Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Supporto_Checkp
Collaborator

SIC issue with new Domain on MDS ( 80.40 Take 139 )

Hi
i've a strange issue, basically I added a new domain on my MDS, both primary and secondary server but the CPCA process was down.
I deleted them ( with a lot of work ... GUI and mgmt_cli didn't worked,so i've to use this script CreateDomainRecovery.sh )

Now I've created it again (with new name and ip ) but the CPCA is always down.

a debug of CPCA (fw debug cpca on TDERROR_ALL_ALL=5) show this when I stop and start that DMS.

 

[cpca 214892 4117449088]@MI-TAR-MDSMGMT[28 Feb 10:50:28] main: the process is on

 main: could not initiate the Certificate Authority. No Certificate Authority existing

[cpca 214953 4117440896]@MI-TAR-MDSMGMT[28 Feb 10:50:34] cpca: Mon Feb 28 10:50:34 2022

 

[cpca 214953 4117440896]@MI-TAR-MDSMGMT[28 Feb 10:50:34] main: the process is on

 main: could not initiate the Certificate Authority. No Certificate Authority existing


I can connect to it using smartconsole ( if I point directly the ip of the new domain ) and I have this error


Error (Security Management Server CA is not running)
The sic is "not communicating"

It's strange
the SIC between MDS and DMS is automatically managed,and my previoys 4 domains works like a charm ( for now .... )

 

any idea?


0 Kudos
6 Replies
_Val_
Admin
Admin

Please open a TAC case for this. 

0 Kudos
Supporto_Checkp
Collaborator

already did ,but i had to solve by myself ,later i'll explain how

_Val_
Admin
Admin

@Supporto_Checkp By all means, please do share.

0 Kudos
Martin_Raska
Advisor
Advisor

We have the exactly same issue. Is there any solution?

main: could not initiate the Certificate Authority. No Certificate Authority existing

MDS R81.10 JHF78

0 Kudos
_Val_
Admin
Admin

As mentioned above, the best is to open a TAC case. 

But while you are doing that, please run "cpwd_admin list" to see if cpca process is up.

0 Kudos
Martin_Raska
Advisor
Advisor

There were multiple issues some of them were solved with me and TAC with CPM doctor. The main fault was the corrupted registry template. Not fully matched in our case but similar issue - sk98768 - Scenario 8.

HKLM_registry.data_cust 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events