[Pki-users] Addendum: 10.0.2 CA Instllation failed on LDAP and CA chain
Ade Lee
alee at redhat.com
Mon May 6 14:08:10 UTC 2013
Those values should have been set during installation.
To debug this, I need to see:
rpm -q pki-server
rpm -qa |grep pki
cat etc/redhat-release
getenforce
logs under /var/log/pki/pki-tomcat
I'm a little confused that you got as far as being able to start
installing the TPS with the CA not installed correctly. To install a
TPS, you must install a TKS first. Also, you may also install a KRA if
you plan to use server side key generation.
Please note also, there is currently an selinux bug that will require
you to have selinux in permissive mode when installing a TPS or RA.
Ade
On Mon, 2013-05-06 at 14:50 +0200, Buckingham wrote:
> Hello,
>
> After further investigation into the failing setup/configuration, I
> found that /etc/pki/pki-tomcat/ca/CS.cfg has no values set for the
> following:
> authz.instance.DirAclAuthz.ldap.basedn
> authz.instance.DirAclAuthz.ldap.ldapconn.host
> authz.instance.DirAclAuthz.ldap.ldapconn.port
>
> Also authz.instance.DirAclAuthz.ldap.ldapauth.bindDN does not set
> the DN that I entered during interactive setup.
>
> My question is: why do these variables in the CS.cfg fail to get
> set during both interactinve and non-interactive installations?
>
> Regards
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
More information about the Pki-users
mailing list