Comments (9)
Hi @bmalila
What does your Security Server's diagnostics view say? If it shows red for the OCSP responder, please take a look at the /var/log/xroad/signer.log
log file.
You can also try to empty the OCSP cache by following these instructions.
Regards,
Petteri
from x-road.
I checked twice the keys. It seems like something was wrong with AUTH key. I deleted a key and generated a new one. At the following moment it works.
from x-road.
Hi @petkivim
Yes your are right, The OCSP responder is read and shows that test-ca.lxd:8888 is unable to connect to the OSCP responder. Also the time-stamping is read with message that test-ca:lxd:8899 having the internal error.
from x-road.
Hi @AWfaw
That explains the problem. Have you tried to restart the test-ca
container and/ or OCSP + TSA services running inside of it? Instructions for restarting the services can be found at:
Regards,
Petteri
from x-road.
If restarting the container or the services does not help, try to use the internal IP address of the test-ca
container in the X-Road configuration instead of test-ca.lxd
DNS name. Please note, that after updating the TSA URL on the Central Server, you must first remove the TSA configuration on the Security Server and then add the TSA again to apply the new TSA URL.
from x-road.
@petkivim
Thanks, yours second recommendation helped me lot. Right now the OCSP response from SIGN has a status "good" and AUTH in status "registration in progress"
from x-road.
@AWfaw
That's great! Next you must complete the steps described in section 3.6:
Please note, that some of the steps must be completed on the Central Server, not on the Security Server.
from x-road.
Okay, I'm in the central server. The AUTH key had been added to the "Owned Servers", but if I going to the "management requests" the certificate registration has a status "waiting" not "submitted or approved".
from x-road.
Are there one or two requests in the management requests queue on the Central Server? And are you sure that you imported the auth certificate (not sign certificate or auth key - as you wrote above)?
from x-road.
Related Issues (20)
- Unexpected error writing large object to database. Server.ClientProxy.IOError: LoggingFailed.InternalError: Future timed out after [120 seconds] HOT 5
- Need help in member registration of SS to CS HOT 21
- How to add a new security server in the x-road ecosystem HOT 8
- wrong key usage HOT 2
- Server DNS nane (CN) HOT 4
- expose IP containers HOT 2
- Connect a security server to the central server HOT 3
- Register Auth Cert in Central Server HOT 4
- Change security server ip HOT 12
- I found this tiny typo :) Just wanted to let you know... HOT 1
- As an Ansible user I would like the roles to be in separate repostiories as done usually for Ansible Roles HOT 3
- environment configuration HOT 4
- Support for OpenAPI 3.1 HOT 1
- Required field 'protocolVersion' is missing HOT 6
- Xroad Security Server HOT 1
- X-Road Setup and configuration step by step HOT 3
- X-road issue with building containers (ansible) HOT 1
- certificate self signing issue HOT 91
- Release of new versions. HOT 4
- TLS certificate does not match any IS certificates HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from x-road.