Hello all,

I am having some problems installing FreeIPA server on a freshly installed Fedora 13 machine. Installation fails during configuration of certificate server at step 3/14:

-----------
  [3/14]: configuring certificate server instance
root : CRITICAL failed to restart ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname loznica.lhs-systems.com -cs_port 9445 -client_certdb_dir /tmp/tmp-0ANqdU -client_certdb_pwd XXXXXXXX -preop_pin eTvJduILXN6kCgkX46ih -domain_name IPA -admin_user admin -admin_email r...@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject "CN=ipa-ca-agent,O=IPA" -ldap_host loznica.lhs-systems.com -ldap_port 7389 -bind_dn "cn=Directory Manager" -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name "CN=CA Subsystem,O=IPA" -ca_ocsp_cert_subject_name "CN=OCSP Subsystem,O=IPA" -ca_server_cert_subject_name "CN=loznica.lhs-systems.com,O=IPA" -ca_audit_signing_cert_subject_name "CN=CA Audit,O=IPA" -ca_sign_cert_subject_name "CN=Certificate Authority,O=IPA" -external false -clone false' returned non-zero exit status 255
  [4/14]: creating CA agent PKCS#12 file in /root
Unexpected error - see ipaserver-install.log for details:
Command '/usr/bin/pk12util -n ipa-ca-agent -o /root/ca-agent.p12 -d /tmp/tmp-0ANqdU -k /tmp/tmplUonD_ -w /tmp/tmplUonD_' returned non-zero exit status 24
-----------

Even if installation continues to next step PKI-CA is not configured.

Debug message from the installation log file says (complete installation log is attached):

-----------
Required parameter -key_algorithm is not specified.
Use -help for help information
-----------

Installed packages are as follows:

-----------
pki-common-1.3.8-1.fc13.noarch
pki-util-1.3.2-1.fc13.noarch
pki-console-1.3.2-1.fc13.noarch
pki-native-tools-1.3.0-5.fc13.i686
dogtag-pki-ca-ui-1.3.2-1.fc13.noarch
pki-silent-1.3.4-1.fc13.noarch
pki-symkey-1.3.2-4.fc13.i686
pki-java-tools-1.3.1-1.fc13.noarch
dogtag-pki-console-ui-1.3.2-2.fc13.noarch
pki-ca-1.3.6-1.fc13.noarch
pki-selinux-1.3.5-1.fc13.noarch
dogtag-pki-common-ui-1.3.3-1.fc13.noarch
pki-setup-1.3.4-1.fc13.noarch
-
ipa-server-1.9.0.pre4-0.fc13.i686
ipa-admintools-1.9.0.pre4-0.fc13.i686
ipa-python-1.9.0.pre4-0.fc13.i686
ipa-server-selinux-1.9.0.pre4-0.fc13.i686
ipa-client-1.9.0.pre4-0.fc13.i686
-
389-ds-base-1.2.6-1.fc13.i686
-----------

Any ideas what could be the problem?

Regards,
Miljan
2010-09-15 17:35:49,784 DEBUG Loading StateFile from 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:35:49,785 DEBUG Loading StateFile from 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:35:49,785 DEBUG Loading Index file from 
'/var/lib/ipa/sysrestore/sysrestore.index'
2010-09-15 17:36:04,448 DEBUG importing all plugin modules in 
'/usr/lib/python2.6/site-packages/ipalib/plugins'...
2010-09-15 17:36:04,449 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py'
2010-09-15 17:36:04,456 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/automount.py'
2010-09-15 17:36:04,465 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py'
2010-09-15 17:36:04,465 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/cert.py'
2010-09-15 17:36:04,477 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/config.py'
2010-09-15 17:36:04,481 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py'
2010-09-15 17:36:04,491 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/group.py'
2010-09-15 17:36:04,495 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/hbac.py'
2010-09-15 17:36:04,505 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvc.py'
2010-09-15 17:36:04,507 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/hbacsvcgroup.py'
2010-09-15 17:36:04,509 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/host.py'
2010-09-15 17:36:04,514 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/hostgroup.py'
2010-09-15 17:36:04,517 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/kerberos.py'
2010-09-15 17:36:04,517 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/krbtpolicy.py'
2010-09-15 17:36:04,519 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/migration.py'
2010-09-15 17:36:04,521 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/misc.py'
2010-09-15 17:36:04,522 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/netgroup.py'
2010-09-15 17:36:04,525 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/passwd.py'
2010-09-15 17:36:04,526 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/pwpolicy.py'
2010-09-15 17:36:04,531 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/rolegroup.py'
2010-09-15 17:36:04,533 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/service.py'
2010-09-15 17:36:04,533 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/taskgroup.py'
2010-09-15 17:36:04,536 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/user.py'
2010-09-15 17:36:04,541 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/virtual.py'
2010-09-15 17:36:04,541 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipalib/plugins/xmlclient.py'
2010-09-15 17:36:04,541 DEBUG importing all plugin modules in 
'/usr/lib/python2.6/site-packages/ipaserver/plugins'...
2010-09-15 17:36:04,542 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/dogtag.py'
2010-09-15 17:36:04,568 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/join.py'
2010-09-15 17:36:04,571 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/ldap2.py'
2010-09-15 17:36:04,571 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/ldapapi.py'
2010-09-15 17:36:04,572 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/rabase.py'
2010-09-15 17:36:04,573 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/selfsign.py'
2010-09-15 17:36:04,573 INFO skipping plugin module ipaserver.plugins.selfsign: 
selfsign is not selected as RA plugin, it is dogtag
2010-09-15 17:36:04,573 DEBUG importing plugin module 
'/usr/lib/python2.6/site-packages/ipaserver/plugins/xmlserver.py'
2010-09-15 17:36:04,619 INFO Mounting ipaserver.rpcserver.jsonserver() at 'json'
2010-09-15 17:36:04,626 INFO Mounting ipaserver.rpcserver.xmlserver() at 'xml'
2010-09-15 17:36:04,975 DEBUG Loading StateFile from 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:04,975 DEBUG Configuring directory server for the CA:
2010-09-15 17:36:04,975 DEBUG   [1/4]: creating directory server user
2010-09-15 17:36:04,976 DEBUG adding ds user dirsrv
2010-09-15 17:36:05,173 INFO args=/usr/sbin/useradd -c DS System User -d 
/var/lib/dirsrv -M -r -s /sbin/nologin dirsrv
2010-09-15 17:36:05,174 INFO stdout=
2010-09-15 17:36:05,174 INFO stderr=
2010-09-15 17:36:05,174 DEBUG done adding user
2010-09-15 17:36:05,175 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:05,176 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:05,177 DEBUG   [2/4]: creating directory server instance
2010-09-15 17:36:05,302 INFO args=/sbin/service dirsrv status
2010-09-15 17:36:05,304 INFO stdout=
2010-09-15 17:36:05,304 INFO stderr=/bin/ls: cannot access /etc/dirsrv/slapd-*: 
No such file or directory

2010-09-15 17:36:05,304 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:05,305 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:05,308 DEBUG writing inf template
2010-09-15 17:36:05,311 DEBUG 
[General]
FullMachineName=   loznica.lhs-systems.com
SuiteSpotUserID=   dirsrv
ServerRoot=    /usr/lib/dirsrv
[slapd]
ServerPort=   7389
ServerIdentifier=   PKI-IPA
Suffix=   dc=lhs-systems,dc=com
RootDN=   cn=Directory Manager

2010-09-15 17:36:05,311 DEBUG calling setup-ds.pl
2010-09-15 17:36:15,811 INFO args=/usr/sbin/setup-ds.pl --silent --logfile - -f 
/tmp/tmpkeNa6c
2010-09-15 17:36:15,812 INFO stdout=[10/09/15:17:36:15] - [Setup] Info Your new 
DS instance 'PKI-IPA' was successfully created.
Your new DS instance 'PKI-IPA' was successfully created.
[10/09/15:17:36:15] - [Setup] Success Exiting . . .
Log file is '-'

Exiting . . .
Log file is '-'


2010-09-15 17:36:15,812 INFO stderr=
2010-09-15 17:36:15,813 DEBUG completed creating ds instance
2010-09-15 17:36:15,814 DEBUG   [3/4]: configuring directory to start on boot
2010-09-15 17:36:15,843 INFO args=/sbin/chkconfig --list dirsrv
2010-09-15 17:36:15,845 INFO stdout=dirsrv              0:off   1:off   2:off   
3:off   4:off   5:off   6:off

2010-09-15 17:36:15,845 INFO stderr=
2010-09-15 17:36:15,846 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:15,876 INFO args=/sbin/chkconfig dirsrv on
2010-09-15 17:36:15,877 INFO stdout=
2010-09-15 17:36:15,877 INFO stderr=
2010-09-15 17:36:15,877 DEBUG   [4/4]: restarting directory server
2010-09-15 17:36:19,420 INFO args=/sbin/service dirsrv restart PKI-IPA
2010-09-15 17:36:19,421 INFO stdout=Shutting down dirsrv: 
    PKI-IPA...[  OK  ]
Starting dirsrv: 
    PKI-IPA...[  OK  ]

2010-09-15 17:36:19,422 INFO stderr=
2010-09-15 17:36:19,569 INFO args=/sbin/service dirsrv status
2010-09-15 17:36:19,570 INFO stdout=dirsrv PKI-IPA (pid 31889) is running...

2010-09-15 17:36:19,571 INFO stderr=
2010-09-15 17:36:19,571 DEBUG done configuring pkids.
2010-09-15 17:36:19,572 DEBUG Loading StateFile from 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:19,574 DEBUG Configuring certificate server:
2010-09-15 17:36:19,575 DEBUG   [1/14]: creating certificate server user
2010-09-15 17:36:19,575 DEBUG adding ca user pkiuser
2010-09-15 17:36:19,764 INFO args=/usr/sbin/useradd -c CA System User -d 
/var/lib -M -r -s /sbin/nologin pkiuser
2010-09-15 17:36:19,765 INFO stdout=
2010-09-15 17:36:19,765 INFO stderr=
2010-09-15 17:36:19,765 DEBUG done adding user
2010-09-15 17:36:19,766 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:19,767 DEBUG Saving StateFile to 
'/var/lib/ipa/sysrestore/sysrestore.state'
2010-09-15 17:36:19,769 DEBUG   [2/14]: creating pki-ca instance
2010-09-15 17:37:26,758 INFO args=/usr/bin/pkicreate -pki_instance_root 
/var/lib -pki_instance_name pki-ca -subsystem_type ca -agent_secure_port 9443 
-ee_secure_port 9444 -admin_secure_port 9445 -ee_secure_client_auth_port 9446 
-unsecure_port 9180 -tomcat_server_port 9701 -redirect conf=/etc/pki-ca 
-redirect logs=/var/log/pki-ca
2010-09-15 17:37:26,762 INFO stdout=PKI instance creation Utility ...


PKI instance creation completed ...

Stopping pki-ca: 
process already stopped

============================================================

Starting pki-ca: [  OK  ]

pki-ca (pid 303) is running ...

    'pki-ca' must still be CONFIGURED!
    (see /var/log/pki-ca-install.log)

Before proceeding with the configuration, make sure 
the firewall settings of this machine permit proper 
access to this subsystem. 

Please start the configuration by accessing:

https://loznica.lhs-systems.com:9445/ca/admin/console/config/login?pin=eTvJduILXN6kCgkX46ih

After configuration, the server can be operated by the command:

    /sbin/service pki-cad restart pki-ca


2010-09-15 17:37:26,762 INFO stderr=
2010-09-15 17:37:26,765 DEBUG   [3/14]: configuring certificate server instance
2010-09-15 17:37:26,789 DEBUG restarting ca instance
2010-09-15 17:38:14,324 INFO args=/sbin/service pki-cad restart 
2010-09-15 17:38:14,326 INFO stdout=Stopping pki-ca: 
...............................[  OK  ]

============================================================

Starting pki-ca: [  OK  ]

pki-ca (pid 1625) is running ...

    'pki-ca' must still be CONFIGURED!
    (see /var/log/pki-ca-install.log)


2010-09-15 17:38:14,326 INFO stderr=Sep 15, 2010 5:37:30 PM 
org.apache.catalina.startup.Catalina stopServer
SEVERE: Catalina.stop: 
java.net.ConnectException: Connection refused
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at 
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:310)
        at 
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:176)
        at 
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:163)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
        at java.net.Socket.connect(Socket.java:546)
        at java.net.Socket.connect(Socket.java:495)
        at java.net.Socket.<init>(Socket.java:392)
        at java.net.Socket.<init>(Socket.java:206)
        at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:395)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:344)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:435)

2010-09-15 17:38:14,327 DEBUG done restarting ca instance
2010-09-15 17:38:14,336 DEBUG ['/usr/bin/perl', '/usr/bin/pkisilent', 
'ConfigureCA', '-cs_hostname', 'loznica.lhs-systems.com', '-cs_port', '9445', 
'-client_certdb_dir', '/tmp/tmp-0ANqdU', '-client_certdb_pwd', 'B5c51xR3', 
'-preop_pin', 'eTvJduILXN6kCgkX46ih', '-domain_name', 'IPA', '-admin_user', 
'admin', '-admin_email', 'r...@localhost', '-admin_password', 'B5c51xR3', 
'-agent_name', 'ipa-ca-agent', '-agent_key_size', '2048', '-agent_key_type', 
'rsa', '-agent_cert_subject', '"CN=ipa-ca-agent,O=IPA"', '-ldap_host', 
'loznica.lhs-systems.com', '-ldap_port', '7389', '-bind_dn', '"cn=Directory 
Manager"', '-bind_password', 'B5c51xR3', '-base_dn', 'o=ipaca', '-db_name', 
'ipaca', '-key_size', '2048', '-key_type', 'rsa', '-save_p12', 'true', 
'-backup_pwd', 'B5c51xR3', '-subsystem_name', 'pki-cad', '-token_name', 
'internal', '-ca_subsystem_cert_subject_name', '"CN=CA Subsystem,O=IPA"', 
'-ca_ocsp_cert_subject_name', '"CN=OCSP Subsystem,O=IPA"', 
'-ca_server_cert_subject_name', '"CN=loznica.lhs-systems.com,O=IPA"', 
'-ca_audit_signing_cert_subject_name', '"CN=CA Audit,O=IPA"', 
'-ca_sign_cert_subject_name', '"CN=Certificate Authority,O=IPA"', '-external', 
'false', '-clone', 'false']
2010-09-15 17:38:14,945 INFO args=/usr/bin/perl /usr/bin/pkisilent ConfigureCA 
-cs_hostname loznica.lhs-systems.com -cs_port 9445 -client_certdb_dir 
/tmp/tmp-0ANqdU -client_certdb_pwd XXXXXXXX -preop_pin eTvJduILXN6kCgkX46ih 
-domain_name IPA -admin_user admin -admin_email r...@localhost -admin_password 
XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa 
-agent_cert_subject "CN=ipa-ca-agent,O=IPA" -ldap_host loznica.lhs-systems.com 
-ldap_port 7389 -bind_dn "cn=Directory Manager" -bind_password XXXXXXXX 
-base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -save_p12 true 
-backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal 
-ca_subsystem_cert_subject_name "CN=CA Subsystem,O=IPA" 
-ca_ocsp_cert_subject_name "CN=OCSP Subsystem,O=IPA" 
-ca_server_cert_subject_name "CN=loznica.lhs-systems.com,O=IPA" 
-ca_audit_signing_cert_subject_name "CN=CA Audit,O=IPA" 
-ca_sign_cert_subject_name "CN=Certificate Authority,O=IPA" -external false 
-clone false
2010-09-15 17:38:14,946 INFO stdout=libpath=/usr/lib
#######################################################################
Required parameter -key_algorithm is not specified.
Use -help for help information

#######################################################################

2010-09-15 17:38:14,946 INFO stderr=
2010-09-15 17:38:14,947 CRITICAL failed to restart ca instance Command 
'/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname 
loznica.lhs-systems.com -cs_port 9445 -client_certdb_dir /tmp/tmp-0ANqdU 
-client_certdb_pwd XXXXXXXX -preop_pin eTvJduILXN6kCgkX46ih -domain_name IPA 
-admin_user admin -admin_email r...@localhost -admin_password XXXXXXXX 
-agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa 
-agent_cert_subject "CN=ipa-ca-agent,O=IPA" -ldap_host loznica.lhs-systems.com 
-ldap_port 7389 -bind_dn "cn=Directory Manager" -bind_password XXXXXXXX 
-base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -save_p12 true 
-backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal 
-ca_subsystem_cert_subject_name "CN=CA Subsystem,O=IPA" 
-ca_ocsp_cert_subject_name "CN=OCSP Subsystem,O=IPA" 
-ca_server_cert_subject_name "CN=loznica.lhs-systems.com,O=IPA" 
-ca_audit_signing_cert_subject_name "CN=CA Audit,O=IPA" 
-ca_sign_cert_subject_name "CN=Certificate Authority,O=IPA" -external false 
-clone false' returned non-zero exit status 255
2010-09-15 17:38:14,947 DEBUG restarting ca instance
2010-09-15 17:39:02,076 INFO args=/sbin/service pki-cad restart 
2010-09-15 17:39:02,081 INFO stdout=Stopping pki-ca: 
...............................[  OK  ]

============================================================

Starting pki-ca: [  OK  ]

pki-ca (pid 2916) is running ...

    'pki-ca' must still be CONFIGURED!
    (see /var/log/pki-ca-install.log)


2010-09-15 17:39:02,082 INFO stderr=Sep 15, 2010 5:38:18 PM 
org.apache.catalina.startup.Catalina stopServer
SEVERE: Catalina.stop: 
java.net.ConnectException: Connection refused
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at 
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:310)
        at 
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:176)
        at 
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:163)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
        at java.net.Socket.connect(Socket.java:546)
        at java.net.Socket.connect(Socket.java:495)
        at java.net.Socket.<init>(Socket.java:392)
        at java.net.Socket.<init>(Socket.java:206)
        at org.apache.catalina.startup.Catalina.stopServer(Catalina.java:395)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at org.apache.catalina.startup.Bootstrap.stopServer(Bootstrap.java:344)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:435)

2010-09-15 17:39:02,082 DEBUG done restarting ca instance
2010-09-15 17:39:02,083 DEBUG   [4/14]: creating CA agent PKCS#12 file in /root
2010-09-15 17:39:02,189 INFO args=/usr/bin/pk12util -n ipa-ca-agent -o 
/root/ca-agent.p12 -d /tmp/tmp-0ANqdU -k /tmp/tmplUonD_ -w /tmp/tmplUonD_
2010-09-15 17:39:02,191 INFO stdout=
2010-09-15 17:39:02,191 INFO stderr=pk12util: find user certs from nickname 
failed: security library: bad database.

2010-09-15 17:39:02,200 DEBUG Command '/usr/bin/pk12util -n ipa-ca-agent -o 
/root/ca-agent.p12 -d /tmp/tmp-0ANqdU -k /tmp/tmplUonD_ -w /tmp/tmplUonD_' 
returned non-zero exit status 24
  File "/usr/sbin/ipa-server-install", line 849, in <module>
    sys.exit(main())

  File "/usr/sbin/ipa-server-install", line 705, in main
    ca.configure_instance("pkiuser", host_name, dm_password, dm_password, 
subject_base=options.subject)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/cainstance.py", line 
455, in configure_instance
    self.start_creation("Configuring certificate server:")

  File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line 
240, in start_creation
    method()

  File "/usr/lib/python2.6/site-packages/ipaserver/install/cainstance.py", line 
833, in __create_ca_agent_pkcs12
    "-w", pwd_name])

  File "/usr/lib/python2.6/site-packages/ipapython/ipautil.py", line 138, in run
    raise CalledProcessError(p.returncode, ' '.join(args))

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to