Andrea Bontempi wrote:
Hi
I have a strange error on one FreeIPA client (on my other client doesn't occur)
when i try to call the FreeIPA admin tools (example: ipa ping)
On the CLI the error prints:
ipa: ERROR: cannot connect to u'https://myipaserver/ipa/xml': [Errno -8015]
error (-8015) unknown
The client working perfectly in the FreeIPA network, it's only a problem of CLI
command.
I try to connect through the python API, and i obtain this traceback:
Traceback (most recent call last):
File "<input>", line 1, in <module>
File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 435, in __cal
l__
ret = self.run(*args, **options)
File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 748, in run
return self.forward(*args, **options)
File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 769, in forwa
rd
return self.Backend.xmlclient.forward(self.name, *args, **kw)
File "/usr/lib/python2.6/site-packages/ipalib/rpc.py", line 743, in forward
raise NetworkError(uri=server, error=str(e))
NetworkError: cannot connect to u'https://myipaserver/ipa/xml': [
Errno -8015] error (-8015) unknown
On the line 743 we found:
except NSPRError, e:
raise NetworkError(uri=server, error=str(e))
Can someone help me?
That error is SEC_ERROR_LEGACY_DATABASE which is less scary than it
sounds. It seems that NSS throws that when it doesn't know how to open
its database.
Check for the existence of /etc/pki/nssdb/*.db and make sure it is world
readable. The IPA CA should exist in it too:
# certutil -L -d /etc/pki/nssdb
rob
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
