Hi, I have been trying now for a month getting ipa-upgrade going on my single host IPADOM. Any idea what to do would be greatly appreciated
-- ipaupgrade log -- 2021-05-04T04:25:02Z DEBUG args=['/bin/systemctl', 'stop', '[email protected]'] 2021-05-04T04:25:06Z DEBUG Process finished, return code=0 2021-05-04T04:25:06Z DEBUG stdout= 2021-05-04T04:25:06Z DEBUG stderr= 2021-05-04T04:25:06Z DEBUG Stop of [email protected] complete 2021-05-04T04:25:06Z INFO [Fix DS schema file syntax] 2021-05-04T04:25:06Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2021-05-04T04:25:06Z INFO Syntax already fixed 2021-05-04T04:25:06Z INFO [Removing RA cert from DS NSS database] 2021-05-04T04:25:21Z DEBUG Loading StateFile from '/var/lib/ipa/sysupgrade/sysupgrade.state' 2021-05-04T04:25:21Z INFO RA cert already removed 2021-05-04T04:25:21Z DEBUG Starting external process 2021-05-04T04:25:21Z DEBUG args=['/bin/systemctl', 'start', '[email protected]'] 2021-05-04T04:25:24Z DEBUG Process finished, return code=0 2021-05-04T04:25:24Z DEBUG stdout= 2021-05-04T04:25:24Z DEBUG stderr= 2021-05-04T04:25:24Z DEBUG Starting external process 2021-05-04T04:25:24Z DEBUG args=['/bin/systemctl', 'is-active', '[email protected]'] 2021-05-04T04:25:24Z DEBUG Process finished, return code=0 2021-05-04T04:25:24Z DEBUG stdout=active 2021-05-04T04:25:24Z DEBUG stderr= 2021-05-04T04:25:24Z DEBUG wait_for_open_ports: localhost [389] timeout 120 2021-05-04T04:25:24Z DEBUG waiting for port: 389 2021-05-04T04:25:24Z DEBUG SUCCESS: port: 389 2021-05-04T04:25:24Z DEBUG Start of [email protected] complete ... 2021-05-04T04:25:41Z INFO [Migrating certificate profiles to LDAP] 2021-05-04T04:26:01Z DEBUG Created connection context.ldap2_140042743094296 2021-05-04T04:26:01Z DEBUG flushing ldapi://%2fvar%2frun%2fslapd-IPADOM-LAN.socket from SchemaCache 2021-05-04T04:26:01Z DEBUG retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-IPADOM-LAN.socket conn=<ldap.ldapobject.SimpleLDAPObject object at 0x7f5e3d65c9b0> 2021-05-04T04:26:02Z DEBUG Destroyed connection context.ldap2_140042743094296 2021-05-04T04:26:02Z DEBUG request GET https://ipa2.ipadom.lan:8443/ca/rest/account/login 2021-05-04T04:26:02Z DEBUG request body '' 2021-05-04T04:26:02Z DEBUG response status 500 2021-05-04T04:26:02Z DEBUG response headers Content-Type: text/html;charset=utf-8 Content-Language: en Content-Length: 2234 Date: Tue, 04 May 2021 04:26:02 GMT Connection: close 2021-05-04T04:26:02Z DEBUG response body (decoded):<..snip..> CA subsystem unavailable. Check CA debug log ---------------- 04-May-2021 06:26:02.535 SEVERE [https-jsse-nio-8443-exec-5] org.apache.catalina.core.StandardHostValve.invoke Exception Processing /ca/rest/account/login javax.ws.rs.ServiceUnavailableException: CA subsystem unavailable. Check CA debug log. at com.netscape.cms.tomcat.ProxyRealm.validateRealm(ProxyRealm.java:81) at com.netscape.cms.tomcat.ProxyRealm.findSecurityConstraints(ProxyRealm.java:149) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:530) at com.netscape.cms.tomcat.ExternalAuthenticationValve.invoke(ExternalAuthenticationValve.java:82) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1598) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) -- CA: -- 2021-05-04 06:25:08 [main] FINE: ============================================ 2021-05-04 06:25:08 [main] FINE: ===== DEBUG SUBSYSTEM INITIALIZED ======= 2021-05-04 06:25:08 [main] FINE: ============================================ 2021-05-04 06:25:08 [main] INFO: Initializing CA subsystem 2021-05-04 06:25:08 [main] FINEST: Getting cs.state=1 2021-05-04 06:25:08 [main] FINEST: Getting instanceRoot=/var/lib/pki/pki-tomcat 2021-05-04 06:25:08 [main] FINEST: Getting instanceId=pki-tomcat ... 2021-05-04 06:25:10 [main] FINE: LdapBoundConnection: Connecting to ipa2.ipadom.lan:636 with client cert auth 2021-05-04 06:25:10 [main] FINE: ldapconn/PKISocketFactory.makeSSLSocket: begins 2021-05-04 06:25:10 [main] FINE: SignedAuditLogger: event CLIENT_ACCESS_SESSION_ESTABLISH 2021-05-04 06:25:10 [main] FINEST: Getting pidDir=/var/run/pki/tomcat 2021-05-04 06:25:10 [main] FINEST: Getting pidDir=/var/run/pki/tomcat 2021-05-04 06:25:10 [main] SEVERE: Unable to create socket: java.net.ConnectException: Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
