Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Expired Cert: ocsp_signing
- Expired Cert: subsystem
- Expired Cert: audit_signing
- Internal server error 503 Server Error: Service Unavailable for url: http://london.idm.domain.uk:80/ca/rest/securityDomain/domainInfo
- Internal server error HTTPSConnectionPool(host='london.idm.domain.uk', port=8443): Max retries exceeded with url: /ca/admin/ca/getStatus (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fc4e6c58198>: Failed to establish a new connection: [Errno 111] Connection refused',))
- CN=Public Services CA,OU=IT Department,O=Compass Plus Ltd,L=Magnitogorsk,ST=Chelyabinsk,C=RU not found, assuming 3rd party
- [
- {
- "source": "ipahealthcheck.meta.services",
- "check": "pki_tomcatd",
- "result": "ERROR",
- "uuid": "94dee3bf-4930-49f1-9486-24e58549f9cc",
- "when": "20220311130832Z",
- "duration": "0.000695",
- "kw": {
- "status": false,
- "msg": "pki_tomcatd: not running"
- }
- },
- {
- "source": "pki.server.healthcheck.certs.expiration",
- "check": "CASystemCertExpiryCheck",
- "result": "ERROR",
- "uuid": "36c8fbed-571d-4d38-9919-53322fea4aa2",
- "when": "20220311130832Z",
- "duration": "0.188329",
- "kw": {
- "cert_id": "ocsp_signing",
- "expiry_date": "Mar 01 2022",
- "msg": "Certificate has ALREADY EXPIRED"
- }
- },
- {
- "source": "pki.server.healthcheck.certs.expiration",
- "check": "CASystemCertExpiryCheck",
- "result": "ERROR",
- "uuid": "195970e4-e2fd-4eca-aeac-f1e97e9c3b13",
- "when": "20220311130832Z",
- "duration": "0.360146",
- "kw": {
- "cert_id": "subsystem",
- "expiry_date": "Mar 01 2022",
- "msg": "Certificate has ALREADY EXPIRED"
- }
- },
- {
- "source": "pki.server.healthcheck.certs.expiration",
- "check": "CASystemCertExpiryCheck",
- "result": "ERROR",
- "uuid": "a84a9bc5-de4d-4cdc-b7fd-41b83f3a11af",
- "when": "20220311130833Z",
- "duration": "0.454225",
- "kw": {
- "cert_id": "audit_signing",
- "expiry_date": "Mar 01 2022",
- "msg": "Certificate has ALREADY EXPIRED"
- }
- },
- {
- "source": "pki.server.healthcheck.meta.connectivity",
- "check": "DogtagCACertsConnectivityCheck",
- "result": "CRITICAL",
- "uuid": "35a76cd5-0600-4dad-9044-96f68a5b7f39",
- "when": "20220311130833Z",
- "duration": "0.012377",
- "kw": {
- "msg": "Internal server error. Is your CA subsystem and LDAP database up?",
- "instance_name": "pki-tomcat",
- "exception": "HTTPSConnectionPool(host='london.idm.domain.uk', port=8443): Max retries exceeded with url: /ca/admin/ca/getStatus (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fc4e6c58198>: Failed to establish a new connection: [Errno 111] Connection refused',))"
- }
- },
- {
- "source": "ipahealthcheck.dogtag.ca",
- "check": "DogtagCertsConnectivityCheck",
- "result": "ERROR",
- "uuid": "de4e6b9f-0d4c-46f4-9e66-f2d4288b8b9b",
- "when": "20220311130834Z",
- "duration": "0.163632",
- "kw": {
- "msg": "Request for certificate failed, cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/1': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertmongerExpirationCheck",
- "result": "ERROR",
- "uuid": "f5ea9a10-44db-4e55-8ada-347c5ec68fa4",
- "when": "20220311130835Z",
- "duration": "0.010969",
- "kw": {
- "key": "20200505141836",
- "msg": "certmonger request id {key} does not have a not-valid-after date, assuming it has not been issued yet."
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertmongerExpirationCheck",
- "result": "ERROR",
- "uuid": "65d12d21-be1a-446f-a6f8-0c94806353da",
- "when": "20220311130835Z",
- "duration": "0.014854",
- "kw": {
- "key": "20200505141838",
- "msg": "certmonger request id {key} does not have a not-valid-after date, assuming it has not been issued yet."
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertmongerExpirationCheck",
- "result": "ERROR",
- "uuid": "f2405649-2ead-48e9-a3c4-c6c355e03db3",
- "when": "20220311130835Z",
- "duration": "0.018772",
- "kw": {
- "key": "20200505141840",
- "msg": "certmonger request id {key} does not have a not-valid-after date, assuming it has not been issued yet."
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertmongerExpirationCheck",
- "result": "ERROR",
- "uuid": "c285044c-5b87-489b-9aa4-7d7b6b69e34a",
- "when": "20220311130835Z",
- "duration": "0.022615",
- "kw": {
- "key": "20200505141841",
- "msg": "certmonger request id {key} does not have a not-valid-after date, assuming it has not been issued yet."
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertfileExpirationCheck",
- "result": "ERROR",
- "uuid": "8c7989ef-1b44-41ff-9fa1-ddc28e70fd96",
- "when": "20220311130835Z",
- "duration": "0.062739",
- "kw": {
- "key": "20200505141836",
- "expiration_date": "20220301002943Z",
- "msg": "Request id {key} expired on {expiration_date}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertfileExpirationCheck",
- "result": "ERROR",
- "uuid": "af2f4d79-c0c7-4fe8-abcf-f3c562692d76",
- "when": "20220311130835Z",
- "duration": "0.112692",
- "kw": {
- "key": "20200505141838",
- "expiration_date": "20220301002943Z",
- "msg": "Request id {key} expired on {expiration_date}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertfileExpirationCheck",
- "result": "ERROR",
- "uuid": "c175deba-f64a-4aef-9e67-a031b4972a1f",
- "when": "20220311130835Z",
- "duration": "0.163695",
- "kw": {
- "key": "20200505141840",
- "expiration_date": "20220301002943Z",
- "msg": "Request id {key} expired on {expiration_date}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPAOpenSSLChainValidation",
- "result": "ERROR",
- "uuid": "215b3007-786d-4c67-8ef0-e596fd6b5efe",
- "when": "20220311130837Z",
- "duration": "0.011657",
- "kw": {
- "key": "/var/lib/ipa/certs/httpd.crt",
- "reason": "C = RU, ST = Chelyabinsk, L = Magnitogorsk, O = Compass Plus Ltd, OU = IT Department, CN = london.idm.domain.uk\nerror 10 at 0 depth lookup: certificate has expired\n",
- "msg": "Certificate validation for {key} failed: {reason}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "1def9514-7098-49ba-b230-9e683ad7db70",
- "when": "20220311130838Z",
- "duration": "0.401545",
- "kw": {
- "key": "20200505141843",
- "serial": 16,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/16': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "7780a7ff-523a-482e-8cdc-dffdf0b65fd1",
- "when": "20220311130838Z",
- "duration": "0.484815",
- "kw": {
- "key": "20200505141836",
- "serial": 5,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/5': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "320fdbf8-cdca-41bf-823a-7279c45546c2",
- "when": "20220311130838Z",
- "duration": "0.567894",
- "kw": {
- "key": "20200505141838",
- "serial": 2,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/2': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "f3a78df9-7cfd-4b6c-b58c-122f024561ea",
- "when": "20220311130838Z",
- "duration": "0.651398",
- "kw": {
- "key": "20200505141840",
- "serial": 4,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/4': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "dc959415-311b-4055-ac29-5257418509f1",
- "when": "20220311130838Z",
- "duration": "0.734597",
- "kw": {
- "key": "20200505141841",
- "serial": 1,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/1': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "02213174-779d-428a-a24b-0f291fd712b9",
- "when": "20220311130838Z",
- "duration": "0.817826",
- "kw": {
- "key": "20200505141842",
- "serial": 268369921,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/268369921': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.certs",
- "check": "IPACertRevocation",
- "result": "ERROR",
- "uuid": "5328e333-9b2b-42db-8064-e7aa5682c5b6",
- "when": "20220311130838Z",
- "duration": "0.857216",
- "kw": {
- "key": "20200311221056",
- "serial": 268369922,
- "error": "cannot connect to 'https://london.idm.domain.uk:443/ca/rest/certs/268369922': [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)",
- "msg": "Request for certificate serial number {serial} in request {key} failed: {error}"
- }
- },
- {
- "source": "ipahealthcheck.ipa.files",
- "check": "IPAFileCheck",
- "result": "WARNING",
- "uuid": "7d7b8919-a7f0-4b0e-b4dd-c4b5814c46cb",
- "when": "20220311130839Z",
- "duration": "0.008287",
- "kw": {
- "key": "_var_log_kadmind.log_mode",
- "path": "/var/log/kadmind.log",
- "type": "mode",
- "expected": "0600",
- "got": "0640",
- "msg": "Permissions of /var/log/kadmind.log are too permissive: 0640 and should be 0600"
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement