2016-04-11 21:02:29 pkispawn : DEBUG ===================================================== DISPLAY CONTENTS OF PKI SLOTS DICTIONARY ===================================================== 2016-04-11 21:02:29 pkispawn : DEBUG { 'INSTALL_TIME_SLOT': '[INSTALL_TIME]', 'NUXWDOG_JNI_PATH_SLOT': '[NUXWDOG_JNI_PATH]', 'PKI_ADMIN_SECURE_PORT_CONNECTOR_NAME_SLOT': '[PKI_ADMIN_SECURE_PORT_CONNECTOR_NAME]', 'PKI_ADMIN_SECURE_PORT_SERVER_COMMENT_SLOT': '[PKI_ADMIN_SECURE_PORT_SERVER_COMMENT]', 'PKI_ADMIN_SECURE_PORT_SLOT': '[PKI_ADMIN_SECURE_PORT]', 'PKI_AGENT_CLIENTAUTH_SLOT': '[PKI_AGENT_CLIENTAUTH]', 'PKI_AGENT_SECURE_PORT_SLOT': '[PKI_AGENT_SECURE_PORT]', 'PKI_AJP_PORT_SLOT': '[PKI_AJP_PORT]', 'PKI_AJP_REDIRECT_PORT_SLOT': '[PKI_AJP_REDIRECT_PORT]', 'PKI_CA_HOSTNAME_SLOT': '[PKI_CA_HOSTNAME]', 'PKI_CA_PORT_SLOT': '[PKI_CA_PORT]', 'PKI_CFG_PATH_NAME_SLOT': '[PKI_CFG_PATH_NAME]', 'PKI_CLOSE_AJP_PORT_COMMENT_SLOT': '[PKI_CLOSE_AJP_PORT_COMMENT]', 'PKI_CLOSE_ENABLE_PROXY_COMMENT_SLOT': '[PKI_CLOSE_ENABLE_PROXY_COMMENT]', 'PKI_CLOSE_SEPARATE_PORTS_SERVER_COMMENT_SLOT': '[PKI_CLOSE_SEPARATE_PORTS_SERVER_COMMENT]', 'PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT_SLOT': '[PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT]', 'PKI_CLOSE_STANDALONE_COMMENT_SLOT': '[PKI_CLOSE_STANDALONE_COMMENT]', 'PKI_CLOSE_TOMCAT_ACCESS_LOG_COMMENT_SLOT': '[PKI_CLOSE_TOMCAT_ACCESS_LOG_COMMENT]', 'PKI_DS_SECURE_CONNECTION_SLOT': '[PKI_DS_SECURE_CONNECTION]', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_CONNECTOR_NAME_SLOT': '[PKI_EE_SECURE_CLIENT_AUTH_PORT_CONNECTOR_NAME]', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_SERVER_COMMENT_SLOT': '[PKI_EE_SECURE_CLIENT_AUTH_PORT_SERVER_COMMENT]', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_SLOT': '[PKI_EE_SECURE_CLIENT_AUTH_PORT]', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_UI_SLOT': '[PKI_EE_SECURE_CLIENT_AUTH_PORT_UI]', 'PKI_EE_SECURE_PORT_CONNECTOR_NAME_SLOT': '[PKI_EE_SECURE_PORT_CONNECTOR_NAME]', 'PKI_EE_SECURE_PORT_SERVER_COMMENT_SLOT': '[PKI_EE_SECURE_PORT_SERVER_COMMENT]', 'PKI_EE_SECURE_PORT_SLOT': '[PKI_EE_SECURE_PORT]', 'PKI_ENABLE_RANDOM_SERIAL_NUMBERS': '[PKI_ENABLE_RANDOM_SERIAL_NUMBERS]', 'PKI_GROUP_SLOT': '[PKI_GROUP]', 'PKI_HOSTNAME_SLOT': '[PKI_HOSTNAME]', 'PKI_INSTANCE_INITSCRIPT_SLOT': '[PKI_INSTANCE_INITSCRIPT]', 'PKI_INSTANCE_NAME_SLOT': '[PKI_INSTANCE_NAME]', 'PKI_INSTANCE_PATH_SLOT': '[PKI_INSTANCE_PATH]', 'PKI_INSTANCE_ROOT_SLOT': '[PKI_INSTANCE_ROOT]', 'PKI_LOCKDIR_SLOT': '[PKI_LOCKDIR]', 'PKI_OPEN_AJP_PORT_COMMENT_SLOT': '[PKI_OPEN_AJP_PORT_COMMENT]', 'PKI_OPEN_ENABLE_PROXY_COMMENT_SLOT': '[PKI_OPEN_ENABLE_PROXY_COMMENT]', 'PKI_OPEN_SEPARATE_PORTS_SERVER_COMMENT_SLOT': '[PKI_OPEN_SEPARATE_PORTS_SERVER_COMMENT]', 'PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT_SLOT': '[PKI_OPEN_SEPARATE_PORTS_WEB_COMMENT]', 'PKI_OPEN_STANDALONE_COMMENT_SLOT': '[PKI_OPEN_STANDALONE_COMMENT]', 'PKI_OPEN_TOMCAT_ACCESS_LOG_COMMENT_SLOT': '[PKI_OPEN_TOMCAT_ACCESS_LOG_COMMENT]', 'PKI_PIDDIR_SLOT': '[PKI_PIDDIR]', 'PKI_PROFILE_SUBSYSTEM_SLOT': '[PKI_PROFILE_SUBSYSTEM]', 'PKI_PROXY_SECURE_PORT_SLOT': '[PKI_PROXY_SECURE_PORT]', 'PKI_PROXY_UNSECURE_PORT_SLOT': '[PKI_PROXY_UNSECURE_PORT]', 'PKI_RANDOM_NUMBER_SLOT': '[PKI_RANDOM_NUMBER]', 'PKI_REGISTRY_FILE_SLOT': '[PKI_REGISTRY_FILE]', 'PKI_RESTEASY_LIB_SLOT': '[PKI_RESTEASY_LIB]', 'PKI_SECURE_PORT_CONNECTOR_NAME_SLOT': '[PKI_SECURE_PORT_CONNECTOR_NAME]', 'PKI_SECURE_PORT_SERVER_COMMENT_SLOT': '[PKI_SECURE_PORT_SERVER_COMMENT]', 'PKI_SECURE_PORT_SLOT': '[PKI_SECURE_PORT]', 'PKI_SECURITY_MANAGER_SLOT': '[PKI_SECURITY_MANAGER]', 'PKI_SERVER_XML_CONF_SLOT': '[PKI_SERVER_XML_CONF]', 'PKI_SSL_SERVER_NICKNAME_SLOT': '[PKI_SSL_SERVER_NICKNAME]', 'PKI_STANDALONE_SLOT': '[PKI_STANDALONE]', 'PKI_SUBSYSTEM_TYPE_SLOT': '[PKI_SUBSYSTEM_TYPE]', 'PKI_SYSTEMD_SERVICENAME_SLOT': '[PKI_SYSTEMD_SERVICENAME]', 'PKI_TMPDIR_SLOT': '[PKI_TMPDIR]', 'PKI_UNSECURE_PORT_CONNECTOR_NAME_SLOT': '[PKI_UNSECURE_PORT_CONNECTOR_NAME]', 'PKI_UNSECURE_PORT_SERVER_COMMENT_SLOT': '[PKI_UNSECURE_PORT_SERVER_COMMENT]', 'PKI_UNSECURE_PORT_SLOT': '[PKI_UNSECURE_PORT]', 'PKI_USER_SLOT': '[PKI_USER]', 'PKI_WEBAPPS_NAME_SLOT': '[PKI_WEBAPPS_NAME]', 'PKI_WEB_SERVER_TYPE_SLOT': '[PKI_WEB_SERVER_TYPE]', 'TOKENDB_HOST_SLOT': '[TOKENDB_HOST]', 'TOKENDB_PORT_SLOT': '{TOKENDB_PORT]', 'TOKENDB_ROOT_SLOT': '[TOKENDB_ROOT]', 'TOMCAT_CFG_SLOT': '[TOMCAT_CFG]', 'TOMCAT_INSTANCE_COMMON_LIB_SLOT': '[TOMCAT_INSTANCE_COMMON_LIB]', 'TOMCAT_LOG_DIR_SLOT': '[TOMCAT_LOG_DIR]', 'TOMCAT_PIDFILE_SLOT': '[TOMCAT_PIDFILE]', 'TOMCAT_SERVER_PORT_SLOT': '[TOMCAT_SERVER_PORT]', 'TOMCAT_SSL2_CIPHERS_SLOT': '[TOMCAT_SSL2_CIPHERS]', 'TOMCAT_SSL3_CIPHERS_SLOT': '[TOMCAT_SSL3_CIPHERS]', 'TOMCAT_SSL_OPTIONS_SLOT': '[TOMCAT_SSL_OPTIONS]', 'TOMCAT_SSL_RANGE_CIPHERS_SLOT': '[TOMCAT_SSL_RANGE_CIPHERS]', 'TOMCAT_SSL_VERSION_RANGE_DATAGRAM_SLOT': '[TOMCAT_SSL_VERSION_RANGE_DATAGRAM]', 'TOMCAT_SSL_VERSION_RANGE_STREAM_SLOT': '[TOMCAT_SSL_VERSION_RANGE_STREAM]', 'TOMCAT_TLS_CIPHERS_SLOT': '[TOMCAT_TLS_CIPHERS]', 'TPS_DIR_SLOT': '[TPS_DIR]', 'application_version': '[APPLICATION_VERSION]'} 2016-04-11 21:02:29 pkispawn : DEBUG ===================================================== DISPLAY CONTENTS OF PKI MASTER DICTIONARY ===================================================== 2016-04-11 21:02:29 pkispawn : DEBUG { 0: None, 'INSTALL_TIME_SLOT': 'Mon Apr 11 21:02:29 2016', 'NUXWDOG_JNI_PATH_SLOT': '/usr/lib64/nuxwdog-jni', 'PKI_ADMIN_SECURE_PORT_CONNECTOR_NAME_SLOT': 'Unused', 'PKI_ADMIN_SECURE_PORT_SERVER_COMMENT_SLOT': '', 'PKI_ADMIN_SECURE_PORT_SLOT': '8443', 'PKI_AGENT_CLIENTAUTH_SLOT': 'want', 'PKI_AGENT_SECURE_PORT_SLOT': '8443', 'PKI_AJP_PORT_SLOT': '8009', 'PKI_AJP_REDIRECT_PORT_SLOT': '8443', 'PKI_CA_HOSTNAME_SLOT': 'corp-ldap-03.cloud.forthnet.prv', 'PKI_CA_PORT_SLOT': '8443', 'PKI_CFG_PATH_NAME_SLOT': '/etc/pki/pki-tomcat/ca/CS.cfg', 'PKI_CLOSE_AJP_PORT_COMMENT_SLOT': '', 'PKI_CLOSE_ENABLE_PROXY_COMMENT_SLOT': '', 'PKI_CLOSE_SEPARATE_PORTS_SERVER_COMMENT_SLOT': '-->', 'PKI_CLOSE_SEPARATE_PORTS_WEB_COMMENT_SLOT': '-->', 'PKI_CLOSE_STANDALONE_COMMENT_SLOT': '-->', 'PKI_CLOSE_TOMCAT_ACCESS_LOG_COMMENT_SLOT': '', 'PKI_DS_SECURE_CONNECTION_SLOT': 'false', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_CONNECTOR_NAME_SLOT': 'Unused', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_SERVER_COMMENT_SLOT': '', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_SLOT': '8443', 'PKI_EE_SECURE_CLIENT_AUTH_PORT_UI_SLOT': '8443', 'PKI_EE_SECURE_PORT_CONNECTOR_NAME_SLOT': 'Unused', 'PKI_EE_SECURE_PORT_SERVER_COMMENT_SLOT': '', 'PKI_EE_SECURE_PORT_SLOT': '8443', 'PKI_ENABLE_RANDOM_SERIAL_NUMBERS': 'false', 'PKI_GROUP_SLOT': 'pkiuser', 'PKI_HOSTNAME_SLOT': 'corp-ldap-03.cloud.forthnet.prv', 'PKI_INSTANCE_INITSCRIPT_SLOT': '/var/lib/pki/pki-tomcat/pki-tomcat', 'PKI_INSTANCE_NAME_SLOT': 'pki-tomcat', 'PKI_INSTANCE_PATH_SLOT': '/var/lib/pki/pki-tomcat', 'PKI_INSTANCE_ROOT_SLOT': '/var/lib/pki', 'PKI_LOCKDIR_SLOT': '/var/lock/pki/tomcat', 'PKI_OPEN_AJP_PORT_COMMENT_SLOT': '', 'PKI_OPEN_ENABLE_PROXY_COMMENT_SLOT': '', 'PKI_OPEN_SEPARATE_PORTS_SERVER_COMMENT_SLOT': '', 'PKI_SECURE_PORT_SLOT': '8443', 'PKI_SECURITY_MANAGER_SLOT': 'true', 'PKI_SERVER_XML_CONF_SLOT': '/etc/pki/pki-tomcat/server.xml', 'PKI_SSL_SERVER_NICKNAME_SLOT': 'Server-Cert cert-pki-ca', 'PKI_STANDALONE_SLOT': 'false', 'PKI_SUBSYSTEM_TYPE_SLOT': 'ca', 'PKI_SYSTEMD_SERVICENAME_SLOT': 'pki-tomcatd@pki-tomcat.service', 'PKI_TMPDIR_SLOT': '/var/lib/pki/pki-tomcat/temp', 'PKI_UNSECURE_PORT_CONNECTOR_NAME_SLOT': 'Unsecure', 'PKI_UNSECURE_PORT_SERVER_COMMENT_SLOT': '', 'PKI_UNSECURE_PORT_SLOT': '8080', 'PKI_USER_SLOT': 'pkiuser', 'PKI_WEBAPPS_NAME_SLOT': 'webapps', 'PKI_WEB_SERVER_TYPE_SLOT': 'tomcat', 'TOKENDB_HOST_SLOT': 'corp-ldap-03.cloud.forthnet.prv', 'TOKENDB_PORT_SLOT': '389', 'TOKENDB_ROOT_SLOT': 'o=ipaca', 'TOMCAT_CFG_SLOT': '/etc/pki/pki-tomcat/tomcat.conf', 'TOMCAT_INSTANCE_COMMON_LIB_SLOT': '/var/lib/pki/pki-tomcat/common/lib/*.jar', 'TOMCAT_LOG_DIR_SLOT': '/var/log/pki/pki-tomcat', 'TOMCAT_PIDFILE_SLOT': '/var/run/pki/tomcat/pki-tomcat.pid', 'TOMCAT_SERVER_PORT_SLOT': '8005', 'TOMCAT_SSL2_CIPHERS_SLOT': '-SSL2_RC4_128_WITH_MD5,-SSL2_RC4_128_EXPORT40_WITH_MD5,-SSL2_RC2_128_CBC_WITH_MD5,-SSL2_RC2_128_CBC_EXPORT40_WITH_MD5,-SSL2_DES_64_CBC_WITH_MD5,-SSL2_DES_192_EDE3_CBC_WITH_MD5', 'TOMCAT_SSL3_CIPHERS_SLOT': '-SSL3_FORTEZZA_DMS_WITH_NULL_SHA,-SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA,+SSL3_RSA_WITH_RC4_128_SHA,-SSL3_RSA_EXPORT_WITH_RC4_40_MD5,+SSL3_RSA_WITH_3DES_EDE_CBC_SHA,-SSL3_RSA_WITH_DES_CBC_SHA,-SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5,-SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,-SSL_RSA_FIPS_WITH_DES_CBC_SHA,+SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,-SSL3_RSA_WITH_NULL_MD5,-TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA', 'TOMCAT_SSL_OPTIONS_SLOT': 'ssl2=false,ssl3=false,tls=true', 'TOMCAT_SSL_RANGE_CIPHERS_SLOT': '-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_AES_128_CBC_SHA256,-TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA', 'TOMCAT_SSL_VERSION_RANGE_DATAGRAM_SLOT': 'tls1_1:tls1_2', 'TOMCAT_SSL_VERSION_RANGE_STREAM_SLOT': 'tls1_0:tls1_2', 'TOMCAT_TLS_CIPHERS_SLOT': '-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,+TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,+TLS_DHE_DSS_WITH_AES_128_CBC_SHA,+TLS_DHE_DSS_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA', 'TPS_DIR_SLOT': '/usr/share/pki/ca', '__name__': 'PKI Master Dictionary', 'application_version': '10.3.0', 'destroy_scriplets': '\ninitialization\nconfiguration\nwebapp_deployment\nsubsystem_layout\nsecurity_databases\ninstance_layout\nselinux_setup\ninfrastructure_layout\nfinalization', 'home_dir': '/root', 'jni_jar_dir': u'/usr/lib/java', 'pki_admin_cert_file': '/root/.dogtag/pki-tomcat/ca_admin.cert', 'pki_admin_cert_request_type': 'pkcs10', 'pki_admin_dualkey': 'False', 'pki_admin_email': 'root@localhost', 'pki_admin_key_type': 'rsa', 'pki_admin_keysize': '2048', 'pki_admin_name': 'admin', 'pki_admin_nickname': 'ipa-ca-agent', 'pki_admin_password': 'XXXXXXXX', 'pki_admin_profile_id': 'caAdminCert', 'pki_admin_subject_dn': 'cn=ipa-ca-agent,O=CORP.LOCAL', 'pki_admin_uid': 'admin', 'pki_ajp_port': '8009', 'pki_apache_commons_collections_jar': '/usr/share/java/apache-commons-collections.jar', 'pki_apache_commons_collections_jar_link': '/var/lib/pki/pki-tomcat/common/lib/apache-commons-collections.jar', 'pki_apache_commons_io_jar': '/usr/share/java/apache-commons-io.jar', 'pki_apache_commons_io_jar_link': '/var/lib/pki/pki-tomcat/common/lib/apache-commons-io.jar', 'pki_apache_commons_lang_jar': '/usr/share/java/apache-commons-lang.jar', 'pki_apache_commons_lang_jar_link': '/var/lib/pki/pki-tomcat/common/lib/apache-commons-lang.jar', 'pki_apache_commons_logging_jar': '/usr/share/java/apache-commons-logging.jar', 'pki_apache_commons_logging_jar_link': '/var/lib/pki/pki-tomcat/common/lib/apache-commons-logging.jar', 'pki_architecture': 64, 'pki_audit_group': 'pkiaudit', 'pki_audit_signing_key_algorithm': 'SHA256withRSA', 'pki_audit_signing_key_size': '2048', 'pki_audit_signing_key_type': 'rsa', 'pki_audit_signing_nickname': 'auditSigningCert cert-pki-ca', 'pki_audit_signing_signing_algorithm': 'SHA256withRSA', 'pki_audit_signing_subject_dn': 'cn=CA Audit,O=CORP.LOCAL', 'pki_audit_signing_tag': 'audit_signing', 'pki_audit_signing_token': 'Internal Key Storage Token', 'pki_backup_keys': 'True', 'pki_backup_keys_p12': '/etc/pki/pki-tomcat/alias/ca_backup_keys.p12', 'pki_backup_password': 'XXXXXXXX', 'pki_ca_hostname': 'corp-ldap-03.cloud.forthnet.prv', 'pki_ca_jar': '/usr/share/java/pki/pki-ca.jar', 'pki_ca_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-ca.jar', 'pki_ca_port': '8443', 'pki_ca_signing_key_algorithm': 'SHA256withRSA', 'pki_ca_signing_key_size': '2048', 'pki_ca_signing_key_type': 'rsa', 'pki_ca_signing_nickname': 'caSigningCert cert-pki-ca', 'pki_ca_signing_signing_algorithm': 'SHA256withRSA', 'pki_ca_signing_subject_dn': 'cn=Certificate Authority,O=CORP.LOCAL', 'pki_ca_signing_tag': 'signing', 'pki_ca_signing_token': 'Internal Key Storage Token', 'pki_cert_database': '/etc/pki/pki-tomcat/alias/cert8.db', 'pki_certificate_timestamp': '2016-04-11 21:02:29', 'pki_certsrv_jar': '/usr/share/java/pki/pki-certsrv.jar', 'pki_certsrv_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-certsrv.jar', 'pki_cgroup_cpu_systemd_service': '/sys/fs/cgroup/cpu\\,cpuacct/system//lib/systemd/system/pki-tomcatd@.service//lib/systemd/system/pki-tomcatd@.service', 'pki_cgroup_cpu_systemd_service_path': '/sys/fs/cgroup/cpu\\,cpuacct/system//lib/systemd/system/pki-tomcatd@.service', 'pki_cgroup_systemd_service': '/sys/fs/cgroup/systemd/system//lib/systemd/system/pki-tomcatd@.service/pki-tomcat', 'pki_cgroup_systemd_service_path': '/sys/fs/cgroup/systemd/system//lib/systemd/system/pki-tomcatd@.service', 'pki_client_admin_cert': '/root/.dogtag/pki-tomcat/ca_admin.cert', 'pki_client_admin_cert_p12': '/root/ca-agent.p12', 'pki_client_cert_database': '/tmp/tmp-u5jBo3/cert8.db', 'pki_client_database_dir': '/tmp/tmp-u5jBo3', 'pki_client_database_password': 'XXXXXXXX', 'pki_client_database_purge': 'False', 'pki_client_dir': '/root/.dogtag/pki-tomcat', 'pki_client_key_database': '/tmp/tmp-u5jBo3/key3.db', 'pki_client_password_conf': '/root/.dogtag/pki-tomcat/ca/password.conf', 'pki_client_pin': 'XXXXXXXX', 'pki_client_pkcs12_password': 'XXXXXXXX', 'pki_client_pkcs12_password_conf': '/root/.dogtag/pki-tomcat/ca/pkcs12_password.conf', 'pki_client_secmod_database': '/tmp/tmp-u5jBo3/secmod.db', 'pki_client_subsystem_dir': '/root/.dogtag/pki-tomcat/ca', 'pki_clone': 'False', 'pki_clone_pkcs12_password': 'XXXXXXXX', 'pki_clone_pkcs12_path': '', 'pki_clone_reindex_data': 'False', 'pki_clone_replicate_schema': 'True', 'pki_clone_replication_clone_port': '', 'pki_clone_replication_master_port': '', 'pki_clone_replication_security': 'None', 'pki_clone_setup_replication': 'True', 'pki_clone_uri': 'https://corp-ldap-03.cloud.forthnet.prv:8443', 'pki_cms': '/usr/share/java/pki/pki-cms.jar', 'pki_cms_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-cms.jar', 'pki_cmsbundle': '/usr/share/java/pki/pki-cmsbundle.jar', 'pki_cmsbundle_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-cmsbundle.jar', 'pki_cmscore': '/usr/share/java/pki/pki-cmscore.jar', 'pki_cmscore_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-cmscore.jar', 'pki_cmsutil': '/usr/share/java/pki/pki-cmsutil.jar', 'pki_cmsutil_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-cmsutil.jar', 'pki_commons_codec_jar': '/usr/share/java/commons-codec.jar', 'pki_commons_codec_jar_link': '/var/lib/pki/pki-tomcat/common/lib/apache-commons-codec.jar', 'pki_configuration_path': '/etc/pki', 'pki_database_path': '/etc/pki/pki-tomcat/alias', 'pki_default_deployment_cfg': '/etc/pki/default.cfg', 'pki_default_deployment_cfg_replica': '/etc/sysconfig/pki/tomcat/pki-tomcat/ca/default.cfg', 'pki_deployed_instance_name': None, 'pki_deployment_executable': 'pkispawn', 'pki_dns_domainname': u'cloud.forthnet.prv', 'pki_ds_base_dn': 'o=ipaca', 'pki_ds_bind_dn': 'cn=Directory Manager', 'pki_ds_create_new_db': 'True', 'pki_ds_database': 'ipaca', 'pki_ds_hostname': 'corp-ldap-03.cloud.forthnet.prv', 'pki_ds_ldap_port': '389', 'pki_ds_ldaps_port': '636', 'pki_ds_password': 'XXXXXXXX', 'pki_ds_remove_data': 'True', 'pki_ds_secure_connection': 'False', 'pki_ds_secure_connection_ca_nickname': 'Directory Server CA certificate', 'pki_ds_secure_connection_ca_pem_file': '', 'pki_enable_access_log': 'True', 'pki_enable_java_debugger': 'False', 'pki_enable_on_system_boot': 'True', 'pki_enable_proxy': 'True', 'pki_external': 'True', 'pki_external_ca_cert_chain_nickname': 'caSigningCert External CA', 'pki_external_ca_cert_chain_path': '/tmp/tmpWotwYI', 'pki_external_ca_cert_path': '/tmp/tmpKu79tQ', 'pki_external_csr_path': '', 'pki_external_pkcs12_password': 'XXXXXXXX', 'pki_external_pkcs12_path': '', 'pki_external_step_two': 'True', 'pki_group': 'pkiuser', 'pki_hostname': 'corp-ldap-03.cloud.forthnet.prv', 'pki_hsm_enable': 'False', 'pki_hsm_libfile': '', 'pki_hsm_modulename': '', 'pki_http_port': '8080', 'pki_httpclient_jar': '/usr/share/java/httpcomponents/httpclient.jar', 'pki_httpclient_jar_link': '/var/lib/pki/pki-tomcat/common/lib/httpclient.jar', 'pki_httpcore_jar': '/usr/share/java/httpcomponents/httpcore.jar', 'pki_httpcore_jar_link': '/var/lib/pki/pki-tomcat/common/lib/httpcore.jar', 'pki_https_port': '8443', 'pki_import_admin_cert': 'False', 'pki_install_time': 'Mon Apr 11 21:02:29 2016', 'pki_instance_conf_link': '/var/lib/pki/pki-tomcat/conf', 'pki_instance_conf_log4j_properties': '/etc/pki/pki-tomcat/log4j.properties', 'pki_instance_configuration_path': '/etc/pki/pki-tomcat', 'pki_instance_database_link': '/var/lib/pki/pki-tomcat/alias', 'pki_instance_lib': '/var/lib/pki/pki-tomcat/lib', 'pki_instance_lib_log4j_properties': '/var/lib/pki/pki-tomcat/lib/log4j.properties', 'pki_instance_log_path': '/var/log/pki/pki-tomcat', 'pki_instance_logs_link': '/var/lib/pki/pki-tomcat/logs', 'pki_instance_name': 'pki-tomcat', 'pki_instance_path': '/var/lib/pki/pki-tomcat', 'pki_instance_registry_path': '/etc/sysconfig/pki/tomcat/pki-tomcat', 'pki_instance_systemd_link': '/var/lib/pki/pki-tomcat/pki-tomcat', 'pki_instance_type': 'Tomcat', 'pki_instance_type_registry_path': '/etc/sysconfig/pki/tomcat', 'pki_issuing_ca': 'External CA', 'pki_issuing_ca_hostname': 'corp-ldap-03.cloud.forthnet.prv', 'pki_issuing_ca_https_port': '8443', 'pki_issuing_ca_uri': 'https://corp-ldap-03.cloud.forthnet.prv:8443', 'pki_jackson_core_asl_jar': '/usr/share/java/jackson/jackson-core-asl.jar', 'pki_jackson_jaxrs_jar': '/usr/share/java/jackson/jackson-jaxrs.jar', 'pki_jackson_mapper_asl_jar': '/usr/share/java/jackson/jackson-mapper-asl.jar', 'pki_jackson_mrbean_jar': '/usr/share/java/jackson/jackson-mrbean.jar', 'pki_jackson_smile_jar': '/usr/share/java/jackson/jackson-smile.jar', 'pki_jackson_xc_jar': '/usr/share/java/jackson/jackson-xc.jar', 'pki_javassist_jar': '/usr/share/java/javassist.jar', 'pki_javassist_jar_link': '/var/lib/pki/pki-tomcat/common/lib/javassist.jar', 'pki_jss_jar': u'/usr/lib/java/jss4.jar', 'pki_jss_jar_link': '/var/lib/pki/pki-tomcat/common/lib/jss4.jar', 'pki_key_database': '/etc/pki/pki-tomcat/alias/key3.db', 'pki_kra_jar': '/usr/share/java/pki/pki-kra.jar', 'pki_kra_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-kra.jar', 'pki_ldapjdk_jar': '/usr/share/java/ldapjdk.jar', 'pki_ldapjdk_jar_link': '/var/lib/pki/pki-tomcat/common/lib/ldapjdk.jar', 'pki_log_path': '/var/log/pki', 'pki_manifest': '/etc/sysconfig/pki/tomcat/pki-tomcat/ca/manifest', 'pki_manifest_spawn_archive': '/var/log/pki/pki-tomcat/ca/archive/spawn_manifest.20160411210229', 'pki_master_hostname': 'corp-ldap-03.cloud.forthnet.prv', 'pki_master_https_port': '8443', 'pki_nsutil': '/usr/share/java/pki/pki-nsutil.jar', 'pki_nsutil_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-nsutil.jar', 'pki_nuxwdog_client_jar': '/usr/lib/java/nuxwdog.jar', 'pki_ocsp_jar': '/usr/share/java/pki/pki-ocsp.jar', 'pki_ocsp_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-ocsp.jar', 'pki_ocsp_signing_key_algorithm': 'SHA256withRSA', 'pki_ocsp_signing_key_size': '2048', 'pki_ocsp_signing_key_type': 'rsa', 'pki_ocsp_signing_nickname': 'ocspSigningCert cert-pki-ca', 'pki_ocsp_signing_signing_algorithm': 'SHA256withRSA', 'pki_ocsp_signing_subject_dn': 'cn=OCSP Subsystem,O=CORP.LOCAL', 'pki_ocsp_signing_tag': 'ocsp_signing', 'pki_ocsp_signing_token': 'Internal Key Storage Token', 'pki_one_time_pin': 'XXXXXXXX', 'pki_path': '/var/lib/pki', 'pki_pin': 'XXXXXXXX', 'pki_profiles_in_ldap': 'True', 'pki_proxy_http_port': '80', 'pki_proxy_https_port': '443', 'pki_random_serial_numbers_enable': 'False', 'pki_registry_initscript_command': 'systemctl restart pki-tomcatd@pki-tomcat.service', 'pki_registry_path': '/etc/sysconfig/pki', 'pki_replication_password': 'XXXXXXXX', 'pki_req_ext_add': 'False', 'pki_req_ext_critical': 'False', 'pki_req_ext_data': '1E0A00530075006200430041', 'pki_req_ext_oid': '1.3.6.1.4.1.311.20.2', 'pki_restart_configured_instance': 'False', 'pki_resteasy_atom_provider_jar': u'/usr/share/java/resteasy-base/resteasy-atom-provider.jar', 'pki_resteasy_client_jar': u'/usr/share/java/resteasy-base/resteasy-client.jar', 'pki_resteasy_jackson_provider_jar': u'/usr/share/java/resteasy-base/resteasy-jackson-provider.jar', 'pki_resteasy_jaxb_provider_jar': u'/usr/share/java/resteasy-base/resteasy-jaxb-provider.jar', 'pki_resteasy_jaxrs_api_jar': u'/usr/share/java/resteasy-base/jaxrs-api.jar', 'pki_resteasy_jaxrs_jar': u'/usr/share/java/resteasy-base/resteasy-jaxrs.jar', 'pki_root_prefix': '', 'pki_san_for_server_cert': '', 'pki_san_inject': 'False', 'pki_scannotation_jar': '/usr/share/java/scannotation.jar', 'pki_scannotation_jar_link': '/var/lib/pki/pki-tomcat/common/lib/scannotation.jar', 'pki_secmod_database': '/etc/pki/pki-tomcat/alias/secmod.db', 'pki_security_domain_hostname': 'corp-ldap-03.cloud.forthnet.prv', 'pki_security_domain_https_port': '8443', 'pki_security_domain_name': 'IPA', 'pki_security_domain_password': 'XXXXXXXX', 'pki_security_domain_type': 'new', 'pki_security_domain_user': 'caadmin', 'pki_security_manager': 'true', 'pki_self_signed_issuer_name': 'cn=corp-ldap-03.cloud.forthnet.prv,o=2016-04-11 21:02:29', 'pki_self_signed_nickname': 'Server-Cert cert-pki-ca', 'pki_self_signed_noise_bytes': 1024, 'pki_self_signed_noise_file': '/etc/pki/pki-tomcat/ca/noise', 'pki_self_signed_serial_number': 0, 'pki_self_signed_subject': 'cn=corp-ldap-03.cloud.forthnet.prv,o=2016-04-11 21:02:29', 'pki_self_signed_token': 'internal', 'pki_self_signed_trustargs': 'CTu,CTu,CTu', 'pki_self_signed_validity_period': 12, 'pki_server_external_certs_path': '', 'pki_server_pkcs12_password': 'XXXXXXXX', 'pki_server_pkcs12_path': '', 'pki_share_db': 'False', 'pki_shared_password_conf': '/etc/pki/pki-tomcat/password.conf', 'pki_shared_pfile': '/etc/pki/pki-tomcat/pfile', 'pki_skip_configuration': 'False', 'pki_skip_ds_verify': 'False', 'pki_skip_installation': 'False', 'pki_skip_sd_verify': 'False', 'pki_source_admincert_profile': '/usr/share/pki/ca/conf/adminCert.profile', 'pki_source_caauditsigningcert_profile': '/usr/share/pki/ca/conf/caAuditSigningCert.profile', 'pki_source_cacert_profile': '/usr/share/pki/ca/conf/caCert.profile', 'pki_source_caocspcert_profile': '/usr/share/pki/ca/conf/caOCSPCert.profile', 'pki_source_catalina_properties': '/usr/share/pki/server/conf/catalina.properties', 'pki_source_conf_path': '/usr/share/pki/ca/conf', 'pki_source_context_xml': '/usr/share/pki/server/conf/context.xml', 'pki_source_cs_cfg': '/usr/share/pki/ca/conf/CS.cfg', 'pki_source_emails': '/usr/share/pki/ca/emails', 'pki_source_flatfile_txt': '/usr/share/pki/ca/conf/flatfile.txt', 'pki_source_profiles': '/usr/share/pki/ca/profiles', 'pki_source_proxy_conf': '/usr/share/pki/ca/conf/proxy.conf', 'pki_source_registry': '/usr/share/pki/setup/pkidaemon_registry', 'pki_source_registry_cfg': '/usr/share/pki/ca/conf/registry.cfg', 'pki_source_server_path': '/usr/share/pki/server/conf', 'pki_source_server_xml': '/usr/share/pki/server/conf/server.xml', 'pki_source_servercert_profile': '/usr/share/pki/ca/conf/serverCert.profile', 'pki_source_servercertnick_conf': '/usr/share/pki/server/conf/serverCertNick.conf', 'pki_source_setup_path': '/usr/share/pki/setup', 'pki_source_subsystem_path': '/usr/share/pki/ca', 'pki_source_subsystemcert_profile': '/usr/share/pki/ca/conf/subsystemCert.profile', 'pki_source_tomcat_conf': '/usr/share/pki/server/conf/tomcat.conf', 'pki_spawn_log': '/var/log/pki/pki-ca-spawn.20160411210229.log', 'pki_ssl_server_key_algorithm': 'SHA256withRSA', 'pki_ssl_server_key_size': '2048', 'pki_ssl_server_key_type': 'rsa', 'pki_ssl_server_nickname': 'Server-Cert cert-pki-ca', 'pki_ssl_server_subject_dn': 'cn=corp-ldap-03.cloud.forthnet.prv,O=CORP.LOCAL', 'pki_ssl_server_tag': 'sslserver', 'pki_ssl_server_token': 'Internal Key Storage Token', 'pki_standalone': 'false', 'pki_storage_tag': 'storage', 'pki_subordinate': 'False', 'pki_subordinate_create_new_security_domain': 'False', 'pki_subordinate_security_domain_name': u'cloud.forthnet.prv Subordinate Security Domain', 'pki_subsystem': 'CA', 'pki_subsystem_archive_log_path': '/var/log/pki/pki-tomcat/ca/archive', 'pki_subsystem_conf_link': '/var/lib/pki/pki-tomcat/ca/conf', 'pki_subsystem_configuration_password_conf_link': '/etc/pki/pki-tomcat/ca/password.conf', 'pki_subsystem_configuration_path': '/etc/pki/pki-tomcat/ca', 'pki_subsystem_database_link': '/var/lib/pki/pki-tomcat/ca/alias', 'pki_subsystem_emails_path': '/var/lib/pki/pki-tomcat/ca/emails', 'pki_subsystem_key_algorithm': 'SHA256withRSA', 'pki_subsystem_key_size': '2048', 'pki_subsystem_key_type': 'rsa', 'pki_subsystem_log_path': '/var/log/pki/pki-tomcat/ca', 'pki_subsystem_logs_link': '/var/lib/pki/pki-tomcat/ca/logs', 'pki_subsystem_name': 'CA corp-ldap-03.cloud.forthnet.prv 8443', 'pki_subsystem_nickname': 'subsystemCert cert-pki-ca', 'pki_subsystem_path': '/var/lib/pki/pki-tomcat/ca', 'pki_subsystem_profiles_path': '/var/lib/pki/pki-tomcat/ca/profiles', 'pki_subsystem_registry_link': '/var/lib/pki/pki-tomcat/ca/registry', 'pki_subsystem_registry_path': '/etc/sysconfig/pki/tomcat/pki-tomcat/ca', 'pki_subsystem_signed_audit_log_path': '/var/log/pki/pki-tomcat/ca/signedAudit', 'pki_subsystem_subject_dn': 'cn=CA Subsystem,O=CORP.LOCAL', 'pki_subsystem_tag': 'subsystem', 'pki_subsystem_token': 'Internal Key Storage Token', 'pki_subsystem_type': 'ca', 'pki_symkey_jar': u'/usr/lib/java/symkey.jar', 'pki_symkey_jar_link': '/var/lib/pki/pki-tomcat/common/lib/symkey.jar', 'pki_systemd_service': '/lib/systemd/system/pki-tomcatd@.service', 'pki_systemd_service_link': '/etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service', 'pki_systemd_target': '/lib/systemd/system/pki-tomcatd.target', 'pki_systemd_target_wants': '/etc/systemd/system/pki-tomcatd.target.wants', 'pki_target_admincert_profile': '/etc/pki/pki-tomcat/ca/adminCert.profile', 'pki_target_caauditsigningcert_profile': '/etc/pki/pki-tomcat/ca/caAuditSigningCert.profile', 'pki_target_cacert_profile': '/etc/pki/pki-tomcat/ca/caCert.profile', 'pki_target_caocspcert_profile': '/etc/pki/pki-tomcat/ca/caOCSPCert.profile', 'pki_target_catalina_properties': '/etc/pki/pki-tomcat/catalina.properties', 'pki_target_context_xml': '/etc/pki/pki-tomcat/context.xml', 'pki_target_cs_cfg': '/etc/pki/pki-tomcat/ca/CS.cfg', 'pki_target_flatfile_txt': '/etc/pki/pki-tomcat/ca/flatfile.txt', 'pki_target_proxy_conf': '/etc/pki/pki-tomcat/ca/proxy.conf', 'pki_target_registry': '/etc/sysconfig/pki/tomcat/pki-tomcat/pki-tomcat', 'pki_target_registry_cfg': '/etc/pki/pki-tomcat/ca/registry.cfg', 'pki_target_server_xml': '/etc/pki/pki-tomcat/server.xml', 'pki_target_servercert_profile': '/etc/pki/pki-tomcat/ca/serverCert.profile', 'pki_target_servercertnick_conf': '/etc/pki/pki-tomcat/serverCertNick.conf', 'pki_target_subsystem_web_xml': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/web.xml', 'pki_target_subsystem_web_xml_orig': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/web.xml.orig', 'pki_target_subsystemcert_profile': '/etc/pki/pki-tomcat/ca/subsystemCert.profile', 'pki_target_tomcat_conf': '/etc/pki/pki-tomcat/tomcat.conf', 'pki_target_tomcat_conf_instance_id': '/etc/sysconfig/pki-tomcat', 'pki_theme_enable': 'True', 'pki_theme_server_dir': '/usr/share/pki/common-ui', 'pki_timestamp': '20160411210229', 'pki_tks_jar': '/usr/share/java/pki/pki-tks.jar', 'pki_tks_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-tks.jar', 'pki_token_name': 'internal', 'pki_token_password': 'XXXXXXXX', 'pki_tomcat_bin_link': '/var/lib/pki/pki-tomcat/bin', 'pki_tomcat_bin_path': '/usr/share/tomcat/bin', 'pki_tomcat_common_lib_path': '/var/lib/pki/pki-tomcat/common/lib', 'pki_tomcat_common_path': '/var/lib/pki/pki-tomcat/common', 'pki_tomcat_common_webapps_path': '/var/lib/pki/pki-tomcat/common/webapps', 'pki_tomcat_jar': '/usr/share/java/pki/pki-tomcat.jar', 'pki_tomcat_jar_link': '/var/lib/pki/pki-tomcat/common/lib/pki-tomcat.jar', 'pki_tomcat_lib_path': '/usr/share/tomcat/lib', 'pki_tomcat_server_port': '8005', 'pki_tomcat_subsystem_webapps_path': '/var/lib/pki/pki-tomcat/ca/webapps', 'pki_tomcat_systemd': '/usr/sbin/tomcat', 'pki_tomcat_tmpdir_path': '/var/lib/pki/pki-tomcat/temp', 'pki_tomcat_webapps_path': '/var/lib/pki/pki-tomcat/webapps', 'pki_tomcat_webapps_subsystem_path': '/var/lib/pki/pki-tomcat/ca/webapps/ca', 'pki_tomcat_webapps_subsystem_webinf_classes_path': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/classes', 'pki_tomcat_webapps_subsystem_webinf_lib_path': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib', 'pki_tomcat_work_catalina_host_path': '/var/lib/pki/pki-tomcat/work/Catalina/localhost', 'pki_tomcat_work_catalina_host_run_path': '/var/lib/pki/pki-tomcat/work/Catalina/localhost/_', 'pki_tomcat_work_catalina_host_subsystem_path': '/var/lib/pki/pki-tomcat/work/Catalina/localhost/ca', 'pki_tomcat_work_catalina_path': '/var/lib/pki/pki-tomcat/work/Catalina', 'pki_tomcat_work_path': '/var/lib/pki/pki-tomcat/work', 'pki_tomcatjss_jar': '/usr/share/java/tomcatjss.jar', 'pki_tomcatjss_jar_link': '/var/lib/pki/pki-tomcat/common/lib/tomcatjss.jar', 'pki_tps_jar': '/usr/share/java/pki/pki-tps.jar', 'pki_tps_jar_link': '/var/lib/pki/pki-tomcat/ca/webapps/ca/WEB-INF/lib/pki-tps.jar', 'pki_transport_tag': 'transport', 'pki_user': 'pkiuser', 'pki_user_deployment_cfg': '/tmp/tmpHTsmCq', 'pki_user_deployment_cfg_replica': '/etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg', 'pki_user_deployment_cfg_spawn_archive': '/var/log/pki/pki-tomcat/ca/archive/spawn_deployment.cfg.20160411210229', 'pki_velocity_jar': '/usr/share/java/velocity.jar', 'pki_velocity_jar_link': '/var/lib/pki/pki-tomcat/common/lib/velocity.jar', 'pki_xerces_j2_jar': '/usr/share/java/xerces-j2.jar', 'pki_xerces_j2_jar_link': '/var/lib/pki/pki-tomcat/common/lib/xerces-j2.jar', 'pki_xml_commons_apis_jar': '/usr/share/java/xml-commons-apis.jar', 'pki_xml_commons_apis_jar_link': '/var/lib/pki/pki-tomcat/common/lib/xml-commons-apis.jar', 'pki_xml_commons_resolver_jar': '/usr/share/java/xml-commons-resolver.jar', 'pki_xml_commons_resolver_jar_link': '/var/lib/pki/pki-tomcat/common/lib/xml-commons-resolver.jar', 'resteasy_lib': u'/usr/share/java/resteasy-base', 'sensitive_parameters': '\npki_admin_password\npki_backup_password\npki_client_database_password\npki_client_pin\npki_client_pkcs12_password\npki_clone_pkcs12_password\npki_ds_password\npki_external_pkcs12_password\npki_one_time_pin\npki_pin\npki_replication_password\npki_security_domain_password\npki_server_pkcs12_password\npki_token_password', 'spawn_scriplets': '\ninitialization\ninfrastructure_layout\ninstance_layout\nsubsystem_layout\nselinux_setup\nwebapp_deployment\nslot_substitution\nsecurity_databases\nconfiguration\nfinalization'} 2016-04-11 21:02:29 pkispawn : INFO BEGIN spawning subsystem 'CA' of instance 'pki-tomcat' . . . 2016-04-11 21:02:29 pkispawn : INFO ....... adding GID 'pkiuser' for group '17' . . . 2016-04-11 21:02:29 pkispawn : INFO ....... adding UID 'pkiuser' for user '17' . . . 2016-04-11 21:02:29 pkispawn : DEBUG ....... retrieving UID for 'pkiuser' . . . 2016-04-11 21:02:29 pkispawn : DEBUG ........... UID of 'pkiuser' is 17 2016-04-11 21:02:29 pkispawn : DEBUG ....... retrieving GID for 'pkiuser' . . . 2016-04-11 21:02:29 pkispawn : DEBUG ........... GID of 'pkiuser' is 17 2016-04-11 21:02:29 pkispawn : INFO ... initializing 'pki.server.deployment.scriptlets.initialization' 2016-04-11 21:02:29 pkispawn : INFO ... skip populating 'pki.server.deployment.scriptlets.infrastructure_layout' 2016-04-11 21:02:29 pkispawn : INFO ... skip populating 'pki.server.deployment.scriptlets.instance_layout' 2016-04-11 21:02:29 pkispawn : INFO ... skip populating 'pki.server.deployment.scriptlets.subsystem_layout' 2016-04-11 21:02:29 pkispawn : INFO ... skip populating 'pki.server.deployment.scriptlets.selinux_setup' 2016-04-11 21:02:29 pkispawn : INFO ... skip deploying 'pki.server.deployment.scriptlets.webapp_deployment' 2016-04-11 21:02:29 pkispawn : INFO ... skip assigning slots for 'pki.server.deployment.scriptlets.slot_substitution' 2016-04-11 21:02:29 pkispawn : INFO ... skip generating 'pki.server.deployment.scriptlets.security_databases' 2016-04-11 21:02:29 pkispawn : INFO ... configuring 'pki.server.deployment.scriptlets.configuration' 2016-04-11 21:02:29 pkispawn : INFO ....... modifying '/root/.dogtag/pki-tomcat/ca/password.conf' 2016-04-11 21:02:29 pkispawn : DEBUG ........... chmod 660 /root/.dogtag/pki-tomcat/ca/password.conf 2016-04-11 21:02:29 pkispawn : DEBUG ........... chown 0:0 /root/.dogtag/pki-tomcat/ca/password.conf 2016-04-11 21:02:29 pkispawn : INFO ....... modifying '/root/.dogtag/pki-tomcat/ca/pkcs12_password.conf' 2016-04-11 21:02:29 pkispawn : DEBUG ........... chmod 660 /root/.dogtag/pki-tomcat/ca/pkcs12_password.conf 2016-04-11 21:02:29 pkispawn : DEBUG ........... chown 17:17 /root/.dogtag/pki-tomcat/ca/pkcs12_password.conf 2016-04-11 21:02:29 pkispawn : INFO ....... executing 'certutil -N -d /tmp/tmp-u5jBo3 -f /root/.dogtag/pki-tomcat/ca/password.conf' 2016-04-11 21:02:29 pkispawn : INFO ....... importing signing certificate caSigningCert cert-pki-ca 2016-04-11 21:02:29 pkispawn : INFO ....... importing certificate chain caSigningCert External CA 2016-04-11 21:02:29 pkispawn : INFO ....... executing 'systemctl daemon-reload' 2016-04-11 21:02:29 pkispawn : INFO ....... executing 'systemctl start pki-tomcatd@pki-tomcat.service' 2016-04-11 21:02:29 pkispawn : DEBUG ........... 0CArunning10.3.0.a2-1.el7.centos 2016-04-11 21:02:30 pkispawn : INFO ....... constructing PKI configuration data. 2016-04-11 21:02:30 pkispawn : INFO ....... executing 'certutil -R -d /tmp/tmp-u5jBo3 -s cn=ipa-ca-agent,O=CORP.LOCAL -k rsa -g 2048 -z /tmp/tmp-u5jBo3/noise -f /root/.dogtag/pki-tomcat/ca/password.conf -o /tmp/tmp-u5jBo3/admin_pkcs10.bin' 2016-04-11 21:02:31 pkispawn : INFO ....... rm -f /tmp/tmp-u5jBo3/noise 2016-04-11 21:02:31 pkispawn : INFO ....... BtoA /tmp/tmp-u5jBo3/admin_pkcs10.bin /tmp/tmp-u5jBo3/admin_pkcs10.bin.asc 2016-04-11 21:02:31 pkispawn : INFO ....... loading external CA signing certificate from file: '/tmp/tmpKu79tQ' 2016-04-11 21:02:31 pkispawn : INFO ....... loading external CA signing certificate chain from file: '/tmp/tmpWotwYI' 2016-04-11 21:02:31 pkispawn : INFO ....... configuring PKI configuration data. 2016-04-11 21:03:51 pkispawn : ERROR ....... Exception from Java Configuration Servlet: 500 Server Error: Internal Server Error 2016-04-11 21:03:51 pkispawn : ERROR ....... ParseError: not well-formed (invalid token): line 1, column 0: {"Attributes":{"Attribute":[]},"ClassName":"com.netscape.certsrv.base.PKIException","Code":500,"Message":"Error in creating pkcs12 to backup keys and certs: java.security.cert.CertificateParsingException: java.io.IOException: IssuerAlternativeNameExtension"} 2016-04-11 21:03:51 pkispawn : DEBUG ....... Error Type: ParseError 2016-04-11 21:03:51 pkispawn : DEBUG ....... Error Message: not well-formed (invalid token): line 1, column 0 2016-04-11 21:03:51 pkispawn : DEBUG ....... File "/usr/sbin/pkispawn", line 524, in main rv = scriptlet.spawn(deployer) File "/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/configuration.py", line 268, in spawn json.dumps(data, cls=pki.encoder.CustomTypeEncoder)) File "/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py", line 3914, in configure_pki_data root = ET.fromstring(text) File "/usr/lib64/python2.7/xml/etree/ElementTree.py", line 1300, in XML parser.feed(text) File "/usr/lib64/python2.7/xml/etree/ElementTree.py", line 1642, in feed self._raiseerror(v) File "/usr/lib64/python2.7/xml/etree/ElementTree.py", line 1506, in _raiseerror raise err