74cmonty via FreeIPA-users wrote: > I have installed freeipa-server-common=4.7.0, so I don't understand the > relation to an issue that should be fixed with 4.6.0.
You never did say before which version you were using... > I have no restarted command ipa-pkinit-manage enable after opening port 8443 > on both, master and replica server. > > In my opinion the root cause is different. > According to error message and log the connection to > https://ipa-replica.biszumbitterenen.de:8443/ca/ee/ca/profileSubmitSSLClient > fails, however there's no service listening on port 8443 on the replica > server (192.168.100.201). > On the master server (192.168.100.200) port 8443 is accessible: So I assume there is no CA installed on this replica? Can we see the current getcert output for the KDC cert? rob BTW your comments are coming in with zero context which makes more difficult to see what has gone on before. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
