[Freeipa-users] Error creating new freeipa-server

Bret Wortman bret.wortman at damascusgrp.com
Mon Apr 28 11:52:36 UTC 2014 

I'm trying to stand up a new ipa server on a clean box, and I keep 
getting this error so _something_ is amiss but I'm not sure what:

:
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 
30 seconds
     [1/22]: creating certificate server user
     [2/22]: configuring certificate server instance
ipa        : CRITICAL failed to configure ca instance Command 
'/usr/sbin/pkispawn -s CA -f /tmp/tmpX8RW20' returned non-zero exit status 1
Configuration of CA failed
#

In the /var/log/ipaserver-install.log, I see this:

:
:
Installing CA into /var/lib/pki/pki-tomcat.

Installation failed.


2014-04-28T11:43:46Z DEBUG stderr=pkispawn     : ERROR ........ PKI 
subsystem 'CA' for instance 'pki-tomcat' already exists!

2014-04-28T11:432:46Z CRITICAL failed to configure ca instance Command 
'/usr/sbin/pkispawn -s CA -f /tmp/tmpX8RW20' returned non-zero exit status 1
2014-04-28T11:43:46Z DEBUG   File 
"/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", 
line 622, in run_script
     return_value = main_function()

   File "/usr/sbin/ipa-server-install", line 1074, in main
     dm_password, subject_base=options.subject)

   File 
"/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 
478, in configure_instance
     self.start_creation(runtime=210)

   File "/usr/lib/python2.7/site-packages/ipaserver/isntall/service.py", 
line 364, in start_creation
     method()

   File 
"/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 
604, in __spawn_instance
     raise RUntimeError('Configuration of CA failed')
:
:

So it looks like somehow this has gotten configured already. Possibly 
Puppet copied over something it shouldn't have. What do I need to remove 
to make this step work without removing so much that I render something 
inoperable?


-- 
*Bret Wortman*

http://damascusgrp.com/
http://about.me/wortmanbret

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140428/0ca9dcee/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 51f7de33e4b08d2bdb8b4860
Type: image/png
Size: 28526 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140428/0ca9dcee/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3766 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140428/0ca9dcee/attachment.p7s>

More information about the Freeipa-users mailing list