Instalasi OCSP Responder

| Posted in Certificate Authority, Linux Server, PKI, Project, Security

Artikel ini merupakan kelanjutan dari artikel sebelumnya berjudul : Membuat Certification Authority dengan EJBCA,OCSP,JBOSS,Java,OpenLDAP.

Online Certificate Status Protocol (OCSP) sangat dibutuhkan dalam pembuatan public key infrastructure, OCSP merupakan protocol query(relying parties).  OCSP adalah sebuah status protocol yang dapat menghasilkan informasi status certificate secara real time, termasuk data-data yang berisi certificate revocation lists (CRLs).  Instalasi OCSP kali ini masih menggunakan software open source EJBCA.

Server OCSP bisa ditempatkan diluar server EJBCA yang berfungsi sebagai CA(certificateion authority).

Proses instalasi ini berada pada mesin berbeda dengan EJBCA.
Tahapannya :

– Install Java JDK, Ant,JBOSS,EJBCA

Install mysqlserver dan create username databse ejbca, dan allow grant privileges IP dari server EJBCA., settingan ini pada ocsp-database di server EJBCA. Jadi mysql di server OCSP akan berisi informasi CRLs dari server EJBCA.

ocsp-svr:/ejbca# ant -version
Apache Ant version 1.7.1 compiled on June 27 2008

ocsp-svr:/ejbca# java -version
java version “1.6.0_19”
Java™ SE Runtime Environment (build 1.6.0_19-b04)
Java HotSpot™ Client VM (build 16.2-b04, mixed mode, sharing)

– Deploy OCSP, source binary EJBCA sudah diekstrak ke /ejbca :

ocsp-svr:/ejbca# cp properties sample ke properties di /ejbca/conf

ocsp-svr:/ejbca# ant bootstrap———————cut————————————————[ejbdoclet] Generating PK class for ‘org.ejbca.core.ejb.BasePropertyEntityBean’.
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.authorization.LocalAuthorizationSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.upgrade.UpgradeSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.store.LocalCertificateStoreSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.services.LocalServiceSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ra.raadmin.LocalRaAdminSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.approval.LocalApprovalSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.log.LocalLogSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.keyrecovery.LocalKeyRecoverySessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ra.userdatasource.LocalUserDataSourceSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.store.LocalCertificateStoreOnlyDataSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.hardtoken.LocalHardTokenSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.log.ProtectedLogSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.publisher.PublisherQueueSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.services.ServiceTimerSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.hardtoken.LocalEjbcaHardTokenBatchJobSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.publisher.LocalPublisherSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ra.LocalUserAdminSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.crl.CreateCRLSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.sign.RSASignSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.ca.auth.LocalAuthenticationSessionBean’.
[ejbdoclet] Generating Session class for ‘org.ejbca.core.ejb.protect.TableProtectSessionBean’.
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] Generating EJB deployment descriptor (ejb-jar.xml).
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] Generating jboss.xml.
[ejbdoclet] Generating jbosscmp-jdbc.xml.
[ejbdoclet] INFO: Some classes refer to other classes that were not found among the sources or on the classpath.
[ejbdoclet] (Perhaps the referred class doesn’t exist? Hasn’t been generated yet?)
[ejbdoclet] The referring classes do not import any fully qualified classes matching these classes.
[ejbdoclet] However, since no packages are imported, xjavadoc has assumed that the referred classes
[ejbdoclet] belong to the same package as the referring class. The classes are:
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ca/caadmin/CAAdminSessionBean.java—> CADataLocal qualified to org.ejbca.core.ejb.ca.caadmin.CADataLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/authorization/LocalAuthorizationSessionBean.java—> AdminGroupDataLocal qualified to org.ejbca.core.ejb.authorization.AdminGroupDataLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/authorization/LocalAuthorizationSessionBean.java—> AuthorizationTreeUpdateDataLocal qualified to org.ejbca.core.ejb.authorization.AuthorizationTreeUpdateDataLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/services/LocalServiceSessionBean.java—> ServiceDataLocalHome qualified to org.ejbca.core.ejb.services.ServiceDataLocalHome
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/services/LocalServiceSessionBean.java—> IServiceTimerSessionLocal qualified to org.ejbca.core.ejb.services.IServiceTimerSessionLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/approval/LocalApprovalSessionBean.java—> ApprovalDataLocal qualified to org.ejbca.core.ejb.approval.ApprovalDataLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/log/LocalLogSessionBean.java—> ILogSessionLocal qualified to org.ejbca.core.ejb.log.ILogSessionLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/log/ProtectedLogSessionBean.java—> ProtectedLogDataLocalHome qualified to org.ejbca.core.ejb.log.ProtectedLogDataLocalHome
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/log/ProtectedLogSessionBean.java—> ProtectedLogExportDataLocalHome qualified to org.ejbca.core.ejb.log.ProtectedLogExportDataLocalHome
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/log/ProtectedLogSessionBean.java—> ProtectedLogTokenDataLocalHome qualified to org.ejbca.core.ejb.log.ProtectedLogTokenDataLocalHome
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/services/ServiceTimerSessionBean.java—> IServiceSessionLocal qualified to org.ejbca.core.ejb.services.IServiceSessionLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/services/ServiceTimerSessionBean.java—> IServiceTimerSessionLocal qualified to org.ejbca.core.ejb.services.IServiceTimerSessionLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/hardtoken/LocalEjbcaHardTokenBatchJobSessionBean.java—> IHardTokenSessionLocal qualified to org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ca/publisher/LocalPublisherSessionBean.java—> IPublisherQueueSessionLocal qualified to org.ejbca.core.ejb.ca.publisher.IPublisherQueueSessionLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ra/LocalUserAdminSessionBean.java—> UserDataLocal qualified to org.ejbca.core.ejb.ra.UserDataLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ca/store/CertReqHistoryDataBean.java—> CertReqHistoryDataPK qualified to org.ejbca.core.ejb.ca.store.CertReqHistoryDataPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ca/store/CRLDataBean.java—> CRLDataPK qualified to org.ejbca.core.ejb.ca.store.CRLDataPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/keyrecovery/KeyRecoveryDataBean.java—> KeyRecoveryDataPK qualified to org.ejbca.core.ejb.keyrecovery.KeyRecoveryDataPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ca/store/CertificateDataBean.java—> CertificateDataPK qualified to org.ejbca.core.ejb.ca.store.CertificateDataPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/hardtoken/HardTokenPropertyEntityBean.java—> HardTokenPropertyPK qualified to org.ejbca.core.ejb.hardtoken.HardTokenPropertyPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/ra/UserDataBean.java—> UserDataPK qualified to org.ejbca.core.ejb.ra.UserDataPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/BasePropertyEntityBean.java—> PropertyEntityPK qualified to org.ejbca.core.ejb.PropertyEntityPK
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/authorization/AdminGroupDataBean.java—> AdminEntityDataLocal qualified to org.ejbca.core.ejb.authorization.AdminEntityDataLocal
[ejbdoclet] /ejbca/tmp/preprocessed/java/org/ejbca/core/ejb/authorization/AdminGroupDataBean.java—> AccessRulesDataLocal qualified to org.ejbca.core.ejb.authorization.AccessRulesDataLocal
[webdoclet] (XDocletMain.start 48 ) Running
[webdoclet] Generating web.xml.
[webdoclet] (XDocletMain.start 48 ) Running
[webdoclet] Generating web.xml.
[webdoclet] (XDocletMain.start 48 ) Running
[webdoclet] Generating web.xml.
[echo] No custom changes to merge.
Trying to override old definition of task apt
Trying to override old definition of task wsimport
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
wls-dd-postprocess:
dd-postprocess:
compile:
[javac] Compiling 901 source files to /ejbca/tmp/bin/classes
[javac] Note: Some input files use or override a deprecated API.
[javac] Note: Recompile with -Xlint:deprecation for details.
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[copy] Copying 7 files to /ejbca/tmp/bin/classes
cmptcpserviceconditioncheck:
jbosscmptcpclasspathset:
jbosscmptcpclasspathunset:
jbosscmptcpclasspath:
ejbca-ejb.jar:
[mkdir] Created dir: /ejbca/hwtoken
[mkdir] Created dir: /ejbca/tmp/caTokenClasses
[jar] Building jar: /ejbca/dist/ejbca-ejb.jar
publicweb.war:
[mkdir] Created dir: /ejbca/tmp/publicweb.war/WEB-INF/lib
[copy] Copying 45 files to /ejbca/tmp/publicweb.war
[copy] Copied 7 empty directories to 1 empty directory under /ejbca/tmp/publicweb.war
[copy] Copying 2 files to /ejbca/tmp/publicweb.war/WEB-INF/lib
[war] Building war: /ejbca/dist/publicweb.war
renew.war:
scep.war:
[war] Building war: /ejbca/dist/scep.war
webdist.war:
[war] Building war: /ejbca/dist/webdist.war
status.war:
[war] Building war: /ejbca/dist/status.war
cmp.war:
[war] Building war: /ejbca/dist/cmp.war
healthcheck.war:
[war] Building war: /ejbca/dist/healthcheck.war
adminweb.war:
[mkdir] Created dir: /ejbca/tmp/adminweb.war/WEB-INF/lib
[mkdir] Created dir: /ejbca/tmp/adminweb.war/reports
[copy] Copying 130 files to /ejbca/tmp/adminweb.war
[native2ascii] Converting 9 files from /ejbca/tmp/preprocessed/adminweb/languages to /ejbca/tmp/adminweb.war/languages
[native2ascii] Converting 1 file from /ejbca/tmp/preprocessed/adminweb/languages to /ejbca/tmp/adminweb.war/languages
[copy] Copying 2 files to /ejbca/tmp/adminweb.war/WEB-INF
[copy] Copying 1 file to /ejbca/tmp/adminweb.war/WEB-INF/lib
[mkdir] Created dir: /ejbca/tmp/adminweb.war/WEB-INF/jspc
[jasper2] log4j:WARN No appenders could be found for logger (org.apache.jasper.compiler.JspRuntimeContext).
[jasper2] log4j:WARN Please initialize the log4j system properly.
[mkdir] Created dir: /ejbca/tmp/adminweb.war/WEB-INF/classes
[javac] Compiling 48 source files to /ejbca/tmp/adminweb.war/WEB-INF/classes
[javac] Note: Some input files use or override a deprecated API.
[javac] Note: Recompile with -Xlint:deprecation for details.
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[war] Building war: /ejbca/dist/adminweb.war
ejbca-util.jar:
[jar] Building jar: /ejbca/dist/ejbca-util.jar
ejbcawsconditioncheck:
ws.init:
[mkdir] Created dir: /ejbca/tmp/jaxws/gen-classes/server
[mkdir] Created dir: /ejbca/tmp/jaxws/gen-classes/client
ws.build:
[echo] ejbca: /ejbca/build.xml
[javac] Compiling 24 source files to /ejbca/tmp/bin/classes
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[javac] Compiling 89 source files to /ejbca/tmp/jaxws/gen-classes/server
jaxwslibspre:
[mkdir] Created dir: /ejbca/tmp/jaxws/lib
jaxwslibsstd:
[copy] Copying 19 files to /ejbca/tmp/jaxws/lib
jaxwslibswebsphere:
jaxwslibs:
ejbcaws.war:
[copy] Copying 24 files to /ejbca/tmp/jaxws/gen-classes/server
[copy] Copying 1 file to /ejbca/tmp/jaxws
[copy] Warning: Could not find file /ejbca/src/jaxws/jboss/web.xml to copy.
[war] Building war: /ejbca/dist/ejbcaws.war
ws.build.client:
[javac] Compiling 123 source files to /ejbca/tmp/jaxws/gen-classes/client
[javac] Compiling 23 source files to /ejbca/tmp/bin/classes
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[mkdir] Created dir: /ejbca/tmp/ejbcawscli.jar
[mkdir] Created dir: /ejbca/tmp/ejbcawscli.jar/META-INF
[mkdir] Created dir: /ejbca/dist/ejbcawscli/lib
[copy] Copying 186 files to /ejbca/tmp/ejbcawscli.jar
[copy] Copying 15 files to /ejbca/dist/ejbcawscli/lib/endorsed
[copy] Copying 5 files to /ejbca/dist/ejbcawscli/lib
[copy] Copying 5 files to /ejbca/dist/ejbcawscli
[jar] Building jar: /ejbca/dist/ejbcawscli/ejbcawscli.jar
ejbcaws.client:
xkmsconditioncheck:
xkms.init:
xkms.build:
[javac] Compiling 80 source files to /ejbca/tmp/xkms/gen-classes
[javac] Compiling 27 source files to /ejbca/tmp/bin/classes
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
xkms.war:
[copy] Copying 17 files to /ejbca/tmp/xkms/gen-classes
[war] Building war: /ejbca/dist/xkms.war
xkms.build.client:
[copy] Copying 112 files to /ejbca/tmp/xkmscli.jar
[copy] Copying 24 files to /ejbca/dist/xkmscli/lib
[copy] Copying 3 files to /ejbca/dist/xkmscli
[jar] Building jar: /ejbca/dist/xkmscli/xkmscli.jar
xkms.client:
doc.war:
[echo] No custom changes to merge.
Trying to override old definition of task apt
Trying to override old definition of task wsimport
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
prepare:
prepare-error:
doc:
[anakia] Transforming into: /ejbca/tmp/htdocs
[anakia] Input: architecture-ocsp.xml
[anakia] Output: /ejbca/tmp/htdocs/architecture-ocsp.html
[anakia] Input: architecture.xml
[anakia] Output: /ejbca/tmp/htdocs/architecture.html
[anakia] Input: complimentary.xml
[anakia] Output: /ejbca/tmp/htdocs/complimentary.html
[anakia] Input: contact.xml
[anakia] Output: /ejbca/tmp/htdocs/contact.html
[anakia] Input: contributors.xml
[anakia] Output: /ejbca/tmp/htdocs/contributors.html
[anakia] Input: credits.xml
[anakia] Output: /ejbca/tmp/htdocs/credits.html
[anakia] Input: cvccas.xml
[anakia] Output: /ejbca/tmp/htdocs/cvccas.html
[anakia] Input: demo.xml
[anakia] Output: /ejbca/tmp/htdocs/demo.html
[anakia] Input: donations.xml
[anakia] Output: /ejbca/tmp/htdocs/donations.html
[anakia] Input: download.xml
[anakia] Output: /ejbca/tmp/htdocs/download.html
[anakia] Input: faq.xml
[anakia] Output: /ejbca/tmp/htdocs/faq.html
[anakia] Input: features.xml
[anakia] Output: /ejbca/tmp/htdocs/features.html
[anakia] Input: howto.xml
[anakia] Output: /ejbca/tmp/htdocs/howto.html
[anakia] Input: hudson.xml
[anakia] Output: /ejbca/tmp/htdocs/hudson.html
[anakia] Input: index.xml
[anakia] Output: /ejbca/tmp/htdocs/index.html
[anakia] Input: installation-ocsp.xml
[anakia] Output: /ejbca/tmp/htdocs/installation-ocsp.html
[anakia] Input: installation.xml
[anakia] Output: /ejbca/tmp/htdocs/installation.html
[anakia] Input: installations.xml
[anakia] Output: /ejbca/tmp/htdocs/installations.html
[anakia] Input: license.xml
[anakia] Output: /ejbca/tmp/htdocs/license.html
[anakia] Input: manual-ocsp.xml
[anakia] Output: /ejbca/tmp/htdocs/manual-ocsp.html
[anakia] Input: manual.xml
[anakia] Output: /ejbca/tmp/htdocs/manual.html
[anakia] Input: references.xml
[anakia] Output: /ejbca/tmp/htdocs/references.html
[anakia] Input: releasecycle.xml
[anakia] Output: /ejbca/tmp/htdocs/releasecycle.html
[anakia] Input: screenshots.xml
[anakia] Output: /ejbca/tmp/htdocs/screenshots.html
[anakia] Input: security.xml
[anakia] Output: /ejbca/tmp/htdocs/security.html
[anakia] Input: sensornet/ca-enrollment.xml
[anakia] Output: /ejbca/tmp/htdocs/sensornet/ca-enrollment.html
[anakia] Input: sensornet/howto-server.xml
[anakia] Output: /ejbca/tmp/htdocs/sensornet/howto-server.html
[anakia] Input: sensornet/howto-tomcat.xml
[anakia] Output: /ejbca/tmp/htdocs/sensornet/howto-tomcat.html
[anakia] Input: sensornet/infrastructure.xml
[anakia] Output: /ejbca/tmp/htdocs/sensornet/infrastructure.html
[anakia] Input: sensornet/short-course.xml
[anakia] Output: /ejbca/tmp/htdocs/sensornet/short-course.html
[copy] Copying 183 files to /ejbca/tmp/htdocs
[war] Building war: /ejbca/dist/doc.war
ca.ear:
[ear] Building ear: /ejbca/dist/ejbca.ear
[echo] No custom changes to merge.
Trying to override old definition of task apt
Trying to override old definition of task wsimport
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
signjar:
[echo] Specify -Dsignjar.keystore=/path/keystore.jks if you want to sign the release.
[echo] No custom changes to merge.
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
signjar.internal:
externalraconditioncheck:
externalra.jar:
ejbca.ear:
build:
jbosscmptcplistener:
buildwithcmptcpservice:
deploy:
[echo] No custom changes to merge.
Trying to override old definition of task apt
Trying to override old definition of task wsimport
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
externalraconditioncheck:
externalra.deploy:
[echo] No custom changes to merge.
Trying to override old definition of task apt
Trying to override old definition of task wsimport
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
j2ee:check:
[echo] Using appserver.home : /jboss
j2ee:web-configure:
j2ee:configure:
j2ee:deployBase:
[copy] Copying 2 files to /jboss/server/default/deploy
[copy] Copying 1 file to /jboss/server/default/deploy
j2ee:deploy:
[copy] Copying 1 file to /jboss/server/default/deploy
[echo] No custom changes to merge.
Trying to override old definition of task apt
Trying to override old definition of task wsimport
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
showtime:
[echo] Task completed 2010-04-22 11:20:27 +0700.
BUILD SUCCESSFUL
Total time: 2 minutes 1 second
ocsp-svr:/ejbca#
JBOSS sudah di unzip ke folder /jboss dan kita jalankan :

ocsp-svr:/jboss/bin# run.sh -b 0.0.0.0
—————————cut—————————————11:27:47,373 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/adminweb
11:27:48,955 WARNING [config] JSF1025: [/ejbca/adminweb] Context initialization parameter ‘com.sun.faces.disableVersionTracking’ is deprecated and will have no effect.
11:27:48,999 INFO [config] Initializing Mojarra (1.2_12-b01-FCS) for context ‘/ejbca/adminweb’
11:27:50,525 INFO [StartServicesServlet] Init, EJBCA 3.9.6 (r8844) startup.
11:27:50,961 INFO [CATokenManager] Can not instantiate org.ejbca.core.model.ca.catoken.NFastCAToken. Class not found: com.ncipher.provider.km.nCipherKM.
11:27:50,962 INFO [CATokenManager] Can not register org.ejbca.core.model.ca.catoken.NFastCAToken. This is normally not an error.
11:27:50,964 INFO [CATokenManager] Class not found: se.primeKey.caToken.card.PrimeCAToken.
11:27:50,965 INFO [CATokenManager] Can not register se.primeKey.caToken.card.PrimeCAToken. This is normally not an error.
11:27:50,971 INFO [CATokenManager] Can not instantiate org.ejbca.core.model.ca.catoken.EracomCAToken. Class not found: au.com.eracom.crypto.provider.slot0.ERACOMProvider.
11:27:50,972 INFO [CATokenManager] Can not register org.ejbca.core.model.ca.catoken.EracomCAToken. This is normally not an error.
11:27:51,013 INFO [CATokenManager] Class not found: org.ejbca.core.model.ca.catoken.SafeNetLunaCAToken.
11:27:51,013 INFO [CATokenManager] Can not register org.ejbca.core.model.ca.catoken.SafeNetLunaCAToken. This is normally not an error.
11:27:54,874 INFO [Log4jLogDevice] April 22, 2010 11:27:54 AM WIT, CAId : 0, SERVICE, EVENT_INFO_STARTING, Administrator : INTERNALUSER, User : No user involved, Certificate : No certificate involved, Comment : Init, EJBCA 3.9.6 (r8844) startup.
11:27:55,188 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/publicweb
11:27:55,271 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/doc
11:27:55,325 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/ejbcaws
11:27:55,656 INFO [http] WSSERVLET12: JAX-WS context listener initializing
11:27:56,168 INFO [http] wsdl cannot be found from DD or annotation. Will generate and publish a new WSDL for SEI endpoints.
11:27:58,956 INFO [http] WSSERVLET14: JAX-WS servlet initializing
11:27:59,035 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/publicweb/healthcheck
11:27:59,195 INFO [TomcatDeployment] deploy, ctxPath=/ejbca
11:27:59,416 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/publicweb/apply
11:27:59,495 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/publicweb/status
11:27:59,593 INFO [OCSPServletBase] ExtensionOids not defined.
11:27:59,594 INFO [OCSPServletBase] ExtensionClass not defined.
11:27:59,624 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/publicweb/webdist
11:27:59,702 INFO [TomcatDeployment] deploy, ctxPath=/ejbca/xkms
11:28:00,159 INFO [http] WSSERVLET12: JAX-WS context listener initializing
11:28:08,739 INFO [http] wsdl cannot be found from DD or annotation. Will generate and publish a new WSDL for SEI endpoints.
11:28:08,920 INFO [http] WSSERVLET14: JAX-WS servlet initializing
11:28:09,040 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-0.0.0.0-8080
11:28:09,129 INFO [AjpProtocol] Starting Coyote AJP/1.3 on ajp-0.0.0.0-8009
11:28:09,188 INFO [ServerImpl] JBoss (Microcontainer) [5.1.0.GA (build: SVNTag=JBoss_5_1_0_GA date=200905221053)] Started in 4m:24s:920ms

Install OCSP :

ocsp-svr:/ejbca# ant ocsp-deploy
Buildfile: build.xml
[echo] No custom changes to merge.
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
failinproduction-ocsp:
ejbca-util.jar:
[echo] /ejbca/modules
[echo] No custom changes to merge.
[copy] Warning: /ejbca/modules/conf not found.
ejbca-util:
[echo] /ejbca/modules
[echo] No custom changes to merge.
compile-util:
build-util:
xdoc-or-precompiled-check:
jboss50targetcheck:
jboss50jsfimpl:
[echo] JBoss 5.0.x uses SunRI JSF implementation
jboss42targetcheck:
jboss42jsfimpl:
jboss40targetcheck:
jboss40jsfimpl:
[echo] JBoss 4.0.x uses Apache Myfaces JSF implementation
glassfishtargetcheck:
glassfishjsfimpl:
wlstargetcheck:
weblogicjsfimpl:
oc4jtargetcheck:
oc4jjsfimpl:
webspheretargetcheck:
webspherejsfimpl:
set.jsfimpl:
j2ee:check:
[echo] Using appserver.home : /jboss
init:
[echo]
[echo]—————EJBCA 3.10.0 (r8808) CONFIGURATION PROPERTIES —————[echo] appserver.type = jboss
[echo] appserver.home = /jboss
[echo] java.ver = 15
[echo] ocsp.defaultresponder = CN=AdminCA1,O=EJBCA Sample,C=SE
[echo] ocsp.usecasigningcert = true
[echo] ocsp.signaturealgorithm = SHA1WithRSA;SHA1WithECDSA;SHA1WithDSA
[echo] datasource.jndi-name = EjbcaDS
[echo] datasource.jndi-name-prefix = java:/
[echo] database.name = hsqldb
[echo] datasource.mapping = Hypersonic SQL
[echo] database.url = jdbc:hsqldb:${jboss.server.data.dir}${/}hypersonic${/}localDB
[echo] database.driver = org.hsqldb.jdbcDriver
[echo] database.username = sa
[echo] database.password =
[echo] weblogic-oracle-columntype =
[echo] mail.jndi-name = java:/EjbcaMail
[echo] mail.from = ejbca-donotreply@domain.com
[echo] mail.user = ejbca_user
[echo] mail.password = primekey
[echo] mail.smtp.host = localhost
[echo] mail.smtp.port = 25
[echo] mail.smtp.auth = false
[echo] mail.debug = false
[echo] httpserver.pubhttp = 8080
[echo] httpserver.pubhttps = 8442
[echo] httpserver.privhttps = 8443
[echo] httpsserver.hostname = localhost
[echo] httpsserver.password = serverpwd
[echo] web.contentencoding = UTF-8
[echo] web.jsfimpl = sunri
[echo] web.renewalenabled = false
[echo] ejbcaws.enabled = true
[echo] cmp.allowraverifypopo = false
[echo] cmp.defaultca =
[echo] cmp.extractusernamecomponent =
[echo] cmp.operationmode = normal
[echo] cmp.responseprotection = signature
[echo] cmp.ra.authenticationsecret =
[echo] cmp.ra.namegenerationscheme = DN
[echo] cmp.ra.namegenerationparameters = CN
[echo] cmp.ra.namegenerationprefix =
[echo] cmp.ra.namegenerationpostfix =
[echo] cmp.ra.endentityprofile = EMPTY
[echo] cmp.ra.certificateprofile = ENDUSER
[echo] cmp.ra.caname = AdminCA1
[echo] cmp.tcp.enabled = false
[echo] cmp.tcp.portno = 829
[echo] cmp.tcp.logdir = ./log
[echo] cmp.tcp.conffile =
[echo] xkms.enabled = false
[echo] xkms.serviceport = 8080
[echo]
preprocess.luna:
preprocess:
[echo] Ignore warnings about ‘Couldn’t find file’ during preprocessing
[copy] Copying 1 file to /ejbca/tmp/bin/dd/META-INF
[copy] Warning: Could not find file /ejbca/tmp/preprocessed/deploy/sun/sun-cmp-mappings-hsqldb.xml to copy.
[copy] Warning: Could not find file /ejbca/tmp/preprocessed/deploy/sun/schema/hsqldb/ejbca-ejb.dbschema to copy.
[copy] Copying 1 file to /ejbca/tmp/bin/dd/WEB-INF
[copy] Copying 1 file to /ejbca/tmp/bin/dd/WEB-INF
[copy] Warning: /ejbca/tmp/preprocessed/deploy/jboss/client/bin/META-INF not found.
[copy] Warning: /ejbca/tmp/preprocessed/deploy/jboss/client/bin/META-INF not found.
[delete] Deleting: /ejbca/tmp/preprocessed/intresources/intresources.fr.properties
[native2ascii] Converting 1 file from /ejbca/src/intresources to /ejbca/tmp/preprocessed/intresources
ocsp-run-xdoc:
[copy] Warning: /ejbca/tmp/preprocessed/deploy/ejb/merge/hsqldb not found.
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[ejbdoclet] (XDocletMain.start 48 ) Running
[webdoclet] (XDocletMain.start 48 ) Running
[webdoclet] Generating web.xml.
ocsp-compile:
ocsp-war:
[war] Building war: /ejbca/ocsp-dist/status.war
ocsp-jar:
[copy] Copying 1 file to /ejbca/ocsp-dist
[jar] Updating jar: /ejbca/ocsp-dist/ejbca-ejb.jar
ocsphealthcheck.war:
[war] Building war: /ejbca/ocsp-dist/ocsphealthcheck.war
ocsp-ear:
[ear] Building ear: /ejbca/ocsp-dist/ejbca.ear
ocsp-deploy:
[echo] No custom changes to merge.
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
j2ee:ocspbasewebdeploy:
j2ee:check:
[echo] Using appserver.home : /jboss
j2ee:web-configure:
[echo] Using JBoss deploy directory /jboss/server/default/deploy
[copy] Copying 1 file to /jboss/server/default/conf/keystore
[echo] No custom changes to merge.
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
j2ee:deploytruststore:
[copy] Copying 1 file to /jboss/server/default/conf/keystore
[echo] No custom changes to merge.
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
detect-tomcatdir:
deploytomcat:
[copy] Copying 1 file to /jboss/server/default/deploy/jbossweb.sar
j2ee:configure:
j2ee:deployocsp:
[copy] Copying 1 file to /jboss/server/default/deploy
[copy] Copying 1 file to /jboss/server/default/deploy
[echo] No custom changes to merge.
[taskdef] Could not load definitions from resource cloverlib.xml. It could not be found.
showtime:
[echo] Task completed 2010-04-22 12:56:49 +0700.
BUILD SUCCESSFUL
Total time: 35 seconds
ocsp-svr:/ejbca#

Selanjutnya kita mengkonfigurasi OCSP Responder ini melalui Admin Web pada server EJBCA.

Write a comment