[Freeipa-users] Setup of freeipa 4.2.3 failed
Markus Roth
markus at die5roths.de
Fri Jan 8 12:06:02 UTC 2016
Hi all,
I tried to install freeipa server (freeipa-server.armv7hl 4.2.3-
1.1.fc23), but the installation failed.
-----------------------------------------------------
Configuring NTP daemon (ntpd)
[1/4]: stopping ntpd
[2/4]: writing configuration
[3/4]: configuring ntpd to start on boot
[4/4]: starting ntpd
Done configuring NTP daemon (ntpd).
Configuring directory server (dirsrv). Estimated time: 1 minute
[1/43]: creating directory server user
[2/43]: creating directory server instance
[3/43]: adding default schema
[4/43]: enabling memberof plugin
[5/43]: enabling winsync plugin
[6/43]: configuring replication version plugin
[7/43]: enabling IPA enrollment plugin
[8/43]: enabling ldapi
[9/43]: configuring uniqueness plugin
[10/43]: configuring uuid plugin
[11/43]: configuring modrdn plugin
[12/43]: configuring DNS plugin
[13/43]: enabling entryUSN plugin
[14/43]: configuring lockout plugin
[15/43]: creating indices
[16/43]: enabling referential integrity plugin
[17/43]: configuring certmap.conf
[18/43]: configure autobind for root
[19/43]: configure new location for managed entries
[20/43]: configure dirsrv ccache
[21/43]: enable SASL mapping fallback
[22/43]: restarting directory server
[23/43]: adding default layout
[24/43]: adding delegation layout
[25/43]: creating container for managed entries
[26/43]: configuring user private groups
[27/43]: configuring netgroups from hostgroups
[28/43]: creating default Sudo bind user
[29/43]: creating default Auto Member layout
[30/43]: adding range check plugin
[31/43]: creating default HBAC rule allow_all
[32/43]: creating default CA ACL rule
[33/43]: adding entries for topology management
[34/43]: initializing group membership
[35/43]: adding master entry
[36/43]: initializing domain level
[37/43]: configuring Posix uid/gid generation
[38/43]: adding replication acis
[39/43]: enabling compatibility plugin
[40/43]: activating sidgen plugin
[41/43]: activating extdom plugin
[42/43]: tuning directory server
[43/43]: configuring directory to start on boot
Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
30 seconds
[1/25]: creating certificate server user
[2/25]: configuring certificate server instance
[3/25]: stopping certificate server instance to update CS.cfg
[4/25]: backing up CS.cfg
[5/25]: disabling nonces
[6/25]: set up CRL publishing
[7/25]: enable PKIX certificate path discovery and validation
[8/25]: starting certificate server instance
[9/25]: creating RA agent certificate database
[10/25]: importing CA chain to RA certificate database
[11/25]: fixing RA database permissions
[12/25]: setting up signing cert profile
[13/25]: setting audit signing renewal to 2 years
[14/25]: restarting certificate server
[15/25]: requesting RA certificate from CA
[16/25]: issuing RA agent certificate
[17/25]: adding RA agent as a trusted user
[18/25]: authorizing RA to modify profiles
[19/25]: configure certmonger for renewals
[20/25]: configure certificate renewals
[21/25]: configure RA certificate renewal
[22/25]: configure Server-Cert certificate renewal
[23/25]: Configure HTTP to proxy connections
[24/25]: restarting certificate server
[25/25]: Importing IPA certificate profiles
Done configuring certificate server (pki-tomcatd).
Configuring directory server (dirsrv). Estimated time: 10 seconds
[1/3]: configuring ssl for ds instance
[error] RuntimeError: Certificate issuance failed
ipa.ipapython.install.cli.install_tool(Server): ERROR Certificate
issuance failed
-----------------------------------------------
The last messages in the log file (/var/log/ipaserver-install.log):
File "/usr/lib/python2.7/site-
packages/ipaserver/install/dsinstance.py", line 637, in __enable_ssl
self.nickname, self.fqdn, cadb)
File "/usr/lib/python2.7/site-packages/ipaserver/install/certs.py",
line 337, in create_server_cert
cdb.issue_server_cert(self.certreq_fname, self.certder_fname)
File "/usr/lib/python2.7/site-packages/ipaserver/install/certs.py",
line 419, in issue_server_cert
raise RuntimeError("Certificate issuance failed")
2016-01-08T09:33:47Z DEBUG The ipa-server-install command failed,
exception: RuntimeError: Certificate issuance failed
2016-01-08T09:33:47Z ERROR Certificate issuance failed
any ideas about this error?
Markus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160108/3fe54dc6/attachment.htm>
More information about the Freeipa-users
mailing list