Bret Wortman wrote:
Sorry, that wasn't clear at all, was it? The latest attempt was after I ran the cleanup. No joy; it's still failing at the same point and tomcat is definitely not running.
In order to diagnose why dogtag is failing to install we need to see the logs from /var/log/pki-ca and the full /var/log/ipaserver-install.log. You can send them directly to me or Martin if you'd prefer.
rob
On Thu, Oct 18, 2012 at 7:28 AM, Martin Kosek <mko...@redhat.com <mailto:mko...@redhat.com>> wrote: On 10/18/2012 01:23 PM, Bret Wortman wrote: > Tomcat is definitely not running and there's no log in /var/log/pki-ca. SELinux > is disabled and not running. The same RPMs are installed on both my functioning > and nonfunctioning system, at least as far as "# rpm -qa | grep tomcat | sort" > revealed. > > I also followed Martin's suggestion to clean out the CA configuration, but that > command seems to indicate that there wasn't any existing configuration: > > [root@fs1 ~]# /usr/bin/pkiremove -pki_instance_root=/var/lib > -pki_instance_name=pki-ca --force > PKI instance Deletion Utility ... > > PKI instance Deletion Utility cleaning up instance ... > > No security domain defined. > If this is an unconfigured instance, then that is OK. > Otherwise, manually delete the entry from the security domain master. > > Removing selinux contexts Actually, I think that the pkiremove utility removed the leftover CA. If the CA was not there, the output should look like that: # /usr/bin/pkiremove -pki_instance_root=/var/lib -pki_instance_name=pki-ca --force PKI instance Deletion Utility ... [error] /usr/bin/pkiremove: Target directory /var/lib/pki-ca is not a legal directory. ... Can you try running the server install again? So that we can see if the CA cleanup helped? Martin -- Bret Wortman The Damascus Group Fairfax, VA http://bretwortman.com/ http://twitter.com/BretWortman
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users