Hi List,
I'm having trouble setting up an IPA replica. It seems to fail when configuring
httpd:
Configuring the web interface: Estimated time 1 minute
[1/11]: disabling mod_ssl in httpd
[2/11]: setting mod_nss port to 443
[3/11]: setting mod_nss password file
[4/11]: adding URL rewriting rules
[5/11]: configuring httpd
[6/11]: setting up ssl
[7/11]: publish CA cert
[8/11]: creating a keytab for httpd
[9/11]: configuring SELinux for httpd
[10/11]: restarting httpd
creation of replica failed: Command '/sbin/service httpd restart ' returned
non-zero exit status 1
Looking in /var/log/httpd/error_log gives:
[Tue Jun 28 14:50:35 2011] [error] Certificate not found: 'Server-Cert'
Running certutil i can see that the certificate exists in the NSS certificate
directory:
[root@ipa2 conf.d]# certutil -d /etc/httpd/alias/ -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
Server-Cert ,,
AUTH.EXAMPLE.COM<http://AUTH.EXAMPLE.COM> IPA CA
CT,C,
Looking at /etc/httpd/conf/password.conf , it seems that no password has been
set:
[root@ipa2 alias]# cat /etc/httpd/conf/password.conf
internal:
Is there any known issue that would cause this to happen? It seems to be reason
mod_nss cant load the certificate.
-R
________________________________
ZettaServe Disclaimer: This email and any files transmitted with it are
confidential and intended solely for the use of the individual or entity to
whom they are addressed. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately if you have received this email by mistake and delete this email
from your system. Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
ZettaServe Pty Ltd accepts no liability for any damage caused by any virus
transmitted by this email.
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
