Vinny Del Signore via FreeIPA-users wrote: > Hello all, > > Has anyone seen this issue? We've tried to generate a new CA and SSL Cert. > > *IPA v.3.0.0-50 * > > # *rpm -qa | grep ipa-server* > ipa-server-selinux-3.0.0-50.el6.1.x86_64 > ipa-server-3.0.0-50.el6.1.x86_64 > > root ldap-srv /var/log/dirsrv/slapd-DOMAIN-COM > #*ipa-replica-prepare --ip-address=10.10.xx.xx rtlvxl0055.test.local* > Directory Manager (existing master) password: > > Preparing replica for rtlvxl0055.test.local from ldap-srv.domain.com > Creating SSL certificate for the Directory Server > *preparation of replica failed: cannot connect to > 'https://ldap-srv.domain..com:9444/ca/ee/ca/profileSubmitSSLClient': > (PR_END_OF_FILE_ERROR) Encountered end of file.* > *cannot connect to > 'https://ldap-srv.domain..com:xxxx/ca/ee/ca/profileSubmitSSLClient': > (PR_END_OF_FILE_ERROR) Encountered end of file.* > File "/usr/sbin/ipa-replica-prepare", line 490, in <module> > main() > > File "/usr/sbin/ipa-replica-prepare", line 361, in main > export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "dscert", > replica_fqdn, subject_base) > > File "/usr/sbin/ipa-replica-prepare", line 150, in export_certdb > raise e > > root ldap-srv /var/log/dirsrv/slapd-DOMAIN-COM > # > root ldap-srv /var/log/dirsrv/slapd-DOMAIN-COM > # rpm -qa | grep ipa-server > ipa-server-selinux-3.0.0-50.el6.1.x86_64 > ipa-server-3.0.0-50.el6.1.x86_64 > root ldap-srv /var/log/dirsrv/slapd-DOMAIN-COM > # uname -r > 2.6.32-642.3.1.el6.x86_64 > root ldap-srv /var/log/dirsrv/slapd-DOMAIN-COM > # cat /etc/redhat-release > Red Hat Enterprise Linux Server release 6.6 (Santiago) > root ldap-srv /var/log/dirsrv/slapd-DOMAIN-COM > #
See if your CA is up, look for a running tomcat process, ensure that the certs aren't expired: getcert list | grep expires, check the debug log in /var/log/pki/<something>/debug rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
