[Freeipa-users] While attempting to make a replica....I get this failure....
Rob Crittenden
rcritten at redhat.com
Mon Feb 28 15:50:48 UTC 2011
Steven Jones wrote:
>
> [root at fed14-64-ipam001 jonesst1]# ipa-replica-prepare
> fed14-64-ipam002.ipa.ac.nz
> Directory Manager (existing master) password:
>
> Preparing replica for fed14-64-ipam002.ipa.ac.nz from
> fed14-64-ipam001.ipa.ac.nz
> Creating SSL certificate for the Directory Server
> ipa: INFO: sslget
> 'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient'
> Creating SSL certificate for the Web Server
> ipa: INFO: sslget
> 'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient'
> preparation of replica failed: cannot connect to
> 'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient': [Errno -12285] (SSL_ERROR_NO_CERTIFICATE) Unable to find the certificate or key necessary for authentication.
> cannot connect to
> 'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient': [Errno -12285] (SSL_ERROR_NO_CERTIFICATE) Unable to find the certificate or key necessary for authentication.
> File "/usr/sbin/ipa-replica-prepare", line 431, in<module>
> main()
>
> File "/usr/sbin/ipa-replica-prepare", line 363, in main
> export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "httpcert",
> replica_fqdn, subject_base)
>
> File "/usr/sbin/ipa-replica-prepare", line 136, in export_certdb
> raise e
>
>
> If I go to the URL I get,
>
> ================
>
> The Certificate System has encountered an unrecoverable error.
>
> Error Message:
> java.lang.NullPointerException
>
> Please contact your local administrator for assistance.
> ================
>
> ???
>
> regards
Can you provide the output of:
# certutil -L -d /etc/httpd/alias
During installation dogtag provides us with an RA agent certificate that
we use to communicate with the CA. This certificate should be stored in
/etc/httpd/alias.
rob
More information about the Freeipa-users
mailing list