The following provides information for troubleshooting CLI issues. To view general troubleshooting tips and search for troubleshooting topics, see EJBCA Troubleshooting.
Problem: Cannot Access the EJBCA CLI
When accessing EJBCA's CLI by running ${EJBCA_HOME}/bin/ejbca.sh you get the following error message:
> /opt/ejbca/bin/ejbca.sh
Error: CLI could not contact EJBCA instance. Either your application server is not up and running, EJBCA has not been deployed successfully, or some firewall rule is blocking the CLI from the application server.
CODE
Cause
Under the hood, this is caused by an IllegalStateException with the error message "No EJB receiver available for handling".
Troubleshooting Steps
It is assumed you are using JBoss as the application server and RHEL as the operating system. The steps for troubleshooting will be very similar if you are using for example Wildfly instead of JBoss, or another Linux distribution such as Debian.
Make sure JBoss is up and running:
ps aux | grep ${JBOSS_HOME}/bin/standalone.sh
CODE
If JBoss is not running, start it.
Make sure EJBCA has been deployed correctly:
ls ${JBOSS_HOME}/standalone/deployments | grep ejbca.ear.deployed
CODE
If EJBCA has not been deployed correctly, check the JBoss log file to find out why:
cat ${JBOSS_HOME}/standalone/log/server.log | grep ERROR -C 10 | less
CODE
Fix the problem and the redeploy EJBCA by running the following:
cd ${EJBCA_HOME}
ant -q clean deployear
CODE
Make sure the application server is listening to the port configured in dist/ejbca-ejb-cli/jboss-ejb-client.properties (unless you have edited the configuration, it should be port 4447) .
sudo lsof -i:4447
CODE
If connecting remotely this port must be open in the firewall. Inspect your firewall rules and open this port for incoming TCP traffic if necessary.