We are in the process of adding a new a CA replica.
We install in the following fashion:
1. ipa-replica-install
2. ipa-dns-install
3. ipa-ca-install
All goes well until step3. ipa-ca-install, where we get the error:
2023-05-22T16:51:30Z ERROR ERROR: Remote master check failed with following error
message(s):
invalid 'cn': must be "ipa011.ad.company.fm"
If we do --skip-conn-check (not recommended) at step 3 we get a complete install, but it
does not allow kinit to work on that server.
Any thoughts on how to diagnose and/or fix?
Thanks
Nick.
Show replies by date