[Freeipa-users] ipa-replica-install fails at CA setup

Rob Crittenden rcritten at redhat.com
Wed Apr 29 16:14:46 UTC 2015 

Qing Chang wrote:
> mripa2.mr.ric is the server to be setup as replica. I wonder if the ldap
> service was available at all at installation stage.

I think we'd need to see the full ipareplica-install.log.

You might also want to see if a ns-slapd process is running and check
/var/log/dirsrv/slapd-REALM/errors for anything interesting.

rob

> 
> Thanks,
> Qing
> 
> On Wed, Apr 29, 2015 at 10:29 AM, Qing Chang <tmpchq at gmail.com
> <mailto:tmpchq at gmail.com>> wrote:
> 
>     CentOS7.1 with IPA server 4.1.
> 
>     "ipa-replica-install --setup-ca --setup-dns ..." fails with this
>     error message:
>     -----
>       [2/22]: configuring certificate server instance
>     ipa         : CRITICAL failed to configure ca instance Command
>     ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpaUGoKX'' returned
>     non-zero exit status 1
>       [error] RuntimeError: Configuration of CA failed
>     -----
> 
>     ipareplica-install.log shows this:
>     -----
>     2015-04-29T13:40:11Z DEBUG Saving StateFile to
>     '/var/lib/ipa/sysrestore/sysrestore.state'
>     2015-04-29T13:40:11Z DEBUG Starting external process
>     2015-04-29T13:40:11Z DEBUG args='/usr/sbin/pkispawn' '-s' 'CA' '-f'
>     '/tmp/tmpaUGoKX'
>     2015-04-29T13:40:51Z DEBUG Process finished, return code=1
>     2015-04-29T13:40:51Z DEBUG stdout=Loading deployment configuration
>     from /tmp/tmpaUGoKX.
>     Installing CA into /var/lib/pki/pki-tomcat.
>     Storing deployment configuration into
>     /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.
> 
>     Installation failed.
> 
> 
>     2015-04-29T13:40:51Z DEBUG stderr=pkispawn    : ERROR    .......
>     Exception from Java Configuration Servlet: Error in populating
>     database: Could not connect to LDAP server host mrip
>     a2.mr.ric port 389 Error netscape.ldap.LDAPException: failed to
>     connect to server ldap://mripa2.mr.ric:389 (91)
> 
>     2015-04-29T13:40:51Z CRITICAL failed to configure ca instance
>     Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpaUGoKX''
>     returned non-zero exit status 1
>     2015-04-29T13:40:51Z DEBUG Traceback (most recent call last):
>       File
>     "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>     line 382, in start_creation
>         run_step(full_msg, method)
>       File
>     "/usr/lib/python2.7/site-packages/ipaserver/install/service.py",
>     line 372, in run_step
>         method()
>       File
>     "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py",
>     line 673, in __spawn_instance
>         raise RuntimeError('Configuration of CA failed')
>     RuntimeError: Configuration of CA failed
>     -----
> 
>     I hope this is enough information.
> 
>     Thanks in advance,
> 
>     Qing Chang
> 
> 
> 
>

More information about the Freeipa-users mailing list