[Freeipa-users] ipa-restore breaks pki-tomcatd (?)

Wed, 04 Apr 2018 04:01:28 -0700 

hi

here I have something very easily reproducible I think.
I have two masters IPA, fist one stood alone for a while and then I added the second server. Then I ipa-restored the first master to a data backup from a day or two before second master was added and now: 
...
Starting pki-tomcatd Service
Failed to start pki-tomcatd Service

in /var/log/pki/pki-tomcat/ca/debug:
...
[04/Apr/2018:11:56:27][localhost-startStop-1]: SSLClientCertificateSelectionCB: Setting desired cert nickname to: subsystemCert cert-pki-ca [04/Apr/2018:11:56:27][localhost-startStop-1]: LdapJssSSLSocket: set client auth cert nickname subsystemCert cert-pki-ca [04/Apr/2018:11:56:27][localhost-startStop-1]: SSLClientCertificatSelectionCB: Entering! [04/Apr/2018:11:56:27][localhost-startStop-1]: Candidate cert: subsystemCert cert-pki-ca [04/Apr/2018:11:56:27][localhost-startStop-1]: SSLClientCertificateSelectionCB: desired cert found in list: subsystemCert cert-pki-ca [04/Apr/2018:11:56:27][localhost-startStop-1]: SSLClientCertificateSelectionCB: returning: subsystemCert cert-pki-ca [04/Apr/2018:11:56:27][localhost-startStop-1]: SSL handshake happened Could not connect to LDAP server host swir.private port 636 Error netscape.ldap.LDAPException: Authentication failed (49)     at com.netscape.cmscore.ldapconn.LdapBoundConnFactory.makeConnection(LdapBoundConnFactory.java:205)     at com.netscape.cmscore.ldapconn.LdapBoundConnFactory.init(LdapBoundConnFactory.java:166)     at com.netscape.cmscore.ldapconn.LdapBoundConnFactory.init(LdapBoundConnFactory.java:130)     at com.netscape.cmscore.dbs.DBSubsystem.init(DBSubsystem.java:654)     at com.netscape.cmscore.apps.CMSEngine.initSubsystem(CMSEngine.java:1176)     at com.netscape.cmscore.apps.CMSEngine.initSubsystems(CMSEngine.java:1082)     at com.netscape.cmscore.apps.CMSEngine.init(CMSEngine.java:572) 
    at com.netscape.certsrv.apps.CMS.init(CMS.java:189)
    at com.netscape.certsrv.apps.CMS.start(CMS.java:1631)
    at com.netscape.cms.servlet.base.CMSStartServlet.init(CMSStartServlet.java:117)     at javax.servlet.GenericServlet.init(GenericServlet.java:158)     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:288)     at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:285)     at java.security.AccessController.doPrivileged(Native Method) 
...

Is this normal/expected?
Many thanks, L.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to