On 04/28/2014 11:08 AM, Bret Wortman wrote:
On 04/28/2014 10:48 AM, Rob Crittenden wrote:Bret Wortman wrote:On 04/28/2014 10:21 AM, Bret Wortman wrote:On 04/28/2014 08:33 AM, Petr Viktorin wrote:According to the error you're getting, there is a CA instance already installed. After uninstalling IPA, destroy it with: pkidestroy -s CA -i pki-tomcatI tried, this, but no joy. # pkidestroy -s CA -i pki-tomcat Loading deployment configuration from /var/lib/pki/pki-tomcat /ca/registry/ca/deployment.cfg. Uninstalling CA from /var/lib/pki/pki-tomcat. pkidestroy : WARNING ....... this 'CA' entry will NOT be deleted from security domain 'unknown'! pkidestroy : ERROR ....... No security domain defined. If this is an unconfigured instance, then that is OK. Otherwise, manually delete the entry from the security domain master. Uninstallation complete. # And then when I tried to run ipa-server-install, I got the same error again. I may just wipe the box and start over. It might take less time overall. BretThis, BTW, is on F20 using freeipa 3.3.4-3 and pki-ca 10.1.1-1 (also dogtag-10.1.1-1).From the ipa-server installation output the error looks the same, but the underlying error should be different when there isn't already a PKI instance.If the PKI installer fails early enough we don't record that it was installed which is why ipa-server-install --uninstall doesn't remove it. We have a ticket open for this.robSo is there a recommended way to clean it up and get it working?
Never mind; I found the bug (953488) which said to: # pkidestroy -s CA -i pki-tomcat ERROR: PKI instance '/var/lib/pki/pki-tomcat' does NOT exist! # rm -rf /var/log/pki/pki-tomcat # rm -rf /etc/sysconfig/pki-tomcat # rm -rf /etc/sysconfig/pki/tomcat/pki-tomcat # rm -rf /var/lib/pki/pki-tomcat # rm -rf /etc/pki/pki-tomcat # ipa-server-install --uninstallAnd re-run installation. This didn't work for me. Was there another bug that I missed?
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users