[Freeipa-users] Trouble installing F21 4.1.2 replica from F20 3.3.5 master
Anthony Messina
amessina at messinet.com
Tue Jan 6 16:30:51 UTC 2015
Quoting Endi Sukma Dewata <edewata at redhat.com>:
> On 1/6/2015 4:55 AM, Anthony Messina wrote:
>>> I'm discussing this with Ade (CC'd). Based on the stack trace it looks
>>> like the replica thinks the master returns an incomplete information
>>> about the security domain, probably due to the different Dogtag versions
>>> used in master and replica.
>>>
>>> We need some additional info:
>>>
>>> 1. What is the pki-ca version on the master (F20)?
>>
>> pki-ca-10.1.2-7.fc20.noarch
>>
>>> 2. What is the pki-ca version on the replica (F21)?
>>
>> pki-ca-10.2.0-5.fc21.noarch
>>
>>> 3. What is the output of this URL on the master?
>>> https://<master>:8443/ca/rest/securityDomain/domainInfo
>>
>> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
>> <DomainInfo id="IPA">
>> <Subsystem id="CA">
>> <Host id="CA ipa1.example.com 443">
>> <Clone>FALSE</Clone>
>> <DomainManager>TRUE</DomainManager>
>> <Hostname>ipa1.example.com</Hostname>
>> <Port>80</Port>
>> <SecureAdminPort>443</SecureAdminPort>
>> <SecureAgentPort>443</SecureAgentPort>
>> <SecureEEClientAuthPort>443</SecureEEClientAuthPort>
>> <SecurePort>443</SecurePort>
>> <SubsystemName>CA ipa1.example.com 8443</SubsystemName>
>> </Host>
>> <Host id="CA ipa2.example.com 443">
>> <Clone>TRUE</Clone>
>> <DomainManager>TRUE</DomainManager>
>> <Hostname>ipa2.example.com</Hostname>
>> <Port>80</Port>
>> <SecureAdminPort>443</SecureAdminPort>
>> <SecureAgentPort>443</SecureAgentPort>
>> <SecureEEClientAuthPort>443</SecureEEClientAuthPort>
>> <SecurePort>443</SecurePort>
>> <SubsystemName>CA ipa2.example.com 8443</SubsystemName>
>> </Host>
>> </Subsystem>
>> </DomainInfo>
>
> Thanks for the info. This is indeed a bug. I filed the following
> ticket for Dogtag:
> https://fedorahosted.org/pki/ticket/1235
>
> --
> Endi S. Dewata
Thank you Endi. -A
--
Anthony - https://messinet.com - https://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: PGP Digital Signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150106/f57429f3/attachment.sig>
More information about the Freeipa-users
mailing list