[Freeipa-users] ipa-client-install error
ladanyi at ira.uka.de
ladanyi at ira.uka.de
Sat Sep 26 11:35:20 UTC 2015
Hi Bahan,
> Hey.
>
> Try to remove the cert file in /etc/ipa of this client.
>
> And then retry.
>
this was perfect :-) Thank you.
> Best regards.
>
> Bahan
Andy
> Hi,
>
> I want to install ipa client: ipa-client-install -d
>
> I get the following error:
>
> Verifying that "MyFreeIPA Server" (realm None) is an IPA server
> Init LDAP connection to: "MyFreeIPA Server"
> Error checking LDAP: Connect error: TLS error -8054:You are attempting
> to import a cert with the same issuer/serial as an existing cert, but
> that is not the same cert.
> Skip "MyFreeIPA Server" : cannot verify if this is an IPA server
> Discovery result: UNKNOWN_ERROR; ...................................
> Validated servers:
> Failed to verify that "MyFreeIPA Server" is an IPA Server.
> This may mean that the remote server is not up or is not reachable due
> to network or firewall settings.
> Please make sure the following ports are opened in the firewall settings:
> TCP: 80, 88, 389
> UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
> Also note that following ports are necessary for ipa-client working
> properly after enrollment:
> TCP: 464
> UDP: 464, 123 (if NTP enabled)
> "MyFreeIPA Server" : Provided interactively)
> Installation failed. Rolling back changes.
> IPA client is not configured on this system.
>
>
> selinux on the ipa client and ipa server ist permissive, iptables is empty.
>
> It seems to be a problem with the SSL certificate of freeipa.
>
>
> About the client:
>
> rpm -qi ipa-client
> Name : ipa-client
> Version : 4.1.0
> Release : 18.el7.centos.4
>
>
> About the freeipa server:
>
> rpm -qi freeipa-server
> Name : freeipa-server
> Version : 4.1.4
> Release : 1.fc21
>
>
> regards,
> Andy
More information about the Freeipa-users
mailing list