Hi, The pki/httpd logs on the el9 are almost empty during the healthcheck on the el8 system. The pki/httpd logs on the el8 server complain quite a bit during the health check on the el8 system.
I've attached them (just the tail from the logs during the ipa-healthcheck running on the el8 system) Rob Op wo 18 jan. 2023 om 17:39 schreef Rob Crittenden <rcrit...@redhat.com>: > It is trying to read three certs from the CA just to validate that > things are working. Some exception is being thrown during the POST. The > pki and/or httpd logs might contain more info. > > rob > > Rob Verduijn wrote: > > Hi, > > > > I don't see anything strange in the output but thats probably my > ignorance. > > With your extended command the output is now free of certs so I'm > > attaching it. > > > > Rob > > > > > > Op wo 18 jan. 2023 om 15:22 schreef Rob Crittenden <rcrit...@redhat.com > > <mailto:rcrit...@redhat.com>>: > > > > Rob Verduijn wrote: > > > Hello, > > > > > > I ran healthcheck with the debug option.There was a huge amount of > > > output which stopped after the healtherror I mentioned before. > > > > > > Sadly the amount also contained all certificates so I cannot post > > it here. > > > The debug output is quite overwhelming. > > > Could you give some pointers at to what I should be looking for ? > > > > You can narrow the output by adding the cli options --source > > pki.server.healthcheck.clones.connectivity_and_data --check > > ClonesConnectivyAndDataCheck > > > > The error reported by the plugin is an internal error so you're > looking > > for back traces or other suppressed output. > > > > rob > > > > > > > > Rob > > > > > > > > > Op di 17 jan. 2023 om 15:55 schreef Rob Crittenden > > <rcrit...@redhat.com <mailto:rcrit...@redhat.com> > > > <mailto:rcrit...@redhat.com <mailto:rcrit...@redhat.com>>>: > > > > > > Rob Verduijn via FreeIPA-users wrote: > > > > I do have migration in mind, and I already have seen that > doc. > > > > > > > > I double checked the roles, and the only two roles that are > > > enabled are > > > > CA-server and DNS-server. > > > > They are present on both systems. > > > > > > > > However currently I'm 'just' adding an el9 replica and the > > old el8 > > > > master can't seem to reach the ca accourding to the > healthcheck. > > > > > > > > And I don't want to start migrating before the current > > situation has a > > > > good alth status for all the replicas/masters. > > > > > > Can you re-run it with --debug? Some older versions of > > healthcheck had a > > > bug in the debug switch where it got turned off while > > importing external > > > checks so if you don't get much, you've hit that. > > > > > > rob > > > > > > > > > > > > > > > Op di 17 jan. 2023 om 15:37 schreef Francisco Triviño García > > > > <ftriv...@redhat.com <mailto:ftriv...@redhat.com> > > <mailto:ftriv...@redhat.com <mailto:ftriv...@redhat.com>> > > > <mailto:ftriv...@redhat.com <mailto:ftriv...@redhat.com> > > <mailto:ftriv...@redhat.com <mailto:ftriv...@redhat.com>>>>: > > > > > > > > > > > > On 1/17/23 09:33, Rob Verduijn via FreeIPA-users wrote: > > > >> Hello all, > > > >> > > > >> I wanted to migrate my old el8 freeipa server to el9. > > > >> > > > >> So I installed a new system with el9 and configured a > > replica > > > on it. > > > >> > > > >> After this was completed I ran ipa-healthcheck on the > > new el9 > > > >> replica and all was well. > > > >> > > > >> However after this I ran ipa-healthcheck on the old el8 > ipa > > > server > > > >> and I got the following error. > > > >> ipa-healthcheck > > > >> Internal server error 'Link' > > > >> [ > > > >> { > > > >> "source": > > > "pki.server.healthcheck.clones.connectivity_and_data", > > > >> "check": "ClonesConnectivyAndDataCheck", > > > >> "result": "ERROR", > > > >> "uuid": "5aea196e-1693-4c14-93c5-649286c8ef7f", > > > >> "when": "20230117082651Z", > > > >> "duration": "0.402024", > > > >> "kw": { > > > >> "status": "ERROR: pki-tomcat : Internal error > > testing CA > > > >> clone. Host: freeipa01.tjako.thuis Port: 443" > > > >> } > > > >> } > > > >> ] > > > >> > > > >> I double checked the firewall and all ports were open > > on the el9 > > > >> server > > > >> firewall-cmd --list-all > > > >> public (active) > > > >> target: default > > > >> icmp-block-inversion: no > > > >> interfaces: br0 enp1s0 > > > >> sources: > > > >> services: cockpit dhcpv6-client dns freeipa-ldap > > freeipa-ldaps > > > >> http https ntp ssh > > > >> ports: > > > >> protocols: > > > >> forward: yes > > > >> masquerade: no > > > >> forward-ports: > > > >> source-ports: > > > >> icmp-blocks: > > > >> rich rules: > > > >> > > > >> On the el9 server ipa-healthcheck yields no errors and > > ipactl > > > >> status shows everything is > > > >> running. > > > >> > > > >> Anybody know why the old el8 server fails the > > ipa-healthcheck ? > > > > > > > > Assuming that the new server (as a replica of the el8 > > server) was > > > > installed including all the server roles present on el8, > > I guess > > > > there are more steps to be completed, here you can find > > the full > > > > migration guide: > > > > > > > > > > > > > > https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/migrating_to_identity_management_on_rhel_9/assembly_migrating-your-idm-environment-from-rhel-8-servers-to-rhel-9-servers_migrating-to-idm-on-rhel-9 > > > > > > > > is freeipa01.tjako.thuis the new server? > > > > > > > > > > > >> > > > >> Rob > > > >> > > > >> > > > >> _______________________________________________ > > > >> FreeIPA-users mailing list -- > > > freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>>> > > > >> To unsubscribe send an email to > > > freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org>> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org>>> > > > >> Fedora Code of Conduct: > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > > >> List Guidelines: > > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > > >> List Archives: > > > > > > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > > > >> Do not reply to spam, report it: > > > https://pagure.io/fedora-infrastructure/new_issue > > > > > > > > > > > > _______________________________________________ > > > > FreeIPA-users mailing list -- > > freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>> > > > > To unsubscribe send an email to > > > freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org>> > > > > Fedora Code of Conduct: > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > > > List Guidelines: > > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > > > List Archives: > > > > > > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > > > > Do not reply to spam, report it: > > > https://pagure.io/fedora-infrastructure/new_issue > > > > > > > > > > >
==> httpd/access_log <== 172.16.1.13 - - [19/Jan/2023:08:16:32 +0100] "POST /ca/rest/certs/search?size=3 HTTP/1.1" 200 324 ==> httpd/ssl_request_log <== [19/Jan/2023:08:16:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "POST /ca/rest/certs/search?size=3 HTTP/1.1" 324
==> httpd/access_log <== 172.16.1.13 - - [19/Jan/2023:08:14:22 +0100] "GET /ca/rest/certs/1 HTTP/1.1" 200 10022 172.16.1.13 - - [19/Jan/2023:08:14:22 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:22 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:22 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:22 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - ==> httpd/error_log <== [Thu Jan 19 08:14:22.646451 2023] [ssl:error] [pid 161107:tid 140111790450432] [client 172.16.1.13:37898] AH: verify client post handshake [Thu Jan 19 08:14:22.695899 2023] [ssl:error] [pid 121025:tid 140111496804096] [client 172.16.1.13:37910] AH: verify client post handshake [Thu Jan 19 08:14:22.718404 2023] [ssl:error] [pid 161107:tid 140111211648768] [client 172.16.1.13:37914] AH: verify client post handshake [Thu Jan 19 08:14:22.734121 2023] [ssl:error] [pid 161107:tid 140111936460544] [client 172.16.1.13:37922] AH: verify client post handshake [Thu Jan 19 08:14:22.761048 2023] [ssl:error] [pid 161107:tid 140111362651904] [client 172.16.1.13:37934] AH: verify client post handshake ==> httpd/ssl_request_log <== [19/Jan/2023:08:14:22 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/1 HTTP/1.1" 10022 [19/Jan/2023:08:14:22 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:22 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:22 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:22 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - ==> httpd/access_log <== 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/certs/7 HTTP/1.1" 200 10282 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - ==> httpd/error_log <== [Thu Jan 19 08:14:31.165403 2023] [ssl:error] [pid 121026:tid 140111824021248] [client 172.16.1.13:43108] AH: verify client post handshake [Thu Jan 19 08:14:31.210523 2023] [ssl:error] [pid 121026:tid 140111815628544] [client 172.16.1.13:43116] AH: verify client post handshake [Thu Jan 19 08:14:31.244115 2023] [ssl:error] [pid 121025:tid 140111480018688] [client 172.16.1.13:43124] AH: verify client post handshake [Thu Jan 19 08:14:31.284547 2023] [ssl:error] [pid 161107:tid 140111337473792] [client 172.16.1.13:43138] AH: verify client post handshake [Thu Jan 19 08:14:31.329858 2023] [ssl:error] [pid 161107:tid 140111320688384] [client 172.16.1.13:43146] AH: verify client post handshake ==> httpd/ssl_request_log <== [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/7 HTTP/1.1" 10282 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - ==> httpd/access_log <== 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/certs/5 HTTP/1.1" 200 10004 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - 172.16.1.13 - - [19/Jan/2023:08:14:31 +0100] "GET /ca/rest/certs/2 HTTP/1.1" 200 10169 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - ==> httpd/error_log <== [Thu Jan 19 08:14:31.586155 2023] [ssl:error] [pid 161107:tid 140111228434176] [client 172.16.1.13:43158] AH: verify client post handshake [Thu Jan 19 08:14:31.634332 2023] [ssl:error] [pid 121026:tid 140111807235840] [client 172.16.1.13:43172] AH: verify client post handshake [Thu Jan 19 08:14:31.662384 2023] [ssl:error] [pid 161107:tid 140111928067840] [client 172.16.1.13:43174] AH: verify client post handshake [Thu Jan 19 08:14:31.679921 2023] [ssl:error] [pid 121024:tid 140111919675136] [client 172.16.1.13:43184] AH: verify client post handshake [Thu Jan 19 08:14:31.736497 2023] [ssl:error] [pid 121025:tid 140111463233280] [client 172.16.1.13:43200] AH: verify client post handshake [Thu Jan 19 08:14:31.983461 2023] [ssl:error] [pid 121026:tid 140111765272320] [client 172.16.1.13:43212] AH: verify client post handshake [Thu Jan 19 08:14:32.062623 2023] [ssl:error] [pid 161107:tid 140111220041472] [client 172.16.1.13:43216] AH: verify client post handshake [Thu Jan 19 08:14:32.129615 2023] [ssl:error] [pid 161107:tid 140111807235840] [client 172.16.1.13:43232] AH: verify client post handshake [Thu Jan 19 08:14:32.161340 2023] [ssl:error] [pid 161107:tid 140111186470656] [client 172.16.1.13:43246] AH: verify client post handshake [Thu Jan 19 08:14:32.211977 2023] [ssl:error] [pid 161107:tid 140111824021248] [client 172.16.1.13:43260] AH: verify client post handshake ==> httpd/ssl_request_log <== [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/5 HTTP/1.1" 10004 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - [19/Jan/2023:08:14:31 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/2 HTTP/1.1" 10169 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - ==> httpd/access_log <== 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/certs/4 HTTP/1.1" 200 10352 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/certs/1 HTTP/1.1" 200 10022 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:32 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/certs/3 HTTP/1.1" 200 10634 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/certs/14 HTTP/1.1" 200 12527 ==> httpd/error_log <== [Thu Jan 19 08:14:32.454219 2023] [ssl:error] [pid 121026:tid 140111756879616] [client 172.16.1.13:43266] AH: verify client post handshake [Thu Jan 19 08:14:32.507144 2023] [ssl:error] [pid 161107:tid 140111832413952] [client 172.16.1.13:43276] AH: verify client post handshake [Thu Jan 19 08:14:32.549564 2023] [ssl:error] [pid 161107:tid 140111790450432] [client 172.16.1.13:43284] AH: verify client post handshake [Thu Jan 19 08:14:32.570615 2023] [ssl:error] [pid 161107:tid 140111782057728] [client 172.16.1.13:43290] AH: verify client post handshake [Thu Jan 19 08:14:32.600760 2023] [ssl:error] [pid 121026:tid 140111731701504] [client 172.16.1.13:43292] AH: verify client post handshake [Thu Jan 19 08:14:32.845536 2023] [ssl:error] [pid 121024:tid 140111832413952] [client 172.16.1.13:43296] AH: verify client post handshake [Thu Jan 19 08:14:32.898653 2023] [ssl:error] [pid 161107:tid 140111194863360] [client 172.16.1.13:43298] AH: verify client post handshake [Thu Jan 19 08:14:32.930993 2023] [ssl:error] [pid 121026:tid 140111723308800] [client 172.16.1.13:43314] AH: verify client post handshake [Thu Jan 19 08:14:32.949978 2023] [ssl:error] [pid 121026:tid 140111706523392] [client 172.16.1.13:43324] AH: verify client post handshake [Thu Jan 19 08:14:32.993599 2023] [ssl:error] [pid 161107:tid 140111815628544] [client 172.16.1.13:43328] AH: verify client post handshake [Thu Jan 19 08:14:33.217637 2023] [ssl:error] [pid 161107:tid 140111312295680] [client 172.16.1.13:43344] AH: verify client post handshake [Thu Jan 19 08:14:33.252930 2023] [ssl:error] [pid 161107:tid 140111354259200] [client 172.16.1.13:43348] AH: verify client post handshake [Thu Jan 19 08:14:33.276275 2023] [ssl:error] [pid 121026:tid 140111698130688] [client 172.16.1.13:43352] AH: verify client post handshake [Thu Jan 19 08:14:33.291350 2023] [ssl:error] [pid 121026:tid 140111681345280] [client 172.16.1.13:43360] AH: verify client post handshake [Thu Jan 19 08:14:33.317728 2023] [ssl:error] [pid 161107:tid 140111911282432] [client 172.16.1.13:43366] AH: verify client post handshake [Thu Jan 19 08:14:33.422029 2023] [ssl:error] [pid 161107:tid 140111329081088] [client 172.16.1.13:43374] AH: verify client post handshake ==> httpd/ssl_request_log <== [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/4 HTTP/1.1" 10352 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/1 HTTP/1.1" 10022 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:32 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/3 HTTP/1.1" 10634 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/14 HTTP/1.1" 12527 ==> httpd/access_log <== 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/certs/17 HTTP/1.1" 200 12425 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/certs/10 HTTP/1.1" 200 12348 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/account/login HTTP/1.1" 200 304 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 200 1167 172.16.1.13 - - [19/Jan/2023:08:14:33 +0100] "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 200 1218 172.16.1.13 - - [19/Jan/2023:08:14:34 +0100] "GET /ca/rest/account/logout HTTP/1.1" 204 - ==> httpd/error_log <== [Thu Jan 19 08:14:33.454460 2023] [ssl:error] [pid 161107:tid 140111345866496] [client 172.16.1.13:43388] AH: verify client post handshake [Thu Jan 19 08:14:33.477405 2023] [ssl:error] [pid 161107:tid 140111203256064] [client 172.16.1.13:43402] AH: verify client post handshake [Thu Jan 19 08:14:33.493202 2023] [ssl:error] [pid 161107:tid 140111178077952] [client 172.16.1.13:43414] AH: verify client post handshake [Thu Jan 19 08:14:33.519167 2023] [ssl:error] [pid 161107:tid 140111919675136] [client 172.16.1.13:43430] AH: verify client post handshake [Thu Jan 19 08:14:33.693626 2023] [ssl:error] [pid 161107:tid 140111798843136] [client 172.16.1.13:43440] AH: verify client post handshake [Thu Jan 19 08:14:33.728253 2023] [ssl:error] [pid 161107:tid 140111211648768] [client 172.16.1.13:43450] AH: verify client post handshake [Thu Jan 19 08:14:33.748617 2023] [ssl:error] [pid 161107:tid 140111936460544] [client 172.16.1.13:43462] AH: verify client post handshake [Thu Jan 19 08:14:33.766133 2023] [ssl:error] [pid 161107:tid 140111362651904] [client 172.16.1.13:43466] AH: verify client post handshake [Thu Jan 19 08:14:33.795384 2023] [ssl:error] [pid 161107:tid 140111337473792] [client 172.16.1.13:43470] AH: verify client post handshake [Thu Jan 19 08:14:33.906617 2023] [ssl:error] [pid 161107:tid 140111320688384] [client 172.16.1.13:43478] AH: verify client post handshake [Thu Jan 19 08:14:33.938941 2023] [ssl:error] [pid 121026:tid 140111936460544] [client 172.16.1.13:43490] AH: verify client post handshake [Thu Jan 19 08:14:33.960693 2023] [ssl:error] [pid 121024:tid 140111815628544] [client 172.16.1.13:43506] AH: verify client post handshake [Thu Jan 19 08:14:33.989521 2023] [ssl:error] [pid 121024:tid 140111798843136] [client 172.16.1.13:43510] AH: verify client post handshake [Thu Jan 19 08:14:34.015202 2023] [ssl:error] [pid 121024:tid 140111790450432] [client 172.16.1.13:43516] AH: verify client post handshake ==> httpd/ssl_request_log <== [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/17 HTTP/1.1" 12425 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" - [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/certs/10 HTTP/1.1" 12348 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/login HTTP/1.1" 304 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/cert HTTP/1.1" 1167 [19/Jan/2023:08:14:33 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/authorities/2d0b61bc-e11f-4347-8985-211b158721ed/chain HTTP/1.1" 1218 [19/Jan/2023:08:14:34 +0100] 172.16.1.13 TLSv1.3 TLS_AES_256_GCM_SHA384 "GET /ca/rest/account/logout HTTP/1.1" -
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
