[Freeipa-users] ipa-replica-prepare error: Profile caIPAserviceCert Not Found
Karl Forner
karl.forner at gmail.com
Tue Dec 22 09:06:55 UTC 2015
Hi Fraser,
The ipa-replica-prepare ran in a adelton/freeipa-server:lastest-systemd
docker, which I think is based on fedora 23 and contains freeIPA v 4.2.3.
I can try to patch it, but I'm really not used to fedora, and moreover
there's a debian/docker bug that prevents me from building the docker image
on my computers.
Thanks,
Karl
On Tue, Dec 22, 2015 at 2:46 AM, Fraser Tweedale <ftweedal at redhat.com>
wrote:
> On Mon, Dec 21, 2015 at 01:57:02PM +0100, Karl Forner wrote:
> > Hello,
> >
> > Running:
> > ipa-replica-prepare ipa-h3s1.example.com --ip-address xx.xx.xx.xx -d -v
> > fails
> > with
> > ipa: DEBUG: Protocol: TLS1.2
> > ipa: DEBUG: Cipher: TLS_RSA_WITH_AES_128_CBC_SHA
> > ipa: DEBUG: request status 200
> > ipa: DEBUG: request reason_phrase u'OK'
> > ipa: DEBUG: request headers {'date': 'Mon, 21 Dec 2015 12:50:59 GMT',
> > 'content-length': '148', 'content-type': 'application/xml', 'server':
> > 'Apache-Coyote/1.1'}
> > ipa: DEBUG: request body '<?xml version="1.0" encoding="UTF-8"
> > standalone="no"?><XMLResponse><Status>1</Status><Error>Profile
> > caIPAserviceCert Not Found</Error></XMLResponse>'
> > ipa.ipaserver.install.ipa_replica_prepare.ReplicaPrepare: DEBUG: File
> > "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in
> > execute
> >
> > The context is probably unusual:
> > I run the command on a replica with CA from a server in freeipa v4.1.4
> (in
> > a adelton/freeipa-server docker)
> > which is a freeipa v4.2.3 running in
> > adelton/freeipa-server:lastest-systemd docker
> >
> > I found this ticket which looks similar:
> > https://fedorahosted.org/freeipa/ticket/5376
> >
> > Is there something wrong with my replica knowing that it has been
> > replicated from a 4.1.4 ?
> > Is there a work-around ?
> >
> > Thanks
> > Karl
>
> Hi Karl,
>
> I have a patch for Dogtag that I think will fix this issue. Would
> you be willing to test it? If so, which version of Fedora/RHEL are
> you using and I will prepare a build.
>
> Regards,
> Fraser
>
> > --
> > Manage your subscription for the Freeipa-users mailing list:
> > https://www.redhat.com/mailman/listinfo/freeipa-users
> > Go to http://freeipa.org for more info on the project
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151222/15224ff8/attachment.htm>
More information about the Freeipa-users
mailing list