[Freeipa-users] FreeIPA 1.9.0.pre4 installation problem

Miljan Karadzic miljank at gmail.com
Wed Sep 15 15:59:02 UTC 2010 

Hello all,

I am having some problems installing FreeIPA server on a freshly 
installed Fedora 13 machine. Installation fails during configuration of 
certificate server at step 3/14:

-----------
   [3/14]: configuring certificate server instance
root        : CRITICAL failed to restart ca instance Command 
'/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname 
loznica.lhs-systems.com -cs_port 9445 -client_certdb_dir /tmp/tmp-0ANqdU 
-client_certdb_pwd XXXXXXXX -preop_pin eTvJduILXN6kCgkX46ih -domain_name 
IPA -admin_user admin -admin_email root at localhost -admin_password 
XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type 
rsa -agent_cert_subject "CN=ipa-ca-agent,O=IPA" -ldap_host 
loznica.lhs-systems.com -ldap_port 7389 -bind_dn "cn=Directory Manager" 
-bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 
-key_type rsa -save_p12 true -backup_pwd XXXXXXXX -subsystem_name 
pki-cad -token_name internal -ca_subsystem_cert_subject_name "CN=CA 
Subsystem,O=IPA" -ca_ocsp_cert_subject_name "CN=OCSP Subsystem,O=IPA" 
-ca_server_cert_subject_name "CN=loznica.lhs-systems.com,O=IPA" 
-ca_audit_signing_cert_subject_name "CN=CA Audit,O=IPA" 
-ca_sign_cert_subject_name "CN=Certificate Authority,O=IPA" -external 
false -clone false' returned non-zero exit status 255
   [4/14]: creating CA agent PKCS#12 file in /root
Unexpected error - see ipaserver-install.log for details:
  Command '/usr/bin/pk12util -n ipa-ca-agent -o /root/ca-agent.p12 -d 
/tmp/tmp-0ANqdU -k /tmp/tmplUonD_ -w /tmp/tmplUonD_' returned non-zero 
exit status 24
-----------

Even if installation continues to next step PKI-CA is not configured.

Debug message from the installation log file says (complete installation 
log is attached):

-----------
Required parameter -key_algorithm is not specified.
Use -help for help information
-----------

Installed packages are as follows:

-----------
pki-common-1.3.8-1.fc13.noarch
pki-util-1.3.2-1.fc13.noarch
pki-console-1.3.2-1.fc13.noarch
pki-native-tools-1.3.0-5.fc13.i686
dogtag-pki-ca-ui-1.3.2-1.fc13.noarch
pki-silent-1.3.4-1.fc13.noarch
pki-symkey-1.3.2-4.fc13.i686
pki-java-tools-1.3.1-1.fc13.noarch
dogtag-pki-console-ui-1.3.2-2.fc13.noarch
pki-ca-1.3.6-1.fc13.noarch
pki-selinux-1.3.5-1.fc13.noarch
dogtag-pki-common-ui-1.3.3-1.fc13.noarch
pki-setup-1.3.4-1.fc13.noarch
-
ipa-server-1.9.0.pre4-0.fc13.i686
ipa-admintools-1.9.0.pre4-0.fc13.i686
ipa-python-1.9.0.pre4-0.fc13.i686
ipa-server-selinux-1.9.0.pre4-0.fc13.i686
ipa-client-1.9.0.pre4-0.fc13.i686
-
389-ds-base-1.2.6-1.fc13.i686
-----------

Any ideas what could be the problem?

Regards,
Miljan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20100915/e8d6abc2/attachment.htm>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipaserver-install.log
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20100915/e8d6abc2/attachment.log>

More information about the Freeipa-users mailing list