<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-cite-prefix">On 04/28/2014 11:08 AM, Bret Wortman
wrote:<br>
</div>
<blockquote cite="mid:535E6EF7.8090100@damascusgrp.com" type="cite">
<br>
On 04/28/2014 10:48 AM, Rob Crittenden wrote:
<br>
<blockquote type="cite">Bret Wortman wrote:
<br>
<blockquote type="cite">
<br>
On 04/28/2014 10:21 AM, Bret Wortman wrote:
<br>
<blockquote type="cite">
<br>
On 04/28/2014 08:33 AM, Petr Viktorin wrote:
<br>
<blockquote type="cite">
<br>
According to the error you're getting, there is a CA
instance already
<br>
installed.
<br>
After uninstalling IPA, destroy it with:
<br>
pkidestroy -s CA -i pki-tomcat
<br>
<br>
<br>
</blockquote>
I tried, this, but no joy.
<br>
<br>
# pkidestroy -s CA -i pki-tomcat
<br>
Loading deployment configuration from
/var/lib/pki/pki-tomcat
<br>
/ca/registry/ca/deployment.cfg.
<br>
Uninstalling CA from /var/lib/pki/pki-tomcat.
<br>
pkidestroy : WARNING ....... this 'CA' entry will NOT be
deleted from
<br>
security domain 'unknown'!
<br>
pkidestroy : ERROR ....... No security domain defined.
<br>
If this is an unconfigured instance, then that is OK.
<br>
Otherwise, manually delete the entry from the security
domain master.
<br>
<br>
Uninstallation complete.
<br>
#
<br>
<br>
And then when I tried to run ipa-server-install, I got the
same error
<br>
again. I may just wipe the box and start over. It might take
less time
<br>
overall.
<br>
<br>
<br>
Bret
<br>
<br>
</blockquote>
This, BTW, is on F20 using freeipa 3.3.4-3 and pki-ca 10.1.1-1
(also
<br>
dogtag-10.1.1-1).
<br>
</blockquote>
<br>
From the ipa-server installation output the error looks the
same, but the underlying error should be different when there
isn't already a PKI instance.
<br>
<br>
If the PKI installer fails early enough we don't record that it
was installed which is why ipa-server-install --uninstall
doesn't remove it. We have a ticket open for this.
<br>
<br>
rob
<br>
<br>
</blockquote>
So is there a recommended way to clean it up and get it working?
<br>
<br>
</blockquote>
Never mind; I found the bug (953488) which said to:<br>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<pre class="bz_comment_text
bz_wrap_comment_text" id="comment_text_12" style="font-size: small; font-family: monospace; white-space: pre-wrap; word-wrap: break-word; width: 50em; color: rgb(0, 0, 0); font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"># pkidestroy -s CA -i pki-tomcat
ERROR: PKI instance '/var/lib/pki/pki-tomcat' does NOT exist!
# rm -rf /var/log/pki/pki-tomcat
# rm -rf /etc/sysconfig/pki-tomcat
# rm -rf /etc/sysconfig/pki/tomcat/pki-tomcat
# rm -rf /var/lib/pki/pki-tomcat
# rm -rf /etc/pki/pki-tomcat
# ipa-server-install --uninstall</pre>
And re-run installation. This didn't work for me. Was there another
bug that I missed?<br>
<br>
<br>
</body>
</html>