
<div dir="ltr">As I understand it, isn&#39;t the core issue that &quot;/usr/share/oat-client/aik.cer&quot;  is never generated<div>and causes the error, since it is missing?</div><div><br></div><div>/Nicolae</div></div><div class="gmail_extra">

<br><br><div class="gmail_quote">On 13 November 2013 12:01, Nicolae Paladi <span dir="ltr">&lt;<a href="mailto:n.paladi@gmail.com" target="_blank">n.paladi@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div dir="ltr">Hi, <div><br></div><div>thank you for the feedback;</div><div>I&#39;ve gone through the steps again, but obtained the exactly same problem:</div><div><br></div><div>1. I removed all of the previously installed packaged related to OAT.</div>


<div><br></div><div>2. I followed the tutorial, until this command:</div><div><br></div><div>bash provisioner.sh <br></div><div><div class="im"><div>provisioner.sh: line 7: systemctl: command not found</div><div>### ecStorage = NVRAM###</div>


</div><div>Performing TPM provisioning...FAILED</div><div>javax.xml.ws.WebServiceException: Failed to access the WSDL at: <a href="https://seoul:8443/HisPrivacyCAWebServices2/hisPrivacyCAWebService2FactoryService?wsdl" target="_blank">https://seoul:8443/HisPrivacyCAWebServices2/hisPrivacyCAWebService2FactoryService?wsdl</a>. It failed with: </div>


<div>        Connection refused.</div><div>        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:162)</div><div>        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)</div>


<div>        at com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:265)</div><div>        at com.sun.xml.ws.client.WSServiceDelegate.&lt;init&gt;(WSServiceDelegate.java:228)</div><div>        at com.sun.xml.ws.client.WSServiceDelegate.&lt;init&gt;(WSServiceDelegate.java:176)</div>


<div>        at com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)</div><div>        at javax.xml.ws.Service.&lt;init&gt;(Service.java:77)</div><div>        at gov.niarl.his.webservices.hisprivacycawebservice2.server.HisPrivacyCAWebService2FactoryServiceService.&lt;init&gt;(HisPrivacyCAWebService2FactoryServiceService.java:42)</div>


<div>        at gov.niarl.his.webservices.hisPrivacyCAWebService2.client.HisPrivacyCAWebServices2ClientInvoker.getHisPrivacyCAWebService2(HisPrivacyCAWebServices2ClientInvoker.java:32)</div><div>        at gov.niarl.his.privacyca.HisTpmProvisioner.main(HisTpmProvisioner.java:205)</div>


<div>Caused by: java.net.ConnectException: Connection refused</div><div>        at java.net.PlainSocketImpl.socketConnect(Native Method)</div><div>        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)</div>


<div>        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)</div><div>        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)</div><div>        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)</div>


<div>        at java.net.Socket.connect(Socket.java:579)</div><div>        at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:618)</div><div>        at sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:160)</div>


<div>        at sun.net.NetworkClient.doConnect(NetworkClient.java:180)</div><div>        at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)</div><div>        at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)</div>


<div>        at sun.net.www.protocol.https.HttpsClient.&lt;init&gt;(HttpsClient.java:275)</div><div>        at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:371)</div><div>        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)</div>


<div>        at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:932)</div><div>        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)</div>


<div>        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)</div><div>        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)</div>


<div>        at java.net.URL.openStream(URL.java:1037)</div><div>        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:804)</div><div>        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:262)</div>


<div>        at com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:129)</div><div>        ... 8 more</div><div>Failed to initialize the TPM, error 1</div><div>Performing HIS identity provisioning...FAILED</div>


<div>gov.niarl.his.privacyca.TpmModule$TpmModuleException: TpmModule.getCredential returned nonzero error: 2()</div><div>        at gov.niarl.his.privacyca.TpmModule.getCredential(TpmModule.java:594)</div><div>        at gov.niarl.his.privacyca.HisIdentityProvisioner.main(HisIdentityProvisioner.java:217)</div>

<div class="im">

<div>Failed to receive AIC from Privacy CA, error 1</div><div>Registering identity with server...FAILED</div><div>java.io.FileNotFoundException: /usr/share/oat-client/aik.cer (No such file or directory)</div><div>        at java.io.FileInputStream.open(Native Method)</div>


</div><div>        at java.io.FileInputStream.&lt;init&gt;(FileInputStream.java:146)</div><div>        at java.io.FileInputStream.&lt;init&gt;(FileInputStream.java:101)</div><div class="im"><div>        at gov.niarl.his.privacyca.TpmUtils.certFromFile(TpmUtils.java:612)</div>


<div>        at gov.niarl.his.privacyca.HisRegisterIdentity.main(HisRegisterIdentity.java:99)</div><div>Failed to register identity with appraiser, error 1</div></div></div><div><br></div><div>Should I have updated anything else?</div>


<div><br></div><div>cheers,</div><div>/Nicolae.</div><div><br></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On 1 November 2013 10:14, Wei, Gang <span dir="ltr">&lt;<a href="mailto:gang.wei@intel.com" target="_blank">gang.wei@intel.com</a>&gt;</span> wrote:<br>


<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">This is indeed an issue caused by the incompatibility between OAT tpm access<br>

code &amp; tpm-tools(tpm_takeownership -z). It has already been fixed. Please<br>

follow below wiki and try again.<br>

<a href="https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe" target="_blank">https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe</a>.<br>

<br>

Thanks<br>

Jimmy<br>

<br>

Nicolae Paladi wrote on 2013-10-28:<br>

<div>&gt; Hi, I&#39;ve followed the recipe<br>

&gt; (<a href="https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Rec" target="_blank">https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Rec</a><br>

</div>&gt; i pe) but didn&#39;t get it to run yet; I think a step is missing -- the AIK<br>

<div>&gt; is not available is /usr/share/oat-client (it was not available in<br>

&gt; /var/lig/oat-appraiser/ClientFiles either); when I try to run<br>

&gt; provisioner.sh, I get the following: provisioner.sh: line 7: systemctl:<br>

&gt; command not found ### ecStorage = NVRAM### Performing TPM<br>

&gt; provisioning...710 DONE Successfully initialized TPM Performing HIS<br>

&gt; identity provisioning...FAILED java.util.NoSuchElementException<br>

&gt;         at java.util.StringTokenizer.nextToken(StringTokenizer.java:349)<br>

&gt;         at<br>

&gt; gov.niarl.his.privacyca.TpmModule.executeVer2Command(TpmModule.java:21<br>

&gt; 5)<br>

&gt;         at<br>

&gt; gov.niarl.his.privacyca.TpmModule.collateIdentityRequest(TpmModule.java:29<br>

&gt; 2)<br>

&gt;         at<br>

&gt; gov.niarl.his.privacyca.HisIdentityProvisioner.main(HisIdentityProvisione<br>

</div>&gt; r.java: 225) Failed to receive AIC from Privacy CA, error 1 Registering<br>

<div><div>&gt; identity with server...FAILED java.io.FileNotFoundException:<br>

&gt; /usr/share/oat-client/aik.cer (No such file or directory)<br>

&gt;         at java.io.FileInputStream.open(Native Method)<br>

&gt;         at java.io.FileInputStream.&lt;init&gt;(FileInputStream.java:137)<br>

&gt;         at java.io.FileInputStream.&lt;init&gt;(FileInputStream.java:96)<br>

&gt;         at<br>

gov.niarl.his.privacyca.TpmUtils.certFromFile(TpmUtils.java:612)<br>

&gt;         at<br>

&gt;<br>

gov.niarl.his.privacyca.HisRegisterIdentity.main(HisRegisterIdentity.java:99<br>

)<br>

&gt; Failed to register identity with appraiser, error 1<br>

&gt;<br>

&gt;<br>

&gt;<br>

&gt; Thanks,<br>

&gt; /Nicolae<br>

&gt;<br>

&gt;<br>

&gt; On 27 October 2013 22:55, Nicolae Paladi &lt;<a href="mailto:n.paladi@gmail.com" target="_blank">n.paladi@gmail.com</a>&gt; wrote:<br>

&gt;<br>

&gt;<br>

&gt;       Awesome, thanks!<br>

&gt;<br>

&gt;       I&#39;ll try this out in the morning<br>

&gt;<br>

&gt;       /Nicolae<br>

&gt;<br>

&gt;<br>

&gt;       On 27 October 2013 17:03, Wei, Gang &lt;<a href="mailto:gang.wei@intel.com" target="_blank">gang.wei@intel.com</a>&gt; wrote:<br>

&gt;<br>

&gt;<br>

&gt;               Please refer to<br>

&gt;<br>

&gt;<br>

<a href="https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-" target="_blank">https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-</a><br>

&gt; Recipe.<br>

&gt;<br>

&gt;               Jimmy<br>

</div></div></blockquote></div><br></div>

</div></div></blockquote></div><br></div>