[Users] Trusted Pools and CentOS 6 packages

Nicolae Paladi n.paladi at gmail.com
Wed Nov 13 11:01:00 UTC 2013


Hi,

thank you for the feedback;
I've gone through the steps again, but obtained the exactly same problem:

1. I removed all of the previously installed packaged related to OAT.

2. I followed the tutorial, until this command:

bash provisioner.sh
provisioner.sh: line 7: systemctl: command not found
### ecStorage = NVRAM###
Performing TPM provisioning...FAILED
javax.xml.ws.WebServiceException: Failed to access the WSDL at:
https://seoul:8443/HisPrivacyCAWebServices2/hisPrivacyCAWebService2FactoryService?wsdl.
It failed with:
        Connection refused.
        at
com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.tryWithMex(RuntimeWSDLParser.java:162)
        at
com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:144)
        at
com.sun.xml.ws.client.WSServiceDelegate.parseWSDL(WSServiceDelegate.java:265)
        at
com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:228)
        at
com.sun.xml.ws.client.WSServiceDelegate.<init>(WSServiceDelegate.java:176)
        at
com.sun.xml.ws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:104)
        at javax.xml.ws.Service.<init>(Service.java:77)
        at
gov.niarl.his.webservices.hisprivacycawebservice2.server.HisPrivacyCAWebService2FactoryServiceService.<init>(HisPrivacyCAWebService2FactoryServiceService.java:42)
        at
gov.niarl.his.webservices.hisPrivacyCAWebService2.client.HisPrivacyCAWebServices2ClientInvoker.getHisPrivacyCAWebService2(HisPrivacyCAWebServices2ClientInvoker.java:32)
        at
gov.niarl.his.privacyca.HisTpmProvisioner.main(HisTpmProvisioner.java:205)
Caused by: java.net.ConnectException: Connection refused
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
        at
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
        at
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:579)
        at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:618)
        at
sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:160)
        at sun.net.NetworkClient.doConnect(NetworkClient.java:180)
        at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
        at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
        at
sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:275)
        at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:371)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
        at
sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:932)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
        at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
        at java.net.URL.openStream(URL.java:1037)
        at
com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.createReader(RuntimeWSDLParser.java:804)
        at
com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.resolveWSDL(RuntimeWSDLParser.java:262)
        at
com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:129)
        ... 8 more
Failed to initialize the TPM, error 1
Performing HIS identity provisioning...FAILED
gov.niarl.his.privacyca.TpmModule$TpmModuleException:
TpmModule.getCredential returned nonzero error: 2()
        at
gov.niarl.his.privacyca.TpmModule.getCredential(TpmModule.java:594)
        at
gov.niarl.his.privacyca.HisIdentityProvisioner.main(HisIdentityProvisioner.java:217)
Failed to receive AIC from Privacy CA, error 1
Registering identity with server...FAILED
java.io.FileNotFoundException: /usr/share/oat-client/aik.cer (No such file
or directory)
        at java.io.FileInputStream.open(Native Method)
        at java.io.FileInputStream.<init>(FileInputStream.java:146)
        at java.io.FileInputStream.<init>(FileInputStream.java:101)
        at gov.niarl.his.privacyca.TpmUtils.certFromFile(TpmUtils.java:612)
        at
gov.niarl.his.privacyca.HisRegisterIdentity.main(HisRegisterIdentity.java:99)
Failed to register identity with appraiser, error 1

Should I have updated anything else?

cheers,
/Nicolae.



On 1 November 2013 10:14, Wei, Gang <gang.wei at intel.com> wrote:

> This is indeed an issue caused by the incompatibility between OAT tpm
> access
> code & tpm-tools(tpm_takeownership -z). It has already been fixed. Please
> follow below wiki and try again.
> https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe
> .
>
> Thanks
> Jimmy
>
> Nicolae Paladi wrote on 2013-10-28:
> > Hi, I've followed the recipe
> > (
> https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Rec
> > i pe) but didn't get it to run yet; I think a step is missing -- the AIK
> > is not available is /usr/share/oat-client (it was not available in
> > /var/lig/oat-appraiser/ClientFiles either); when I try to run
> > provisioner.sh, I get the following: provisioner.sh: line 7: systemctl:
> > command not found ### ecStorage = NVRAM### Performing TPM
> > provisioning...710 DONE Successfully initialized TPM Performing HIS
> > identity provisioning...FAILED java.util.NoSuchElementException
> >         at java.util.StringTokenizer.nextToken(StringTokenizer.java:349)
> >         at
> > gov.niarl.his.privacyca.TpmModule.executeVer2Command(TpmModule.java:21
> > 5)
> >         at
> >
> gov.niarl.his.privacyca.TpmModule.collateIdentityRequest(TpmModule.java:29
> > 2)
> >         at
> > gov.niarl.his.privacyca.HisIdentityProvisioner.main(HisIdentityProvisione
> > r.java: 225) Failed to receive AIC from Privacy CA, error 1 Registering
> > identity with server...FAILED java.io.FileNotFoundException:
> > /usr/share/oat-client/aik.cer (No such file or directory)
> >         at java.io.FileInputStream.open(Native Method)
> >         at java.io.FileInputStream.<init>(FileInputStream.java:137)
> >         at java.io.FileInputStream.<init>(FileInputStream.java:96)
> >         at
> gov.niarl.his.privacyca.TpmUtils.certFromFile(TpmUtils.java:612)
> >         at
> >
>
> gov.niarl.his.privacyca.HisRegisterIdentity.main(HisRegisterIdentity.java:99
> )
> > Failed to register identity with appraiser, error 1
> >
> >
> >
> > Thanks,
> > /Nicolae
> >
> >
> > On 27 October 2013 22:55, Nicolae Paladi <n.paladi at gmail.com> wrote:
> >
> >
> >       Awesome, thanks!
> >
> >       I'll try this out in the morning
> >
> >       /Nicolae
> >
> >
> >       On 27 October 2013 17:03, Wei, Gang <gang.wei at intel.com> wrote:
> >
> >
> >               Please refer to
> >
> >
> https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-
> > Recipe.
> >
> >               Jimmy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131113/ad0cbce2/attachment-0001.html>


More information about the Users mailing list