[Freeipa-users] ipa-replica-prepare error
Jan Cholasta
jcholast at redhat.com
Wed Jul 15 05:53:30 UTC 2015
Hi,
Dne 10.7.2015 v 22:33 Orion Poplawski napsal(a):
> On 07/08/2015 11:31 AM, Orion Poplawski wrote:
>> But then when I go to make a replica:
>>
>> # ipa-replica-prepare ipa1.nwra.com --dirsrv_pkcs12=nwra.com.p12
>> --dirsrv_pin=XXXXXX --http_pkcs12=nwra.com.p12 --http_pin=XXXXXX
>> Directory Manager (existing master) password:
>>
>> (SEC_ERROR_LIBRARY_FAILURE) security library failure.
>>
>> Which looks like others are experiencing (with not resolution that I could
>> see) https://www.redhat.com/archives/freeipa-users/2015-April/msg00514.html
Unfortunately this error code can mean almost anything, NSS isn't
particularly helpful with errors.
>>
>> Putting AddTrustExternalCARoot into nwra.com.p12 doesn't appear to help.
>>
>
> Filed https://fedorahosted.org/freeipa/ticket/5117
>
Without ipa-replica-prepare log or pk12util output it's really hard to
tell what's going on. Could you provide the output of the following
commands:
# pk12util -l nwra.com.p12
# ipa-replica-prepare -v ipa1.nwra.com --dirsrv_pkcs12=nwra.com.p12
--dirsrv_pin=XXXXXX --http_pkcs12=nwra.com.p12 --http_pin=XXXXXX
?
Honza
--
Jan Cholasta
More information about the Freeipa-users
mailing list