[Freeipa-users] CA cert issues
Orion Poplawski
orion at cora.nwra.com
Thu Jan 17 17:06:27 UTC 2013
On 01/17/2013 09:49 AM, Orion Poplawski wrote:
>
> Anyway, tried again and now:
>
> Configuring Kerberos KDC: Estimated time 30 seconds
> [1/9]: adding sasl mappings to the directory
> [2/9]: writing stash file from DS
> [3/9]: configuring KDC
> [4/9]: creating a keytab for the directory
> [5/9]: creating a keytab for the machine
> [6/9]: adding the password extension to the directory
> [7/9]: enable GSSAPI for replication
> creation of replica failed: list index out of range
>
Okay, this is more cert stuff, on the replica:
[17/Jan/2013:09:41:55 -0700] slapi_ldap_bind - Error: could not send startTLS
request: error -11 (Connect error) errno 0 (Success)
Because the ds instance there doesn't recognize the cert on the master.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the Freeipa-users
mailing list