[Freeipa-devel] [PATCHSET] Replica promotion patches
Endi Sukma Dewata
edewata at redhat.com
Mon Oct 5 14:33:59 UTC 2015
On 10/5/2015 8:47 AM, Simo Sorce wrote:
>> 2. The second attempt after re-enrolling client resulted in the error of
>> CA installation:
>>
>> Starting replication, please wait until this has completed.
>> Update in progress, 7 seconds elapsed
>> Update succeeded
>>
>> [4/24]: creating installation admin user
>> [5/24]: setting up certificate server
>> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to
>> configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f'
>> '/tmp/tmpHAJVFG'' returned non-zero exit status 1
>> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the
>> installation logs and the following files/directories for more
>> information:
>> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL
>> /var/log/pki-ca-install.log
>> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL
>> /var/log/pki/pki-tomcat
>> [error] RuntimeError: CA configuration failed.
>> Your system may be partly configured.
>> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>>
>> ipa.ipapython.install.cli.install_tool(Replica): ERROR CA
>> configuration failed.
>
> This is due to the known bug with authentication in Dogtag. Endy fixed
> it upstream.
>
> Endy,
> do you know when the bug will be released in a package we can use for
> testing ?
Here is the bug: https://fedorahosted.org/pki/ticket/1580
I don't think we're ready for a Dogtag 10.3 build, so we may need to
cherry-pick it to 10.2.x. I'll check with Matt.
--
Endi S. Dewata
More information about the Freeipa-devel
mailing list