On 08/02/2017 07:25 AM, Fraser Tweedale wrote:
On Tue, Aug 01, 2017 at 02:55:26PM -0400, Rob Crittenden wrote:

Providing the dogtag debug log might be helpful. The replica install log
shows that the GoDaddy CA chain was imported and trusted reasonably
(C,,) but the installer later claims it can't find them by nickname. I
think we need Fraser to take a closer look as he's a dogtag developer.


Hi Mark,

Thank you for reporting your issue, for the information you have
provided and for bearing with us as we investigate it.  The CA is a
complex part of the FreeIPA system with many moving parts so it can
take a while to get to the bottom of things.

I am travelling this week though I hope to find some time to start
looking into this tomorrow.  Realistically I will not have a lot of
time to focus on this issue until next week.


Apologies for the harshness of my previous reply. It was a long and frustrating day on a lot of fronts for me. That's not really an excuse, however.

As I'm not at all familiar with FreeIPA's layout, nor which server I should pull the logs from, can you provide me with what additional log files you need and which server to pull from? Note: ipa0 is the primary and ipa1 the replica I'm banging my head against.

I appreciate you taking a look at this in depth and I'll offer all the help I can.

Mark Haney
Network Engineer at NeoNova
919-460-3330 option 1
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to