-
Notifications
You must be signed in to change notification settings - Fork 139
Configuring Subsystem Debug Log
Each PKI subsystem provides a logging service using java.util.logging (JUL) framework. The logging service which can be used to troubleshoot issues in the subsystem (e.g. database access, certificate issuance, key archival).
For older PKI versions see also:
The logging configuration is located at:
-
/usr/share/pki/ca/webapps/ca/WEB-INF/classes/logging.properties
-
/usr/share/pki/kra/webapps/kra/WEB-INF/classes/logging.properties
-
/usr/share/pki/ocsp/webapps/ocsp/WEB-INF/classes/logging.properties
-
/usr/share/pki/tks/webapps/tks/WEB-INF/classes/logging.properties
-
/usr/share/pki/tps/webapps/tps/WEB-INF/classes/logging.properties
The debug.level
parameter is stored in:
By default the subsystem will log INFO
messages or higher:
debug.level=10
The debug.level
is mapped into JUL log level as follows:
PKI Log Level | SLF4J Log Level | JUL Log Level |
---|---|---|
0-1 (OBNOXIOUS) |
TRACE |
FINEST |
2-5 (VERBOSE) |
DEBUG |
FINE |
6-10 (INFORM) |
INFO |
INFO |
11-15 |
WARN |
WARNING |
>15 |
ERROR |
SEVERE |
The subsystem will store the messages in /var/log/pki/pki-tomcat/<subsystem>/debug.YYYY-MM-DD.log
which will be rotated daily and purged after 7 days.
To show the current debug level, execute the following command:
$ pki-server ca-config-show debug.level 10
To change the debug level (e.g. to log FINE
messages or higher), execute the following command:
$ pki-server ca-config-set debug.level 5
Then restart the server.
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |