See below for how to troubleshoot the main Validation Authority issues.
Connectivity issues
As explained in Validation Authority overview, Validation Authority connects to:
- A database.
- An HSM.
- A certificate status source (CA Gateway instance or CRL server).
To check the connection with these components, run the evactl check all command.
Error: Another instance of evactl is running
When trying to create or delete a key, you can encounter the following error.
Error: Another instance of evactl is running create-key or delete-keyWhen trying to enroll, reenroll or import a PKCS #12, you can encounter the following error.
Error: Another instance of evactl is running enroll, reenroll or import-p12In both cases:
- Make sure that there is no other instance of the
evactlcommand line tool performing any of those operations. Re-run the command with the
FORCE_MUTEX_OPERATIONenvironment variable set to 1. For example:sudo FORCE_MUTEX_OPERATION=1 evactl create-key RSA2048Running a command with
FORCE_MUTEX_OPERATIONset to 1 can override the changes made by anotherevactlrunning instance.