On 1/7/12 3:06 PM, Benjamin Reed wrote:
> Configuration of client side components failed!
> ipa-client-install returned: Command '/usr/sbin/ipa-client-install
> --on-master --unattended --domain opennms.com --server
> connect.opennms.com --realm OPENNMS.COM --hostname
> connect.opennms.com' returned non-zero exit status 1

It turns out the issue for this showed in the ipa-client-install.log --
I had set up my HTTP server to redirect to HTTPS automatically, and that
was messing up the round-trip of the configuration:

2012-01-07 14:04:22,653 DEBUG args=/usr/bin/wget -O
/tmp/tmptzxcFF/ca.crt -T 15 -t 2
2012-01-07 14:04:22,653 DEBUG stdout=
2012-01-07 14:04:22,653 DEBUG stderr=--2012-01-07 14:04:22--
Resolving connect.opennms.com...
Connecting to connect.opennms.com||:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://connect.opennms.com/ipa/config/ca.crt [following]
--2012-01-07 14:04:22-- https://connect.opennms.com/ipa/config/ca.crt
Connecting to connect.opennms.com||:443... connected.
ERROR: cannot verify connect.opennms.com’s certificate, issued by
“/O=OPENNMS.COM/CN=Certificate Authority”:
Self-signed certificate encountered.
To connect to connect.opennms.com insecurely, use ‘--no-check-certificate’.

2012-01-07 14:04:22,653 DEBUG Retrieving CA from connect.opennms.com failed.

Benjamin Reed
The OpenNMS Group

Freeipa-users mailing list

Reply via email to