Oleg,

IIRC, this is a known issue:

https://pagure.io/freeipa/issue/6766
https://pagure.io/dogtagpki/issue/2644
https://pagure.io/dogtagpki/issue/2646

cheers
L.

------
"Mission Statement: To provide hope and inspiration for collective action,
to build collective power, to achieve collective transformation, rooted in
grief and rage but pointed towards vision and dreams."

 - Patrisse Cullors, *Black Lives Matter founder*

On 22 June 2017 at 00:28, Oleg Danilovich via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:

> Hello guys,
> I have problems with creation freeipa master replica.
>
> ipa --version
> VERSION: 4.3.1, API_VERSION: 2.164
> Master server Idp+self sign CA
>
> I want create full replica of master server
> Host for replica in domain (ipa-client-install -U --domain= --server=
> ipa1.itcapital.io --password= --principal=--hostname= --no-ntp
> --mkhomedir)
>
> I try to create replica:
> ipa-replica-install --hostname=<domain name> --domain=<domain name>
> --server=<ipa server name> --password=XXXXXX --principal=admin --setup-ca
>
> Replica installation success but CA replica creation failed:
>
> Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30
> seconds
>   [1/23]: creating certificate server user
>   [2/23]: creating certificate server db
>   [3/23]: setting up initial replication
> Starting replication, please wait until this has completed.
> Update in progress, 5 seconds elapsed
> Update succeeded
>
>   [4/23]: creating installation admin user
>   [5/23]: setting up certificate server
> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure
> CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpjnucvO' returned
> non-zero exit status 1
> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the
> installation logs and the following files/directories for more information:
> ipa.ipaserver.install.cainstance.CAInstance: CRITICAL
> /var/log/pki/pki-tomcat
>   [error] RuntimeError: CA configuration failed.
> Your system may be partly configured.
> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>
> ipa.ipapython.install.cli.install_tool(Replica): ERROR    CA
> configuration failed.
> ipa.ipapython.install.cli.install_tool(Replica): ERROR    The
> ipa-replica-install command failed. See /var/log/ipareplica-install.log
> for more information
>
> Maybe somebody has information about this issue?
>
>
> --
> Best regards,
> *Oleg Danilovich*
>
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
>
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to