jboss.as.server.deployment.reflect.ClassReflectionIndex
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
2022-08-31 09:10:03,964+0000 WARN [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0005: Secure listener for protocol: 'HTTP/1.1' not found! Using non secure port!
2022-08-31 09:10:05,718+0000 WARN [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0005: Secure listener for protocol: 'HTTP/1.1' not found! Using non secure port!
2022-08-31 09:10:06,780+0000 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 47) WFLYJPA0010: Starting Persistence Unit (phase 2 of 2) Service 'signserver.ear#SignServerJPA'
2022-08-31 09:10:06,786+0000 INFO [org.jboss.as.jpa] (ServerService Thread Pool -- 49) WFLYJPA0010: Starting Persistence Unit (phase 2 of 2) Service 'signserver.ear#ejbca'
2022-08-31 09:10:06,842+0000 INFO [org.infinispan.CONTAINER] (ServerService Thread Pool -- 46) ISPN000128: Infinispan version: Infinispan 'Corona Extra' 11.0.8.Final
2022-08-31 09:10:06,979+0000 INFO [org.infinispan.CONFIG] (MSC service thread 1-2) ISPN000152: Passivation configured without an eviction policy being selected. Only manually evicted entities will be passivated.
2022-08-31 09:10:06,993+0000 INFO [org.infinispan.CONFIG] (MSC service thread 1-2) ISPN000152: Passivation configured without an eviction policy being selected. Only manually evicted entities will be passivated.
2022-08-31 09:10:07,344+0000 INFO [org.infinispan.PERSISTENCE] (ServerService Thread Pool -- 46) ISPN000556: Starting user marshaller 'org.wildfly.clustering.infinispan.spi.marshalling.InfinispanProtoStreamMarshaller'
2022-08-31 09:10:09,743+0000 WARN [org.jboss.weld.Bootstrap] (MSC service thread 1-2) WELD-000146: BeforeBeanDiscovery.addAnnotatedType(AnnotatedType<?>) used for class com.sun.faces.flow.FlowDiscoveryCDIHelper is deprecated from CDI 1.1!
2022-08-31 09:10:10,368+0000 SEVERE [javax.enterprise.resource.webcontainer.jsf.application.view] (MSC service thread 1-2) Unable to obtain CDI 1.1 utilities for Mojarra
2022-08-31 09:10:10,371+0000 SEVERE [javax.enterprise.resource.webcontainer.jsf.flow] (MSC service thread 1-2) Unable to obtain CDI 1.1 utilities for Mojarra
2022-08-31 09:10:10,947+0000 WARN [io.undertow.servlet] (ServerService Thread Pool -- 54) UT015020: Path /* is secured for some HTTP methods, however it is not secured for [HEAD, POST, GET]
2022-08-31 09:10:11,007+0000 INFO [org.signserver.ejb.StartupSingletonBean] (ServerService Thread Pool -- 51) Init, SignServer CE 5.2.0.Final startup.
2022-08-31 09:10:11,233+0000 INFO [org.cesecore.config.ConfigurationHolder] (ServerService Thread Pool -- 51) Allow external re-configuration: false
2022-08-31 09:10:11,250+0000 INFO [org.cesecore.audit.AuditDevicesConfig] (ServerService Thread Pool -- 51) Registered audit device using implementation: org.signserver.server.log.SignServerLog4jDevice
2022-08-31 09:10:11,265+0000 INFO [org.cesecore.audit.AuditDevicesConfig] (ServerService Thread Pool -- 51) Configured exporter AuditExporterDummy for device SignServerLog4jDevice
2022-08-31 09:10:11,278+0000 INFO [org.signserver.server.log.SignServerLog4jDevice] (ServerService Thread Pool -- 51) EVENT: SIGNSERVER_STARTUP; OUTCOME: SUCCESS; MODULE: SERVICE; ADMINISTRATOR: StartServicesServlet.init; ISSUER: null; SERIAL_NUMBER: null; WORKER_ID: null; msg: start services startup msg; VERSION: SignServer CE 5.2.0.Final; REPLY_TIME:1661937011278
2022-08-31 09:10:12,172+0000 INFO [org.signserver.ejb.StartupSingletonBean] (ServerService Thread Pool -- 51) Found 0 worker types to upgrade
2022-08-31 09:10:12,267+0000 INFO [org.signserver.server.log.SignServerLog4jDevice] (ServerService Thread Pool -- 51) EVENT: SET_STATUS_PROPERTY; OUTCOME: SUCCESS; MODULE: STATUS_REPOSITORY; ADMINISTRATOR: StatusRepositorySessionBean.auditLog; ISSUER: null; SERIAL_NUMBER: null; WORKER_ID: null; STATUSREPO_PROPERTY: SERVER_STARTED; STATUSREPO_VALUE: 1661937012265; STATUSREPO_EXPIRATION: 0; REPLY_TIME:1661937012267
2022-08-31 09:10:13,595+0000 WARN [io.undertow.servlet] (ServerService Thread Pool -- 47) UT015020: Path /* is secured for some HTTP methods, however it is not secured for [HEAD, POST, GET]
2022-08-31 09:10:13,610+0000 WARN [io.undertow.servlet] (ServerService Thread Pool -- 53) UT015020: Path /* is secured for some HTTP methods, however it is not secured for [HEAD, POST, GET]
2022-08-31 09:10:13,625+0000 INFO [org.jboss.as.server] (ServerService Thread Pool -- 27) WFLYSRV0010: Deployed "signserver.ear" (runtime-name : "signserver.ear")
2022-08-31 09:10:13,712+0000 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
2022-08-31 09:10:13,718+0000 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly Full 22.0.1.Final (WildFly Core 14.0.1.Final) started in 27234ms - Started 1949 of 2068 services (257 services are lazy, passive or on-demand)
2022-08-31 09:10:13,721+0000 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
2022-08-31 09:10:13,721+0000 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0054: Admin console is not enabled
2022-08-31 09:10:15,081+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Application /opt/primekey/appserver/standalone/deployments/signserver.ear.deployed successfully started.
2022-08-31 09:10:15,086+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Setting up in-bound connectivity...
2022-08-31 09:10:15,105+0000 INFO [/opt/primekey/bin/start.sh] (process:1) No keystore and/or password file were detected at '/opt/primekey/secrets/external/tls/ks/server.[jks|storepasswd]'. Check mount points and file permissions if this is not what you expected.
2022-08-31 09:10:25,807+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Certificate stored in file </opt/primekey/tmp/tmp.23GfcfwuIa/keystore.der>
2022-08-31 09:10:26,918+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Generated TLS certificate with fingerprint 4ffdcb37f3d31cb36bae1c17571f1a9e1349131a025d26a5d4cd40dc903dcc8d.
2022-08-31 09:10:26,922+0000 INFO [/opt/primekey/bin/start.sh] (process:1) No key password file were detected at '/opt/primekey/secrets/persistent/tls/sign./server.keypasswd'. Keystore password will also be used to access private key.
2022-08-31 09:10:26,931+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Importing keystore /opt/primekey/secrets/persistent/tls/sign./server.jks to /opt/primekey/tmp/tmp.23GfcfwuIa/keystore.jks...
2022-08-31 09:10:26,931+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Entry for alias sign.***** successfully imported.
2022-08-31 09:10:26,931+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
2022-08-31 09:10:45,071+0000 WARN [/opt/primekey/bin/start.sh] (process:1) Will use self-signed server side TLS keystore.
2022-08-31 09:10:45,084+0000 INFO [/opt/primekey/bin/start.sh] (process:1) No truststore and/or password file were detected at '/opt/primekey/secrets/external/tls/ts/truststore.[jks|storepasswd]'. Check mount points and file permissions if this is not what you expected.
Certificate was added to keystore
2022-08-31 09:10:58,855+0000 INFO [org.jboss.as.protocol] (management task-1) WFLYPRT0057: cancelled task by interrupting thread Thread[management-handler-thread - 2,5,management-handler-thread]
2022-08-31 09:10:58,939+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Enabling HTTPS listener on 0.0.0.0:8443 with optional client certificate authentication.
2022-08-31 09:11:03,485+0000 INFO [org.jboss.as.protocol] (management task-1) WFLYPRT0057: cancelled task by interrupting thread Thread[management-handler-thread - 1,5,management-handler-thread]
2022-08-31 09:11:07,638+0000 INFO [org.jboss.as.protocol] (management task-1) WFLYPRT0057: cancelled task by interrupting thread Thread[management-handler-thread - 1,5,management-handler-thread]
2022-08-31 09:11:07,735+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Enabling HTTP listener on 0.0.0.0:8080.
2022-08-31 09:11:14,777+0000 INFO [org.signserver.server.log.SignServerLog4jDevice] (default task-2) EVENT: SET_GLOBAL_PROPERTY; OUTCOME: SUCCESS; MODULE: GLOBAL_CONFIG; ADMINISTRATOR: CLI user; ISSUER: null; SERIAL_NUMBER: null; WORKER_ID: null; GLOBALCONFIG_PROPERTY: GLOB.ALLOWANYWSADMIN; GLOBALCONFIG_VALUE: true; REPLY_TIME:1661937074777
Set to allow any WS admin
2022-08-31 09:11:15,173+0000 INFO [/opt/primekey/bin/start.sh] (process:1) Health check now reports application status at signserver/healthcheck/signserverhealth`

After visiting administration web;
`2022-08-31 09:13:55,088+0000 SEVERE [javax.enterprise.resource.webcontainer.jsf.application] (default task-2) Error Rendering View[/workers.xhtml]: javax.el.ELException: /WEB-INF/templates/template.xhtml @43,103 value="#{authenticationBean.userDisplayName}": org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
at [email protected]//com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:77)
at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:170)
at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:157)
at [email protected]//javax.faces.component.UIOutput.getValue(UIOutput.java:140)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicInputRenderer.getValue(HtmlBasicInputRenderer.java:181)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.getCurrentValue(HtmlBasicRenderer.java:328)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeEnd(HtmlBasicRenderer.java:143)
at [email protected]//javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:595)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeRecursive(HtmlBasicRenderer.java:286)
at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.renderRow(GridRenderer.java:162)
at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.encodeChildren(GridRenderer.java:105)
at [email protected]//javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:566)
at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1647)
at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
at [email protected]//com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:468)
at [email protected]//com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:170)
at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
at [email protected]//com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:102)
at [email protected]//com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76)
at [email protected]//com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:199)
at [email protected]//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:708)
at [email protected]//javax.faces.webapp.FacesServlet.service(FacesServlet.java:451)
at [email protected]//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at deployment.signserver.ear//org.signserver.web.common.filters.NoCacheFilter.doFilter(NoCacheFilter.java:41)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:184)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at [email protected]//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at [email protected]//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at [email protected]//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at [email protected]//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at [email protected]//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
at [email protected]//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
at [email protected]//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at [email protected]//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
at [email protected]//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at [email protected]//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at [email protected]//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at [email protected]//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at [email protected]//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at [email protected]//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
at [email protected]//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at [email protected]//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: javax.el.ELException: org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
at [email protected]//javax.el.BeanELResolver.getValue(BeanELResolver.java:191)
at [email protected]//com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:156)
at [email protected]//com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:184)
at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:114)
at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:177)
at [email protected]//com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
at [email protected]//com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:73)
... 80 more
Caused by: org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getAdminCertificate(AuthenticationBean.java:52)
at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getUserDisplayName(AuthenticationBean.java:60)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at [email protected]//javax.el.BeanELResolver.getValue(BeanELResolver.java:186)
... 88 more

2022-08-31 09:13:55,111+0000 ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /signserver/adminweb/: javax.servlet.ServletException: Client certificate authentication required
at [email protected]//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:725)
at [email protected]//javax.faces.webapp.FacesServlet.service(FacesServlet.java:451)
at [email protected]//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at deployment.signserver.ear//org.signserver.web.common.filters.NoCacheFilter.doFilter(NoCacheFilter.java:41)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:184)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at deployment.signserver.ear//org.signserver.web.common.owasp.filters.ClickjackFilter.doFilter(ClickjackFilter.java:36)
at [email protected]//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at [email protected]//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at [email protected]//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at [email protected]//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at [email protected]//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at [email protected]//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at [email protected]//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
at [email protected]//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
at [email protected]//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at [email protected]//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at [email protected]//io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
at [email protected]//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at [email protected]//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at [email protected]//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at [email protected]//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
at [email protected]//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at [email protected]//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at [email protected]//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at [email protected]//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at [email protected]//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at [email protected]//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
at [email protected]//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
at [email protected]//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
at [email protected]//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
at [email protected]//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: org.signserver.admin.web.ejb.NotLoggedInException: Client certificate authentication required
at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getAdminCertificate(AuthenticationBean.java:52)
at deployment.signserver.ear.SignServer-Admin-web-5.2.0.Final.war//org.signserver.admin.web.AuthenticationBean.getUserDisplayName(AuthenticationBean.java:60)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at [email protected]//javax.el.BeanELResolver.getValue(BeanELResolver.java:186)
at [email protected]//com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:156)
at [email protected]//com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:184)
at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:114)
at [email protected]//com.sun.el.parser.AstValue.getValue(AstValue.java:177)
at [email protected]//com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
at [email protected]//org.jboss.weld.module.web.el.WeldValueExpression.getValue(WeldValueExpression.java:50)
at [email protected]//com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:73)
at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:170)
at [email protected]//javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:157)
at [email protected]//javax.faces.component.UIOutput.getValue(UIOutput.java:140)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicInputRenderer.getValue(HtmlBasicInputRenderer.java:181)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.getCurrentValue(HtmlBasicRenderer.java:328)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeEnd(HtmlBasicRenderer.java:143)
at [email protected]//javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:595)
at [email protected]//com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeRecursive(HtmlBasicRenderer.java:286)
at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.renderRow(GridRenderer.java:162)
at [email protected]//com.sun.faces.renderkit.html_basic.GridRenderer.encodeChildren(GridRenderer.java:105)
at [email protected]//javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:566)
at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1647)
at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
at [email protected]//javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
at [email protected]//com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:468)
at [email protected]//com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:170)
at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
at [email protected]//javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:132)
at [email protected]//com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:102)
at [email protected]//com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76)
at [email protected]//com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:199)
at [email protected]//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:708)
... 58 more`

netmackan · 2022-09-09T12:46:19Z

netmackan
Sep 9, 2022
Maintainer

First it looks good:

The current folder is /root/ssl and the TrustedCA.pem is there and readably by the user 'root'.
The docker command is run as that user and that file is specified and mounted to the correct path "/mnt/external/secrets/tls/cas/ManagementCA.crt".

But in the output posted now I can not see the original error message mentioned '/opt/primekey/secrets/external/tls/cas/ManagementCA.crt' exists but is not a file and will be ignored. (Does the file exist outside the container?) so I guess that issue has been fixed now or the error message was somewhere else?

Not sure exactly what is going on here.

4 replies

nirosha-r Sep 12, 2022
Author

Thanks a lot. The given error only appears when I click on the "Administration Web" link.

nirosha-r Sep 20, 2022
Author

Hi, I had to deploy a CA server (ejbca) and generate a ManagementCA.pem to work the signserver properly as self-signed certificate did not work. Thank you very much for your kind help. Best regards.

netmackan Sep 24, 2022
Maintainer

Good to hear that you got it working and thanks for sharing the solution. Cheers!

laimujun Apr 8, 2024

Excuse me, could you please tell me how to correctly generate these two certificates through EJBCA, and what is the relationship between these two certificates

huongdang0208 · 2024-06-06T07:23:21Z

huongdang0208
Jun 6, 2024

Hi Laimujun, the EJBCA community gave you 2 cert files, one is CA certificate (ManagementCA.pem) and one is p12 file which includes your public key and your cert. Whenever you access to signserver you need cert from p12 to gain access

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

'Not Logged In Client certificate authentication required' error #10

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 4 comments 7 replies

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

'Not Logged In Client certificate authentication required' error #10

nirosha-r Aug 22, 2022

Replies: 4 comments · 7 replies

netmackan Aug 24, 2022 Maintainer

nirosha-r Aug 24, 2022 Author

nirosha-r Aug 25, 2022 Author

netmackan Aug 30, 2022 Maintainer

nirosha-r Aug 31, 2022 Author

netmackan Sep 9, 2022 Maintainer

nirosha-r Sep 12, 2022 Author

nirosha-r Sep 20, 2022 Author

netmackan Sep 24, 2022 Maintainer

laimujun Apr 8, 2024

huongdang0208 Jun 6, 2024

nirosha-r
Aug 22, 2022

Replies: 4 comments 7 replies

netmackan
Aug 24, 2022
Maintainer

nirosha-r Aug 24, 2022
Author

nirosha-r
Aug 25, 2022
Author

netmackan Aug 30, 2022
Maintainer

nirosha-r Aug 31, 2022
Author

netmackan
Sep 9, 2022
Maintainer

nirosha-r Sep 12, 2022
Author

nirosha-r Sep 20, 2022
Author

netmackan Sep 24, 2022
Maintainer

huongdang0208
Jun 6, 2024