[Freeipa-users] Failed installation
Bret Wortman
bret.wortman at damascusgrp.com
Wed Oct 17 16:40:02 UTC 2012
I recently tried installing freeipa on a new server, but ipa-server-install
had problems around this point:
Configuring certificate server: Estimated time 3 minutes 30 seconds
[1/18]: creating certificate server user
[2/18]: creating pki-ca instance
[3/18]: configuring certificate server instance
ipa : CRITICAL failed to configure ca instance Command
'/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname
fs1.wedgeofli.me-cs_port 9445 -client_certdb_dir /tmp/tmp-UvBMbL
-client_certdb_pwd
XXXXXXXX -preop_pin HHxKHUz5RRfzQ3OkFMlR -domain_name IPA -admin_user admin
-admin_email root at localhost -admin_XXXXXXXX XXXXXXXX -agent_name
ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject
CN=ipa-ca-agent,O=WEDGEOFLI.ME -ldap_host fs1.wedgeofli.me -ldap_port 7389
-bind_dn cn=Directory Manager -bind_XXXXXXXX XXXXXXXX -base_dn o=ipaca
-db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA
-save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name
internal -ca_subsystem_cert_subject_name CN=CA
Subsystem,O=WEDGEOFLI.ME-ca_ocsp_cert_subject_name CN=OCSP
Subsystem,O=
WEDGEOFLI.ME -ca_server_cert_subject_name
CN=fs1.wedgeofli.me,O=WEDGEOFLI.ME-ca_audit_signing_cert_subject_name
CN=CA Audit,O=
WEDGEOFLI.ME -ca_sign_cert_subject_name CN=Certificate Authority,O=
WEDGEOFLI.ME -external false -clone false' returned non-zero exit status 255
Unexpected error - see ipaserver-install.log for details:
Configuration of CA failed
[root at fs1 ~]#
The logfile revealed the following stack trace:
#############################################
Attempting to connect to: fs1.wedgeofli.me:9445
Exception in LoginPanel(): java.lang.NullPointerException
ERROR: ConfigureCA: LoginPanel() failure
ERROR: unable to create CA
#######################################################################
2012-10-17T16:24:53Z DEBUG stderr=Exception: Unable to Send
Request:java.net.ConnectException: Connection refused
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
at java.net.Socket.connect(Socket.java:579)
at java.net.Socket.connect(Socket.java:528)
at java.net.Socket.<init>(Socket.java:425)
at java.net.Socket.<init>(Socket.java:241)
at HTTPClient.sslConnect(HTTPClient.java:326)
at ConfigureCA.LoginPanel(ConfigureCA.java:244)
at ConfigureCA.ConfigureCAInstance(ConfigureCA.java:1157)
at ConfigureCA.main(ConfigureCA.java:1672)
java.lang.NullPointerException
at ConfigureCA.LoginPanel(ConfigureCA.java:245)
at ConfigureCA.ConfigureCAInstance(ConfigureCA.java:1157)
at ConfigureCA.main(ConfigureCA.java:1672)
Now I seem to be stuck. I tried uninstalling the freeipa-server package
with # yum remove freeipa-server and then reinstalled it the same way, but
ipa-server-install won't run no matter what I attempt.
Any thoughts? I'm pretty new to IPA.
Thanks!
--
Bret Wortman
The Damascus Group
Fairfax, VA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121017/63e4b72b/attachment.htm>
More information about the Freeipa-users
mailing list