[Freeipa-users] ocsp server not respondig after migrating from centos 6.7 to 7.1
Natxo Asenjo
natxo.asenjo at gmail.com
Sat Sep 12 07:43:29 UTC 2015
hi,
In a test network I followed the procedure especified in
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/migrating-ipa-proc.html
to migrate from a centos 6.7 ipa server to a new centos 7 ipa server.
Everything went fine, I shutdown the centos 6.7 host and i can kinit to the
test realm like before with everything being handled by the centos 7.1 ipa
server.
Unfortunately, firefox is not loading the web ui with the message:
An error occurred during a connection to kdc2.unix.domain.tld. The OCSP
server experienced an internal error. (Error code:
sec_error_ocsp_server_error)
Chrome works fine, it does not query the ocsp responder apparently. If I
turn off the ocsp queries in firefox, everything works.
So how can I troubleshoot this? I have turned off the firewall in the
centos 7.1 hosts, selinux is permissive.
--
Groeten,
natxo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150912/9b7e1729/attachment.htm>
More information about the Freeipa-users
mailing list