[Freeipa-users] Still unclear about relation between IPA DNS domain and company DNS domain.
Brian Candler
b.candler at pobox.com
Fri Dec 23 10:15:50 UTC 2016
On 23/12/2016 09:47, Brian Candler wrote:
> /etc/pki/pki-tomcat/ca/CS.cfg:ca.defaultOcspUri=http://ipa-ca.bar.example.com/ca/ocsp
>
>
> However the installation process didn't actually create this DNS
> entry, so the ipa-ca hostname is not resolvable.
Aside: I think this was because ipatest.foo.example.com was only in
/etc/hosts, not in the DNS. Installation message:
ipa : ERROR unable to resolve host name
ipatest.foo.example.com. to IP address, ipa-ca DNS record will be incomplete
But if it had used gethostent() or similar, it would have worked:
# getent hosts ipatest.foo.example.com
100.64.2.3 ipatest.foo.example.com ipatest
Regards,
Brian.
More information about the Freeipa-users
mailing list