FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 12-20-2010, 03:13 PM
Chun Tat David Chu
 
Default attrcrypt_unwrap_key: failed to unwrap key for cipher AES

Hi Rich,

Can you tell me what triggers this message?

Thanks,

David

2010/12/17 Rich Megginson <rmeggins@redhat.com>







On 12/16/2010 03:41 PM, Chun Tat David Chu wrote:
Hi All,



Occasionally I see the following messages when I start the 389DS.



<timestamp> attrcrypt_unwrap_key:* failed to unwrap key for
cipher AES

<timestamp> Failed to retrieve key for cipher AES in
attrcrypt_cipher_init

<timestamp> Failed to initialize cipher AES in
attrcrypt_init

<timestamp> attrcrypt_unwrap_key:* failed to unwrap key for
cipher 3DES

<timestamp> Failed to retrieve key for cipher 3DES in
attrcrypt_cipher_init

<timestamp> Failed to initialize cipher 3DES in
attrcrypt_init



Can someone tell me what went wrong there?* It looks like these
messages are harmless because 389DS still started up successfully
and able to process all requests.


Yes, it should be harmless unless you are actually using attribute
encryption.




Thanks,



- David






--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users






--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 12-22-2010, 11:56 AM
remy d1
 
Default attrcrypt_unwrap_key: failed to unwrap key for cipher AES

Hi Chun,

I had the same problem. I think you tried to install 389-DS with SSL but your certificates were not loaded by 389-DS (389-ds know that you configured SSL but he can not load the certificates (perhaps your certificate autority is not good);


I think you should read this :
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Managing_SSL.html


Or try to migrate in ssl again and generate new certificates with CA.

Regards;

2010/12/20 Chun Tat David Chu <beyonddc.storage@gmail.com>

Hi Rich,

Can you tell me what triggers this message?

Thanks,

David


2010/12/17 Rich Megginson <rmeggins@redhat.com>







On 12/16/2010 03:41 PM, Chun Tat David Chu wrote:
Hi All,



Occasionally I see the following messages when I start the 389DS.



<timestamp> attrcrypt_unwrap_key:* failed to unwrap key for
cipher AES

<timestamp> Failed to retrieve key for cipher AES in
attrcrypt_cipher_init

<timestamp> Failed to initialize cipher AES in
attrcrypt_init

<timestamp> attrcrypt_unwrap_key:* failed to unwrap key for
cipher 3DES

<timestamp> Failed to retrieve key for cipher 3DES in
attrcrypt_cipher_init

<timestamp> Failed to initialize cipher 3DES in
attrcrypt_init



Can someone tell me what went wrong there?* It looks like these
messages are harmless because 389DS still started up successfully
and able to process all requests.


Yes, it should be harmless unless you are actually using attribute
encryption.




Thanks,



- David






--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users






--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users



--

389 users mailing list

389-users@lists.fedoraproject.org

https://admin.fedoraproject.org/mailman/listinfo/389-users


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 04:30 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org