Well, well, I always find fun things. so my previous email from
yesterday about the error with ipa-custodia failing a replica install -
I think I found the culprit. It seems to be related to installing "Let's
Encrypt" certs about a year ago. This is the first time I tried to add a
new replica since then, and debugging shows that it retrieves the cert,
btu then tries to match it to the IPA self-signed cert and of course
they don't quite match - hence the error of :
ipapython.admintool: ERROR 406 Client Error: Failed to validate
message: *No recipient matched the provided key*["Failed:
[ValueError('Decryption failed.',)]"]
Now to figure out how to get rid of that cert and nto break things further.
K
Show replies by date