[Freeipa-users] problem with reinstall ipa client
Dmitri Pal
dpal at redhat.com
Sat Apr 25 13:16:12 UTC 2015
On 04/25/2015 01:27 AM, alireza baghery wrote:
> hi
> i REMOVE server ipa-server (3.0.0 centos 6.5) with HOSTNAME (ipasrv.linux)
> and REINSTALL server ipa with same hostname and OS (centos 6.5)
> server IPA integrate with AD windows (2008)
> and on Clients first Uninstall IPa-Client with Command
> ipa-client-install --uninstall
> but when i want INSTALL ipa-client -install --mkhomedir get ERROR
> ####
> LDAP Error: Connect error: TLS error -8054:You are attempting to
> import a cert with the same issuer/serial as an existing cert, but
> that is not the same cert.
> ####
> thnks every body
>
>
When you install the client IPA issues a cert that is tracked by
certmonger on the client.
If you uninstall the client the cert might still be there.
When then you reinstall the client it tries to get the cert again and
since it is a different server but client with the same name you get a
mismatch of the cert. The error is about that.
Please try this:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/manually-unconfig-machines.html
However I thought that this was fixed quite some time ago but may be it
did not make 6.5.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150425/a0eeb56e/attachment.htm>
More information about the Freeipa-users
mailing list