2:38 p.m.
Oleg Danilovich via FreeIPA-users wrote:
Does it mean that i should update my ipa servers ?
I'd recommend examining /var/log/ipaserver-install.log and the CA log
files in /var/log/pki/pki-tomcat/ca/
rob
On 21 June 2017 at 17:28, Oleg Danilovich
<oleg.danilovich(a)expcapital.com <mailto:oleg.danilovich@expcapital.com>>
wrote:
Hello guys,
I have problems with creation freeipa master replica.
ipa --version
VERSION: 4.3.1, API_VERSION: 2.164
Master server Idp+self sign CA
I want create full replica of master server
Host for replica in domain (ipa-client-install -U --domain=
--server=ipa1.itcapital.io <http://ipa1.itcapital.io> --password=
--principal=--hostname= --no-ntp --mkhomedir)
I try to create replica:
ipa-replica-install --hostname=<domain name> --domain=<domain name>
--server=<ipa server name> --password=XXXXXX --principal=admin
--setup-ca
Replica installation success but CA replica creation failed:
Configuring certificate server (pki-tomcatd). Estimated time: 3
minutes 30 seconds
[1/23]: creating certificate server user
[2/23]: creating certificate server db
[3/23]: setting up initial replication
Starting replication, please wait until this has completed.
Update in progress, 5 seconds elapsed
Update succeeded
[4/23]: creating installation admin user
[5/23]: setting up certificate server
ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to
configure CA instance: Command '/usr/sbin/pkispawn -s CA -f
/tmp/tmpjnucvO' returned non-zero exit status 1
ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the
installation logs and the following files/directories for more
information:
ipa.ipaserver.install.cainstance.CAInstance: CRITICAL
/var/log/pki/pki-tomcat
[error] RuntimeError: CA configuration failed.
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
ipa.ipapython.install.cli.install_tool(Replica): ERROR CA
configuration failed.
ipa.ipapython.install.cli.install_tool(Replica): ERROR The
ipa-replica-install command failed. See
/var/log/ipareplica-install.log for more information
Maybe somebody has information about this issue?
--
Best regards,
*Oleg Danilovich*
--
Best regards,
*Oleg Danilovich*
DevOps Engineer
*exp**(capital) **limited*
*T. *_+ <tel:+357%2096%20672275>375447487939_
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org