Dale Macartney wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Afternoon all

using Fedora 18 Beta and attempting to install FreeIPA 3.1

when running through the install of "ipa-server-install --setup-dns" I
end up with a failure with the below output


[root@ds01 ~]# ipa-server-install --setup-dns
.....
.....
Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes
30 seconds
   [1/20]: creating certificate server user
   [2/20]: configuring certificate server instance
   [3/20]: disabling nonces
   [4/20]: creating RA agent certificate database
   [5/20]: importing CA chain to RA certificate database
   [6/20]: fixing RA database permissions
   [7/20]: setting up signing cert profile
   [8/20]: set up CRL publishing
   [9/20]: set certificate subject base
   [10/20]: enabling Subject Key Identifier
   [11/20]: enabling CRL and OCSP extensions for certificates
   [12/20]: setting audit signing renewal to 2 years
   [13/20]: configuring certificate server to start on boot
   [14/20]: restarting certificate server
   [15/20]: requesting RA certificate from CA
   [16/20]: issuing RA agent certificate
Unexpected error - see /var/log/ipaserver-install.log for details:
CalledProcessError: Command '/usr/bin/sslget -v -n ipa-ca-agent -p
XXXXXXXX -d /tmp/tmp-kUFAyN -r /ca/agent/ca/profileReview?requestId=7
ds01.domain.com:8443' returned non-zero exit status 6


there is absolutely nothing in any logs at all apart from a few selinux
audit logs (system running in permissive mode).

Any thoughts?

This usually means a problem with DNS.

rob


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to