Hello guys,I have problems with creation freeipa master replica.ipa --versionVERSION: 4.3.1, API_VERSION: 2.164Master server Idp+self sign CAI want create full replica of master serverHost for replica in domain (ipa-client-install -U --domain= --server=ipa1.itcapital.io --password= --principal=--hostname= --no-ntp --mkhomedir)I try to create replica:ipa-replica-install --hostname=<domain name> --domain=<domain name> --server=<ipa server name> --password=XXXXXX --principal=admin --setup-caReplica installation success but CA replica creation failed:Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds[1/23]: creating certificate server user[2/23]: creating certificate server db[3/23]: setting up initial replicationStarting replication, please wait until this has completed.Update in progress, 5 seconds elapsedUpdate succeeded[4/23]: creating installation admin user[5/23]: setting up certificate serveripa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpjnucvO' returned non-zero exit status 1 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed.Your system may be partly configured.Run /usr/sbin/ipa-server-install --uninstall to clean up.ipa.ipapython.install.cli.install_tool(Replica): ERROR CA configuration failed. ipa.ipapython.install.cli.install_tool(Replica): ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install. log for more information Maybe somebody has information about this issue?--Best regards,Oleg Danilovich
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org