At the end of pkispawn, it issues something similar to the following line:
The URL for the subsystem is: https://pki.example.com:8443/ca
On previous versions of the product, when one placed this URL into a browser, they were redirected to https://pki.example.com:8443/ca/services.
However, on Fedora 21 using the following packages, I received the following:
HTTP Status 500 - java.lang.NullPointerException type Exception report message java.lang.NullPointerException description The server encountered an internal error that prevented it from fulfilling this request. exception org.apache.jasper.JasperException: java.lang.NullPointerException org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:549) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:470) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) javax.servlet.http.HttpServlet.service(HttpServlet.java:727) sun.reflect.GeneratedMethodAccessor35.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:483) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:273) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:549) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:308) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:168) java.security.AccessController.doPrivileged(Native Method) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:483) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:273) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:549) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:308) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248) root cause java.lang.NullPointerException org.apache.jsp.index_jsp._jspService(index_jsp.java:175) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:727) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) javax.servlet.http.HttpServlet.service(HttpServlet.java:727) sun.reflect.GeneratedMethodAccessor35.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:483) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:273) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:549) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:308) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:168) java.security.AccessController.doPrivileged(Native Method) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:483) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:276) org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:273) java.security.AccessController.doPrivileged(Native Method) javax.security.auth.Subject.doAsPrivileged(Subject.java:549) org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:308) org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:248)
The following support packages were being utilized on an x86_64 Fedora 21 machine:
389-ds-base-1.3.3.8-1.fc21.x89_64 java-1.8.0-openjdk-1.8.0.31-b.b13.fc21.x86_64 tomcat-7.0.59-1.fc21.noarch tomcatjss-7.1.1-1.fc21.noarch jss-4.2.6-35.fc21.x86_64
PROPOSED SIMPLE FIX:
diff --git a/base/server/python/pki/server/deployment/pkimessages.py b/base/serv index ecfbe5d..d1dfef2 100644 --- a/base/server/python/pki/server/deployment/pkimessages.py +++ b/base/server/python/pki/server/deployment/pkimessages.py @@ -354,7 +354,7 @@ PKI_CHECK_STATUS_MESSAGE = ''' systemctl status pki-tomcatd@%s.service ''' PKI_ACCESS_URL = " The URL for the subsystem is: \n"\ - " https://%s:%s/%s" + " https://%s:%s/%s/services" PKI_INSTANCE_RESTART_MESSAGE = \ " To restart the subsystem: \n"\ " systemctl restart pki-tomcatd@%s.service"
CAVEAT TO SIMPLE FIX: All PKI subsystems require a proper 'services' URL. For example:
Probably a better fix would be to determine why this URL no longer redirects as it did in previous versions of the product.
Proposed Milestone: 10.2.2 (SIMPLE FIX)
Update on this bug:
While installing the other subsystems (KRA, OCSP, TKS, and TPS), I discovered that TPS does not have a '/services' interface. Oddly enough, when I went back and tried to load things like "https://pki.example.com:8443/ca" and "https://pki.example.com:8443/kra", they no longer failed with an HTTP 500 error! The redirect worked just like it always did.
Per CS/DS meeting of 03/02/2015: 10.2.2 (Simple fix only)
Checked into 'master':
Metadata Update from @mharmsen: - Issue assigned to mharmsen - Issue set to the milestone: 10.2.2
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1846
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.