On Mon, Oct 05, 2015 at 09:47:14AM -0400, Simo Sorce wrote: > On 05/10/15 09:42, Oleg Fayans wrote: > >1. At one point ipa-replica-install on a configured client has thrown > >the following error: > > > >Configuring ipa-custodia > > [1/5]: Generating ipa-custodia config file > > [2/5]: Generating ipa-custodia keys > > [3/5]: Importing RA Key > > [error] HTTPError: 502 Server Error: Proxy Error > >Your system may be partly configured. > >Run /usr/sbin/ipa-server-install --uninstall to clean up. > > > >ipa.ipapython.install.cli.install_tool(Replica): ERROR 502 Server > >Error: Proxy Error > > > >(corresponding part of the error log of dirsrv attached) > > Seem like the peer server was unreachable ? > Was there a networking problem ?
I've hit the same issue, during demo today, on a third replica I was creating. I was using four VMs on my laptop so no networking issue should have caused that. On the replica (being promoted), /var/log/ipareplica-install.log ends with On the master, in the error_log, I see [Tue Oct 06 13:22:33.196769 2015] [wsgi:error] [pid 10789] ipa: INFO: [jsonserver_session] ad...@example.test: service_add(u'HTTP/ipa-4.example.t...@example.test', version=u'2.112'): SUCCESS [Tue Oct 06 13:22:39.231882 2015] [wsgi:error] [pid 10788] ipa: INFO: [xmlserver] host/ipa-4.example.t...@example.test: cert_request(u'MIIDWDCCAkACAQAwHTEbMBkGA1UEAxMSaXBhLTQuZXhhbXBsZS50ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1pFdI1FuH1ad882x27i+oi3alabIt1hZjeGyT2zfEWaLajgAcDtT1RjWWFzrWtn9YJAe+3cm7R21MI8eFS1aCBlPaRgBLtefaakQy99k8p3IC8LwZxX9bvPPTuZVuF73DYXmaQAgpe/W7TLhCSFwZqht5D8aG0B7qm2E+mpclqKdlbk9egq8K8zFxs4mbLAuEd95wpSBJWnuaTPwRzrjpniCdl5OFof+ImTIMTVS6+5RUxB6KCi5WpGLbrAZWpHZ80a+weo0RK098r1GMT7LSTTZvOmJ22d15Ub0vQXTqVgAMVtt221vEZ1ZhRsLTbeh89JsDKOonNWk6VwOsYHnQIDAQABoIH1MCUGCSqGSIb3DQEJFDEYHhYAUwBlAHIAdgBlAHIALQBDAGUAcgB0MIHLBgkqhkiG9w0BCQ4xgb0wgbowgYcGA1UdEQEBAAR9MHugNAYKKwYBBAGCNxQCA6AmDCRIVFRQL2lwYS00LmV4YW1wbGUudGVzdEBFWEFNUExFLlRFU1SgQwYGKwYBBQICoDkwN6AOGwxFWEFNUExFLlRFU1ShJTAjoAMCAQGhHDAaGwRIVFRQGxJpcGEtNC5leGFtcGxlLnRlc3QwDAYDVR0TAQH/BAIwADAgBgNVHQ4BAQAEFgQUZsVqOSFYBWZnFs42WMXGAag8w20wDQYJKoZIhvcNAQELBQADggEBAJDlTLM1Iyb4We61xIXttSReAbi0seO/ZevSiPN+orHdr+YLSD! pbS6CSXm5X9Asvlo8iu0iRFrj/CUJAyPu+M7v+lfr3VwrKErycrczt5O4xgGPGfs0XODSlwQOG57SUyQyLXdyLPJtks/ah/LkfbCevew0cjhSnjEN7RpbV6Azh05vMyzF6J7NXlRLFzDDcz099Tug4Siuwsi/Y3AD0b+IR6I1ZOfLKzzzSEu+sC32JzaVythN3TbPqjeyGy/on3JsQTlznzn2LEVVoPioyF1oHyI7hG1OheTNjCoZXgfJUp1Ftct6YhsfhzglORcbmqDL00DdCU/789G5IworCCYo=', principal=u'HTTP/ipa-4.example.t...@example.test', add=True, version=u'2.51'): SUCCESS [Tue Oct 06 13:22:47.652434 2015] [proxy_http:error] [pid 1394] (20014)Internal error: [client 192.168.100.229:49031] AH01102: error reading status line from remote server httpd-UDS:0 [Tue Oct 06 13:22:47.652476 2015] [proxy:error] [pid 1394] [client 192.168.100.229:49031] AH00898: Error reading from remote server returned by /ipa/keys/ra/ipaCert [Tue Oct 06 13:24:31.017069 2015] [wsgi:error] [pid 10789] ipa: INFO: [jsonserver_kerb] ad...@example.test: ping(): SUCCESS -- Jan Pazdziora Senior Principal Software Engineer, Identity Management Engineering, Red Hat -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code