You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
pkispawn fails during key backup using pki-server subsystem-cert-export with error below:
INFO: Loading external certs from /var/lib/pki/topology-00-CA/conf/external_certs.conf
INFO: File does not exist: /var/lib/pki/topology-00-CA/conf/external_certs.conf
INFO: Backing up keys into /var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12
DEBUG: Command: pki-server subsystem-cert-export ca -i topology-00-CA --pkcs12-file /var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12 --pkcs12-password-file /tmp/tmp9ez3szfa/password.txt
ERROR: Certificate not found:
ERROR: CalledProcessError: Command '['pki-server', 'subsystem-cert-export', 'ca', '-i', 'topology-00-CA', '--pkcs12-file', '/var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12', '--pkcs12-password-file', '/tmp/tmp9ez3szfa/password.txt']' returned non-zero exit status 255.
File "/usr/lib/python3.13/site-packages/pki/server/pkispawn.py", line 594, in main
deployer.spawn()
~~~~~~~~~~~~~~^^
File "/usr/lib/python3.13/site-packages/pki/server/deployment/__init__.py", line 5982, in spawn
scriptlet.spawn(self)
~~~~~~~~~~~~~~~^^^^^^
File "/usr/lib/python3.13/site-packages/pki/server/deployment/scriptlets/finalization.py", line 65, in spawn
deployer.backup_keys(subsystem)
~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^
File "/usr/lib/python3.13/site-packages/pki/server/deployment/__init__.py", line 4308, in backup_keys
subprocess.run(cmd, check=True)
~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.13/subprocess.py", line 579, in run
raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
Installation failed: Command failed: pki-server subsystem-cert-export ca -i topology-00-CA --pkcs12-file /var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12 --pkcs12-password-file /tmp/tmp9ez3szfa/password.txt
Additional Info:
pkispawn config file attached
The text was updated successfully, but these errors were encountered:
Summary:
CA pkispawn fails with the below output:
ca.cfg
Build:
OS: fedora-41
dogtag-pki-11.7.0-0.1.alpha1.20250311154011UTC.c331ad19.fc41.x86_64
COPR: @pki/master
Steps to reproduce:
Expected Result:
pkispawn for CA will be successful
Actual Result:
pkispawn fails during key backup using pki-server subsystem-cert-export with error below:
INFO: Loading external certs from /var/lib/pki/topology-00-CA/conf/external_certs.conf INFO: File does not exist: /var/lib/pki/topology-00-CA/conf/external_certs.conf INFO: Backing up keys into /var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12 DEBUG: Command: pki-server subsystem-cert-export ca -i topology-00-CA --pkcs12-file /var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12 --pkcs12-password-file /tmp/tmp9ez3szfa/password.txt ERROR: Certificate not found: ERROR: CalledProcessError: Command '['pki-server', 'subsystem-cert-export', 'ca', '-i', 'topology-00-CA', '--pkcs12-file', '/var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12', '--pkcs12-password-file', '/tmp/tmp9ez3szfa/password.txt']' returned non-zero exit status 255. File "/usr/lib/python3.13/site-packages/pki/server/pkispawn.py", line 594, in main deployer.spawn() ~~~~~~~~~~~~~~^^ File "/usr/lib/python3.13/site-packages/pki/server/deployment/__init__.py", line 5982, in spawn scriptlet.spawn(self) ~~~~~~~~~~~~~~~^^^^^^ File "/usr/lib/python3.13/site-packages/pki/server/deployment/scriptlets/finalization.py", line 65, in spawn deployer.backup_keys(subsystem) ~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^ File "/usr/lib/python3.13/site-packages/pki/server/deployment/__init__.py", line 4308, in backup_keys subprocess.run(cmd, check=True) ~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^ File "/usr/lib64/python3.13/subprocess.py", line 579, in run raise CalledProcessError(retcode, process.args, output=stdout, stderr=stderr) Installation failed: Command failed: pki-server subsystem-cert-export ca -i topology-00-CA --pkcs12-file /var/lib/pki/topology-00-CA/conf/alias/ca_backup_keys.p12 --pkcs12-password-file /tmp/tmp9ez3szfa/password.txtAdditional Info:
pkispawn config file attached
The text was updated successfully, but these errors were encountered: