[Freeipa-devel] [freeipa PR#517][comment] Use Custodia 0.3 features
MartinBasti
freeipa-github-notification at redhat.com
Wed Mar 22 11:26:57 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/517
Title: #517: Use Custodia 0.3 features
MartinBasti commented:
"""
No this PR si not blocker by this but by this. I manually tried this patch and replica installation failed.
```
File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 203, in install
install_step_0(standalone, replica_config, options)
File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 244, in install_step_0
replica_config.dirman_password)
File "/usr/lib/python2.7/site-packages/ipaserver/install/custodiainstance.py", line 182, in get_ca_keys
self.__get_keys(ca_host, cacerts_file, cacerts_pwd, data)
File "/usr/lib/python2.7/site-packages/ipaserver/install/custodiainstance.py", line 146, in __get_keys
value = cli.fetch_key(os.path.join(prefix, nickname), False)
File "/usr/lib/python2.7/site-packages/ipaserver/secrets/client.py", line 101, in fetch_key
r.raise_for_status()
File "/usr/lib/python2.7/site-packages/requests/models.py", line 844, in raise_for_status
raise HTTPError(http_error_msg, response=self)
2017-03-22T09:41:44Z DEBUG The ipa-replica-install command failed, exception: HTTPError: 406 Client Error: Key name ca/caSigningCert%20cert-pki-ca does not match subject ca/caSigningCert cert-pki-ca for url: https://vm-126.abc.idm.lab.eng.brq.redhat.com/ipa/keys/ca/caSigningCert%20cert-pki-ca?type=kem&value=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOm51bGx9.OxngT9UkpcI1epgfUY4ptfAcgNqcWkolwjxt48l7mYvvvDbejfdPY5IAulLyqXE_vc4ifCmqAJ2je9t2IC-gJXq9csZ60q4_sBhhw-NVp_2GZOasPYnF_LDoLEUx9iKihMiBRXTMS4Ue4wzx41tgSViCpuO7eUT5XKRaYtwOXd5qi46Z6S8XgQJSTeW3WQjRGNqSzYMOeHQNPMz24gSx9ENJ4Mx2x4LxY5cod3HGjocgp9s4qnJLYL3bhEXRL9x_t8RG6B06_FXY044DNsR5YBlHa7J5ks2ldiR7TCBN2te5iv_ePKYdpmMlHqeT1NNjGKMnei-TTtYE8dsJM4Q9gA.eDq3i2fgbry5AabVyJHVeg.Uf9wBxxQSloach8Pcbdi2BMzeHB9bY4tFRvifH3_-omv87g0jDCMEK8Tv56E9psnp1BEhcslPcIQC2k8YTUiMv_SgA-uj3Agb1RhZn1JV9IlZzPRfUELCj0jj-rVsC7UeQjkYRjYhxnCrlYpiLeAEfPnHlSMqCHH2PWJEzxGH8bCrIBkwrvQ8A2an0tP37HTi4fyJJbHaBZD4YWSG5iD7RjzkL8a89edyiZNNO7xbgX2CxvvgIhJ0vxYWPn6SSLJpOJaVF_Wt5cRMfXccPKdB5VUXPefEUbOjf4A5xdGZiCSWY8jCU8Rb246SdWlxKipEVcRua0zKNcC51IHxAIZY-Jxp9yTqQm8OvNNqsV1cG_TSovsH9MES7AEMYTDNxRr-QluR6Nvjc7VqN_nG9e4l8f7B7ut_sG-BQWJcbWm0GApISE9c9FzjtNmJAO5eZpGehLuOIHPornnyye2ulc_5XeRxr9QtpAHE9buluRAP_bBPXwB2IpDyP2gnOQhyI64ulu1_QRjq_XKoSCBOFe94XMt7JpoQe_NcvsR-rlaZLC4aQaUaycT-a_n6ly-Uwoh2jSHJ2lzLSZ2pbdqkCws_LEevY2Ola67VvQjWNcS7udQlDNhDZPso8_Abf8Jlm54iNMTiKKClRrM6kFITslzXpqpJ_NBe6q6gUp2JY-qkny1y0xwF4Q7kjXvSJdjGXSYrpR3eT9GZfdFIIHy_GUa8Sbt0tYddobEaqdGHo1rO90.GovMfUQdvTRXvrae4vbQDBApw37BgjXM9fimKMmkfQA
```
"""
See the full comment at https://github.com/freeipa/freeipa/pull/517#issuecomment-288370660
More information about the Freeipa-devel
mailing list