Steven Jones wrote:
[root@fed14-64-ipam001 jonesst1]# ipa-replica-prepare
fed14-64-ipam002.ipa.ac.nz
Directory Manager (existing master) password:
Preparing replica for fed14-64-ipam002.ipa.ac.nz from
fed14-64-ipam001.ipa.ac.nz
Creating SSL certificate for the Directory Server
ipa: INFO: sslget
'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient'
Creating SSL certificate for the Web Server
ipa: INFO: sslget
'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient'
preparation of replica failed: cannot connect to
'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient':
[Errno -12285] (SSL_ERROR_NO_CERTIFICATE) Unable to find the certificate or key
necessary for authentication.
cannot connect to
'https://fed14-64-ipam001.ipa.ac.nz:9444/ca/ee/ca/profileSubmitSSLClient':
[Errno -12285] (SSL_ERROR_NO_CERTIFICATE) Unable to find the certificate or key
necessary for authentication.
File "/usr/sbin/ipa-replica-prepare", line 431, in<module>
main()
File "/usr/sbin/ipa-replica-prepare", line 363, in main
export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "httpcert",
replica_fqdn, subject_base)
File "/usr/sbin/ipa-replica-prepare", line 136, in export_certdb
raise e
If I go to the URL I get,
================
The Certificate System has encountered an unrecoverable error.
Error Message:
java.lang.NullPointerException
Please contact your local administrator for assistance.
================
???
regards
Can you provide the output of:
# certutil -L -d /etc/httpd/alias
During installation dogtag provides us with an RA agent certificate that
we use to communicate with the CA. This certificate should be stored in
/etc/httpd/alias.
rob
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
