Gady Notrica via FreeIPA-users <freeipa-users@lists.fedorahosted.org>
writes:

> But still having the same issue:

No, you don't.  Earlier it timed out waiting for dirsrv, but now it's
dogtag (Port 8080, 8443):
>
> 2017-09-15T15:58:46Z DEBUG stderr= 2017-09-15T15:58:46Z DEBUG
> wait_for_open_ports: localhost [8080, 8443] timeout 300
> 2017-09-15T16:03:46Z ERROR IPA server upgrade failed: Inspect
> /var/log/ipaupgrade.log and run command ipa-server-upgrade manually.

Have a look at the dogtag logs and possibly
https://floblanc.wordpress.com/2017/09/11/troubleshooting-freeipa-pki-tomcatd-fails-to-start/
 

For me another replica refreshed the certificate while ipaupgrade was
running.  Another possibility was failure to refresh the cert due to
selinux. (Can't find the ticket now).

Jochen

-- 
This space is intentionally left blank.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to