Hi,
After installing a new replica and running
/usr/bin/ipa-healthcheck --source
pki.server.healthcheck.clones.connectivity_and_data
I'm getting this error
keyctl_search: Required key not available
Enter password for Internal Key Storage Token:
Internal server error HTTPSConnectionPool(host='iparep3.ghs.nl', port=443): Max
retries exceeded with url: /ca/rest/certs/search?size=3 (Caused by
NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at
0x7fc473262a90>: Failed to establish a new connection: [Errno 113] No route to
host',))
[
{
"source": "pki.server.healthcheck.clones.connectivity_and_data",
"check": "ClonesConnectivyAndDataCheck",
"result": "ERROR",
"uuid": "c2f3ec1d-494b-4f6a-b6e3-0e38108f2005",
"when": "20210528150818Z",
"duration": "30.348789",
"kw": {
"status": "ERROR: pki-tomcat : Internal error testing CA clone. Host:
iparep3.ghs.nl Port: 443"
}
}
]
First, it is asking for a password, and I have no clue for what. I've
tried the admin password and the Directory Manager password. It
makes no difference.
Second, it tries to connect to a replica that was removed several months
ago. Both ipa-replica-manage list and ipa-csreplica-manage show the
correct list of masters that we currently have.
Where does ipa-healthcheck get the information from to query the removed
replica?
BTW. Two replica run CentOS 8 Stream, and one runs CentOS 7. The first two give
this healthcheck error, the centos7 master does not.
--
Kees
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
