[Freeipa-users] Failed to start pki-tomcatd Service
Alexandre Ellert
ellertalexandre at gmail.com
Fri Aug 28 15:46:35 UTC 2015
> Le 28 août 2015 à 17:41, Alexander Bokovoy <abokovoy at redhat.com> a écrit :
>
> On Fri, 28 Aug 2015, Alexandre Ellert wrote:
>>
>>> Le 28 août 2015 à 17:09, Alexander Bokovoy <abokovoy at redhat.com> a écrit :
>>>
>>> On Wed, 26 Aug 2015, Alexandre Ellert wrote:
>>>>
>>>>> Le 28 juil. 2015 à 05:59, Alexander Bokovoy <abokovoy at redhat.com> a écrit :
>>>>>> If the problem is too hard to solve, maybe I should try to deploy another
>>>>>> replica ?
>>>>> You may try that. Sorry for not responding, I have some other tasks that
>>>>> occupy my time right now.
>>>>>
>>>>
>>>>
>>>> Can you please tell me the procedure to decommission and re-create a new replica ?
>>>> Are "ipa-server-install —uninstall" then "ipa-server-install" the only things to do ?
>>> No, you need also to remove the server from the replication topology.
>>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/removing-replica.html
>>>
>>> --
>>> / Alexander Bokovoy
>>
>> I can’t remove the node on which I have problem with pki-tomcatd :
>>
>> # ipa-replica-manage del xxxx.example.com
>> Deleting a master is irreversible.
>> To reconnect to the remote master you will need to prepare a new replica file
>> and re-install.
>> Continue to delete? [no]: yes
>> Deleting this server is not allowed as it would leave your installation without a CA
>>
>> I seem that it’s the only node where CA is installed. What should I do now ?
> Add a replica with CA using ipa-ca-install on existing replica.
>
> Read the guide, it has detailed coverage of these situations.
> --
> / Alexander Bokovoy
On the first node (which is working and without pki-tomcatd service)
# ipa-ca-install
Directory Manager (existing master) password:
CA is already installed.
How is it possible ?
More information about the Freeipa-users
mailing list