Hi Martin,

ipa config-mod --enable-migration=1


Thanks! I'm getting farther now.

It seems to manage setting up the main directory server, but fails configuring the ca system.

Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds
  [1/17]: creating certificate server user
  [2/17]: configuring certificate server instance
ipa : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpqX0Uul' returned non-zero exit status 1

2014-01-09T14:53:42Z DEBUG Starting external process
2014-01-09T14:53:42Z DEBUG args=/usr/sbin/pkispawn -s CA -f /tmp/tmpqX0Uul
2014-01-09T14:53:55Z DEBUG Process finished, return code=1
2014-01-09T14:53:55Z DEBUG stdout=Loading deployment configuration from /tmp/tmp
qX0Uul.
Installing CA into /var/lib/pki/pki-tomcat.
Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/de
ployment.cfg.
Installation failed.


2014-01-09T14:53:55Z DEBUG stderr=pkispawn : WARNING ....... unable to valid ate security domain user/password through REST interface. Interface not availabl
e
mmap: Invalid argument
mmap: Invalid argument
mmap: Invalid argument
pkispawn : ERROR ....... Exception from Java Configuration Servlet: Failed to obtain installation token from security domain: java.lang.NullPointerException

2014-01-09T14:53:55Z CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpqX0Uul' returned non-zero exit status 1 2014-01-09T14:53:55Z INFO File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 619, in run_script
    return_value = main_function()

  File "/usr/sbin/ipa-replica-install", line 652, in main
    (CA, cs) = cainstance.install_replica_ca(config, dogtag_master_ds_port)

File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 1809, in install_replica_ca
    subject_base=config.subject_base)

File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 625, in configure_instance
    self.start_creation(runtime=210)

File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 358, in start_creation
    method()

File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", line 744, in __spawn_instance
    raise RuntimeError('Configuration of CA failed')

2014-01-09T14:53:55Z INFO The ipa-replica-install command failed, exception: RuntimeError: Configuration of CA failed

/var/log/pki/pki-tomcat/ca/system:
17875.localhost-startStop-1 - [09/Jan/2014:15:53:52 CET] [3] [3] Cannot build CA chain. Error java.security.cert.CertificateException: Certificate is not a PKCS #11 certificate 17875.localhost-startStop-1 - [09/Jan/2014:15:53:52 CET] [13] [3] authz instance DirAclAuthz initialization failed and skipped, error=Property internaldb.ldapconn.port missing value


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to