Hi all,
I would linke to reinstall a replica for my FreeIPA infra that has failed its ipa-server-upgrade after the updat’e of CentOS
ipa-server-4.6.5-11.el7.centos.4.x86_64, a few days ago…
But everytime I try I get the following error on that machine :
Configuring ipa-custodia
[1/4]: Generating ipa-custodia config file
[2/4]: Generating ipa-custodia keys
[3/4]: starting ipa-custodia
[4/4]: configuring ipa-custodia to start on boot
Done configuring ipa-custodia.
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
[1/29]: creating certificate server db
[2/29]: setting up initial replication
Starting replication, please wait until this has completed.
Update in progress, 4 seconds elapsed
Update succeeded
[3/29]: creating ACIs for admin
[4/29]: creating installation admin user
[5/29]: configuring certificate server instance
ipaserver.install.dogtaginstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpjRZhjK' returned non-zero exit
status 1
ipaserver.install.dogtaginstance: CRITICAL See the installation logs and the following files/directories for more information:
ipaserver.install.dogtaginstance: CRITICAL /var/log/pki/pki-tomcat
[error] RuntimeError: CA configuration failed.
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
ipapython.admintool: ERROR CA configuration failed.
ipapython.admintool: ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information
I cannot find any relevant info in the logs to tell me what could be done…
Do you have an idea ?
---
Bernard Lheureux
Linux System Engineer
IT Infra
Rue Fivé 150, B-4100 Seraing
GSM: +32-475-530311