On Wed, 04 Jan 2012, Alexander Bokovoy wrote: > On Wed, 04 Jan 2012, Rich Megginson wrote: > > >Your system may be partly configured. > > >Run /usr/sbin/ipa-server-install --uninstall to clean up. > > >[root@fileserver4 ~]# > > > > > >I'm running 389-ds-base-1.2.10-0.5.a5.fc16.x86_64, if that helps > > try > > > > 389-ds-base-1.2.10-0.6.a6.fc16.x86_64 > > from updates-testing > That would mean taking in also nss packages (they are in stable > already for F16) which will break FreeIPA. > > If no those breaks from nss (FEDORA-2011-17400 update), we could have > 2.1.4 in stable already. > > Look at http://bugzilla.redhat.com/show_bug.cgi?id=771357 for details. > Unfortunately, workarounds are kludgy and require modification deep in > Dogtag templates. > > Backstory for nss part is here > https://bugzilla.redhat.com/show_bug.cgi?id=737506 As a workaround temporarily one can add following line to /usr/share/pki/ca/tomcat6.conf before running ipa-server-install:
NSS_SSL_CBC_RANDOM_IV=0 -- / Alexander Bokovoy _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
