Issue #2457: Misleading Logging for HSM - dogtagpki

dogtagpki

#2457 Misleading Logging for HSM

Closed: Fixed None Opened 7 years ago by gkapoor.

Logs are bit confusing when it says "deleteCert Exception=java.io.IOException:
The certificate with the same nickname: NHSM6000:ocspSigningCert cert-NHSM-Test
CA has been found on HSM. "

<debug log snip>
1450 [17/Aug/2016:06:17:45][http-bio-22443-exec-3]: ConfigurationUtils:
findCertificate: The certificate with the same nickname:
NHSM6000:ocspSigningCert cert-NHSM-Test CA has been found on HSM. Please remove
it before proceeding.
1451 [17/Aug/2016:06:17:45][http-bio-22443-exec-3]: handleCerts(): deleteCert
Exception=java.io.IOException: The certificate with the same nickname:
NHSM6000:ocspSigningCert cert-NHSM-Test CA has been found on HSM. Please remove
it before proceeding.
1452 [17/Aug/2016:06:17:45][http-bio-22443-exec-3]: handleCerts(): Failed to
import user certificate.org.mozilla.jss.crypto.TokenException:
PK11_ImportDERCertForKey Unable to import certificate to its token: (-8054) You
are attempting to import a cert with the same issuer/serial as an existing
cert, but      that is not the same cert.
</debug log sinp>

What my observation is certs are not removed we just create a new cert with
different keyid. So why we are saying deleting certs in logs

Steps to Reproduce:

1. Install a HSM and refer https://bugzilla.redhat.com/show_bug.cgi?id=1289323

Actual results:

It gives an impression that it delete NHSM6000:ocspSigningCert cert-NHSM-Test
CA has been found on HSM

Expected results:

Logging should be more user friendly and should say what it does

edewata commented 7 years ago

Fixed in master:

48090b00c3727c95ecd77b52272bd7596b3ff09b

Metadata Update from @gkapoor:
- Issue set to the milestone: 10.4.0

7 years ago

dmoluguw commented 3 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2577

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

minor

Milestone

10.4.0

lowhangingfruit

None

reporter

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1368410

type

defect

version

None

keywords

None

estimate

None

feature

None

origin

proposedpriority

None

fixedinversion

None

platforms

None

blockedby

None

blocking

None

reviewer

None

component

Logging

proposedmilestone

None

dogtagpki

Source Code

#2457 Misleading Logging for HSM Closed: Fixed None Opened 7 years ago by gkapoor.

Metadata

#2457 Misleading Logging for HSM

Closed: Fixed None Opened 7 years ago by gkapoor.