I have strange problem on replication server.
I set master server and I generate and set Let's encrypt.
On replica server I do same step but when I try to install pk12 I get error
about invalid credentials.
For private key unlock password I using weak pass which I set in the proces
of generated pk12 in step before.
Directory Manager password is right, because when I do:
ldapsearch -x -D "cn=directory manager" -w mypassword -s base -b ""
"objectclass=*"
I get this, which mean DM pass is ok.
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: objectclass=*
# requesting: ALL
#
.
.
.
.
lastusn: 2382
changeLog: cn=changelog
firstchangenumber: 0
lastchangenumber: 0
ipatopologypluginversion: 1.0
ipatopologyismanaged: on
ipaDomainLevel: 1
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
When I try to install cert:
ipa-server-certinstall -w /path/to/.pk12
I get this error:
ipalib.plugable: DEBUG: importing plugin module ipaserver.plugins.xmlserver
ipapython.admintool: DEBUG: File
"/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line 174, in
execute
return_value = self.run()
File
"/usr/lib/python2.7/dist-packages/ipaserver/install/ipa_server_certinstall.py",
line 110, in run
api.Backend.ldap2.connect(bind_pw=self.options.dirman_password)
File "/usr/lib/python2.7/dist-packages/ipalib/backend.py", line 69, in
connect
conn = self.create_connection(*args, **kw)
File "/usr/lib/python2.7/dist-packages/ipaserver/plugins/ldap2.py", line
175, in create_connection
client_controls=clientctrls)
File "/usr/lib/python2.7/dist-packages/ipapython/ipaldap.py", line 1142,
in simple_bind
bind_dn, bind_password, server_controls, client_controls)
File "/usr/lib/python2.7/contextlib.py", line 35, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/lib/python2.7/dist-packages/ipapython/ipaldap.py", line 1030,
in error_handler
raise errors.ACIError(info="%s %s" % (info, desc))
ipapython.admintool: DEBUG: The ipa-server-certinstall command failed,
exception: ACIError: Insufficient access: Invalid credentials
ipapython.admintool: ERROR: Insufficient access: Invalid credentials
ipapython.admintool: ERROR: The ipa-server-certinstall command failed.
*—*
*Petar Kozić*
Show replies by date