[Freeipa-users] FreeIPA_demonstration_tools CA creation error.
Dmitri Pal
dpal at redhat.com
Wed Dec 14 17:58:41 UTC 2011
On 12/14/2011 11:04 AM, Mercer, Rodney wrote:
> I've been attempting to install the virtual machine setup from
> http://freeipa.org/page/FreeIPA_demonstration_tools
>
> I install on fresh Fedora 15 x86_64 host, and I am able to complete the first two steps.
>
> When I run the last script,
> ./ipa-demo.sh
> I get from the ipa-demo-<date>.log
> ----
> CRITICAL:root:failed to configure ca instance
> ----
> and later in the log:
> ----
> Warning: skipping DNS resolution of host master.example.com
> The IPA Master Server will be configured with
> Hostname: master.example.com
> IP address: 192.168.122.32
> Domain name: example.com
> ----
> and
> ----
> Configuring certificate server: Estimated time 3 minutes 30 seconds
> [1/17]: creating certificate server user
> [2/17]: creating pki-ca instance
> [3/17]: configuring certificate server instance
> Unexpected error - see ipaserver-install.log for details:
> Configuration of CA failed
> Server installation failed!
> Domain f15-ipa-server destroyed
>
> Domain f15-ipa-server has been undefined
> ----
>
> I see the dhcp address changing for master.example.com each time the script is run.
> Is there a requirement for making the dhcp address consistent for master.example.com
> and having the address in /etc/hosts so that it can reverse resolve via dnsmasq?
>
> Or does the DNS resolution of ip to host have any bearing on the certificate creation as I suspect?
>
>
Consistent name resolution is a requirement for IPA.
Ondrej, can you please take a closer look and see if this is something
with the demo scripts or IPA itself?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list