[Freeipa-users] Installation issues with sub-ca.
Rob Crittenden
rcritten at redhat.com
Wed Nov 6 16:57:32 UTC 2013
Andrea Bontempi wrote:
> Hi,
>
> i'm trying to install FreeIPA with an external CA, but the installation script throws this error:
>
> CalledProcessError: Command '/usr/bin/sslget -v -n ipa-ca-agent -p XXXXXXXX -d /tmp/tmp-rrhisg -r /ca/agent/ca/profileReview?requestId=6 ipa.dbmsrl.com:9443' returned non-zero exit status 4
>
> Here the log file: http://pastebin.com/wCGUdu7h
>
> The server is a CentOS Linux 2.6.32-358.23.2.el6.x86_64 and i use FreeIPA 3.0.0
>
> Can someone help me?
>
-12195 is SSL_ERROR_UNKNOWN_CA_ALERT in NSS.
I wonder if the root chain you gave to the IPA installer was complete.
rob
More information about the Freeipa-users
mailing list