After the upgrade to freeipa-server-4.9.3-1.fc33.x86_64 on 5.10.18-200.fc33.x86_64, the web UI will not load and just has the alert box pop up with Unknown Error: error Parsing through some logs here are some errors/warnings: 2021-04-09T06:22:57Z DEBUG request body '' 2021-04-09T06:22:57Z DEBUG httplib request failed: Traceback (most recent call last): File "/usr/lib/python3.9/site-packages/ipapython/dogtag.py", line 262, in _httplib_request conn.request(method, path, body=request_body, headers=headers) File "/usr/lib64/python3.9/http/client.py", line 1255, in request self._send_request(method, url, body, headers, encode_chunked) File "/usr/lib64/python3.9/http/client.py", line 1301, in _send_request self.endheaders(body, encode_chunked=encode_chunked) File "/usr/lib64/python3.9/http/client.py", line 1250, in endheaders self._send_output(message_body, encode_chunked=encode_chunked) File "/usr/lib64/python3.9/http/client.py", line 1010, in _send_output self.send(msg) File "/usr/lib64/python3.9/http/client.py", line 950, in send self.connect() File "/usr/lib64/python3.9/http/client.py", line 921, in connect self.sock = self._create_connection( File "/usr/lib64/python3.9/socket.py", line 843, in create_connection raise err File "/usr/lib64/python3.9/socket.py", line 831, in create_connection sock.connect(sa) ConnectionRefusedError: [Errno 111] Connection refused 2021-04-09T06:22:57Z DEBUG Failed to check CA status: cannot connect to ' http://ourdomain.edu:8080/ca/admin/ca/getStatus';: [Errno 111] Connection refused 2021-04-09T06:22:57Z DEBUG Loading StateFile from '/var/lib/ipa/sysrestore/sysrestore.state' DEBUG stderr=ERROR: ERROR: No kra subsystem in instance pki-tomcat. [auth_gssapi:error] [pid 1553901:tid 1554106] [client x.x.x.x:59482] GSS ERROR In Negotiate Auth: gss_accept_sec_context() failed: [An unsupported mechanism was requested (Unknown error)], referer: https://ourdomain.edu/ipa/ui/ And running rndc reload is successful but the logs show: Apr 12 13:28:07 ourdomain named[1553865]: zone ourdomain.edu/IN: NS ' ourdomain.edu' has no address records (A or AAAA) Apr 12 13:28:07 ourdomain named[1553865]: zone ourdomain.edu/IN: not loaded due to errors. Apr 12 13:28:07 ourdomain named[1553865]: 1 master zones from LDAP instance 'ipa' loaded (2 zones defined, 0 inactive, 1 failed to load) Apr 12 13:28:07 ourdomain named[1553865]: zone ourdomain.edu/IN: NS ' ourdomain.edu' has no address records (A or AAAA) Apr 12 13:28:07 ourdomain named[1553865]: zone ourdomain.edu/IN: not loaded due to errors. Apr 12 13:28:07 ourdomain named[1553865]: update_zone (syncrepl) failed for master zone DN 'idnsname=ourdomain.edu.,cn=dns,dc=ourdomain,dc=edu'. Zones can be outdated, run `rndc reload`: bad zone Apr 12 13:28:07 ourdomain named[1553865]: timed out resolving './DNSKEY/IN': 8.8.8.8#53 Apr 12 13:28:07 ourdomain named[1553865]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted Apr 12 13:28:08 ourdomain named[1553865]: resolver priming query complete Apr 12 13:28:08 ourdomain named[1553865]: checkhints: unable to get root NS rrset from cache: not found Anything new that could've caused this?