[Freeipa-users] Problem in ipa-server-install -> uninstall -> install
Marco Pizzoli
marco.pizzoli at gmail.com
Tue Feb 14 09:20:25 UTC 2012
Hi guys,
I'm running freeipa-server-2.1.4-5.fc16.x86_64.
Following the documentation I can see that to uninstall and reinstall a
freeipa system it is sufficient to:
> ipa-server-install <parameters>
> ipa-server-install --uninstall
> ipa-server-install <parameters>
Well, when re-installing the system, I get this error on the console:
[cut]
done configuring named.
Configuration of client side components failed!
ipa-client-install returned: Command '/usr/sbin/ipa-client-install
--on-master --unattended --domain unix.mydomain.it --server
freeipa01.unix.mydomain.it --realm UNIX.MYDOMAIN.IT --hostname
freeipa01.unix.mydomain.it' returned non-zero exit status 1
I had a look to /var/log/ipaclient-install.log and I saw these lines
[cut]
2012-02-14 09:53:39,435 DEBUG args=/usr/bin/wget -O /etc/ipa/ca.crt
http://freeipa01.unix.mydomain.it/ipa/config/ca.crt
2012-02-14 09:53:39,435 DEBUG stdout=
2012-02-14 09:53:39,435 DEBUG stderr=--2012-02-14 09:53:39--
http://freeipa01.unix.mydomain.it/ipa/config/ca.crt
Resolving freeipa01.unix.mydomain.it... 192.168.146.131
Connecting to freeipa01.unix.mydomain.it|192.168.146.131|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1325 (1.3K) [application/x-x509-ca-cert]
Saving to: <E2><80><9C>/etc/ipa/ca.crt<E2><80><9D>
0K . 100% 270M=0s
2012-02-14 09:53:39 (270 MB/s) - <E2><80><9C>/etc/ipa/ca.crt<E2><80><9D>
saved [1325/1325]
2012-02-14 09:53:39,436 DEBUG Backing up system configuration file
'/etc/sssd/sssd.conf'
2012-02-14 09:53:39,463 DEBUG Saving Index File to
'/var/lib/ipa-client/sysrestore/sysrestore.index'
2012-02-14 09:53:39,540 DEBUG Domain unix.csebo.it is already configured in
existing SSSD config, creating a new one.
2012-02-14 09:53:39,642 DEBUG args=/usr/bin/certutil -A -d /etc/pki/nssdb
-n IPA CA -t CT,C,C -a -i /etc/ipa/ca.crt
2012-02-14 09:53:39,643 DEBUG stdout=
2012-02-14 09:53:39,643 DEBUG stderr=certutil: could not obtain certificate
from file: You are attempting to import a cert with the same issuer/serial
as an existing cert, but that is not the same cert.
So I tried a new "ipa-server-install --uninstall" and checked the file
/etc/ipa/ca.crt. And it remained there.
What is the problem?
Thanks
Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120214/c5e3bc2b/attachment.htm>
More information about the Freeipa-users
mailing list