Steven Jones wrote:
Hi,

This is F14, guess you missed the hostnames...

It is not safe to assume based on hostname which is why I also asked.

Your problem is this:

Unable to Send Request:java.net.NoRouteToHostException: No route to host
java.net.NoRouteToHostException: No route to host

It looks to be resolving to a very strange reverse, :-1?

Posting Query = https://fed14-64-ipam002.ipa.ac.nz:9445//ca/admin/console/config/wizard?p=4&op=next&xml=true
RESPONSE STATUS:  HTTP/1.1 302 Moved Temporarily
RESPONSE HEADER:  Server: Apache-Coyote/1.1
RESPONSE HEADER:  Location: https://:-1/

Can you double-check that /etc/hosts is set up correctly?

thanks

rob


regards


________________________________________
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of Martin Kosek [mko...@redhat.com]
Sent: Tuesday, 29 March 2011 9:09 p.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] replica install failure....

On Mon, 2011-03-28 at 23:45 +0000, Steven Jones wrote:
Just tried to make a replica and the install failed with,

   [4/11]: configuring certificate server instance
root        : CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname 
fed14-64-ipam002.ipa.ac.nz -cs_port 9445 -client_certdb_dir /tmp/tmp-r_2iHV -client_certdb_pwd 'XXXXXXXX' -preop_pin 
nnARxLnIWvR9Aw1RYjRn -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password 'XXXXXXXX' -agent_name 
ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject "CN=ipa-ca-agent,O=IPA.AC.NZ" -ldap_host 
fed14-64-ipam002.ipa.ac.nz -ldap_port 7389 -bind_dn "cn=Directory Manager" -bind_password 'XXXXXXXX' -base_dn o=ipaca 
-db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd 'XXXXXXXX' -subsystem_name pki-cad 
-token_name internal -ca_subsystem_cert_subject_name "CN=CA Subsystem,O=IPA.AC.NZ" -ca_ocsp_cert_subject_name "CN=OCSP 
Subsystem,O=IPA.AC.NZ" -ca_server_cert_subject_name "CN=fed14-64-ipam002.ipa.ac.nz,O=IPA.AC.NZ" 
-ca_audit_signing_cert_subject_name "CN=CA
!
   A!
  udit,O=IPA.AC.NZ" -ca_sign_cert_subject_name "CN=Certificate 
Authority,O=IPA.AC.NZ" -external false -clone true -clone_p12_file ca.p12 
-clone_p12_password 'XXXXXXXX' -sd_hostname fed14-64-ipam001.ipa.ac.nz -sd_admin_port 9445 
-sd_admin_name admin -sd_admin_password 'XXXXXXXX' -clone_start_tls true -clone_uri 
https://fed14-64-ipam001.ipa.ac.nz:9444' returned non-zero exit status 255
creation of replica failed: Configuration of CA failed

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
[root@fed14-64-ipam002 jonesst1]#


Hello Steven,

can you please send me a version of tomcat6 server on your Fedora 15
with IPA replica?

This is most probably a known issue which was stated in Freeipa v2
announcement:

[Freeipa-devel] Announcing FreeIPA v2 Server

[snip]
Known Issues

   * The latest tomcat6 package has not been pushed to updates-testing.
You need tomcat6-6-0.30-5 or higher. The packages can be retrieved from
koji at http://koji.fedoraproject.org/koji/buildinfo?buildID=231410 .
The installation will fail restarting the CA with the current tomcat6
package in Fedora 15.
[snip]


If this is your case, you may want to install the RPMs from koji or just
install them from rawhide repository.

Regards,
Martin

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to