[Freeipa-users] ipa-replica-prepare error
Orion Poplawski
orion at cora.nwra.com
Thu May 28 20:44:21 UTC 2015
We did a CAless install:
ipa-server-install -r NWRA.COM -n nwra.com -p `cat /etc/ldap.secret` -a `cat
/etc/ldap.secret` --root-ca-file=PositiveSSLCA2.crt
--dirsrv_pkcs12=nwra.com.p12 --dirsrv_pin=XXXX --http_pkcs12=nwra.com.p12
--http_pin=XXXX --idstart=8000
But now when we try to setup a replica:
# ipa-replica-prepare ipa1.nwra.com --dirsrv_pkcs12=nwra.com.p12
--dirsrv_pin=XXXX --http_pkcs12=nwra.com.p12 --http_pin=XXXX
Directory Manager (existing master) password:
The full certificate chain is not present in nwra.com.p12
p12 file was created with:
openssl pkcs12 -export -in /etc/pki/tls/certs/nwra.com.crt -inkey
/etc/pki/tls/private/nwra.com.key -certfile
/etc/pki/tls/certs/PositiveSSLCA2.crt -out nwra.com.p12
ipa-server-4.1.0-18.sl7_1.3.x86_64
Any thoughts?
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the Freeipa-users
mailing list