IPA: pki-tomcatd service not starting due to error "Could not connect to LDAP server host ipaserver.example.com port 636 Error netscape.ldap.LDAPException: IO Error creating JSS SSL Socket".
Issue
pki-tomcatd
service not starting due to error below
Could not connect to LDAP server host ipaserver.example.com port 636 Error netscape.ldap.LDAPException: IO Error creating JSS SSL Socket
- Error observed in log file
/var/log/pki/pki-tomcat/localhost.2015-10-13.log
Oct 13, 2015 11:26:01 AM org.apache.catalina.core.StandardWrapperValve invoke SEVERE: Servlet.service() for servlet [caGetStatus] in context with path [/ca] threw exception java.io.IOException: CS server is not ready to serve.
- Error observed in log file
/var/log/pki/pki-tomcat/ca/debug
.
[13/Oct/2015:12:01:12][localhost-startStop-1]: LdapAuthInfo: init ends
[13/Oct/2015:12:01:12][localhost-startStop-1]: init: before makeConnection errorIfDown is true
[13/Oct/2015:12:01:12][localhost-startStop-1]: makeConnection: errorIfDown true
[13/Oct/2015:12:01:12][localhost-startStop-1]: LdapJssSSLSocket set client auth cert nicknamesubsystemCert cert-pki-ca
[13/Oct/2015:12:01:12][localhost-startStop-1]: CMS:Caught EBaseException
Internal Database Error encountered: Could not connect to LDAP server host ipaserver.example.com port 636 Error netscape.ldap.LDAPException: IO Error creating JSS SSL Socket (-1)
at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:658)
at com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:934)
at com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:865)
at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:362)
at com.netscape.certsrv.apps.CMS.init(CMS.java:189)
at com.netscape.certsrv.apps.CMS.start(CMS.java:1585)
at com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:96)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:277)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:274)
at java.security.AccessController.doPrivileged(Native Method)
- Error observed in log file
/var/log/pki/pki-tomcat/ca/system
.
0.localhost-startStop-1 - [13/Oct/2015:12:01:12 EDT] [8] [3] In Ldap (bound) connection pool to host ipaserver.example.com port 636, Cannot connect to LDAP server. Error: netscape.ldap.LDAPException: IO Error creating JSS SSL Socket (-1)
0.localhost-startStop-1 - [13/Oct/2015:12:13:12 EDT] [8] [3] In Ldap (bound) connection pool to host ipaserver.example.com port 636, Cannot connect to LDAP server. Error: netscape.ldap.LDAPException: IO Error creating JSS SSL Socket (-1)
0.localhost-startStop-1 - [13/Oct/2015:12:14:30 EDT] [8] [3] In Ldap (bound) connection pool to host ipaserver.example.com port 636, Cannot connect to LDAP server. Error: netscape.ldap.LDAPException: IO Error creating JSS SSL Socket (-1)
- Following error was also observed.
Internal Database Error encountered: Could not connect to LDAP server host ipaserver.example.com port 636 Error netscape.ldap.LDAPException: Unable to create socket: java.net.ConnectException: Connection refused (Connection refused) (-1)
Environment
- Red Hat Enterprise Linux 7
- IPA 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.