[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-users] FreeIPA 4.0.0 "Peer's certificate issuer has been marked as not trusted by the user."



On Wed, 16 Jul 2014, Nordgren, Bryce L -FS wrote:
On a clean Fedora 20, minimal install, system using the netinstall iso,
I'm getting an error all the way at the end of the ipa-server-install
process (when it tries to run ipa-client-install). I put the fqdn of
the hostname in /etc/hostname and "ipaddr ipa.usfs-i2.umt.edu ipa" in
/etc/hosts and rebooted. Hostname returns the fqdn. DNS A, SRV, and TXT
entries are in place. Reverse DNS works.

Copr repository installed, and fedora-updates-testing enabled (for
required version of dirsrv). Yum refused to install freeipa-server for
reason of unsatisfied dependencies, but dnf succeeded.

Tail end of ipa-server-install is here, followed by a successful kinit
and a failed "ipa" command. I can fix the cert issue on the server by
following
http://www.iamlinux.com/2014/06/ipa-commands-fails-with-peers-certificate-issuer-has-been-marked-as-not-trusted-by-the-user-error/.
This allows ipa commands on the server to work. However,
ipa-client-install on the client fails with the same "Peer's
certificate issuer has been marked as not trusted by the user." Is this
a dorky new user problem or should I file a bug?
Check /var/log/ipaclient-install.log first, as your IPA client install
did not finish, thus certificates store wasn't created properly and does
not contain IPA CA certificate yet.


--
/ Alexander Bokovoy


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]