On 4/1/2015 11:56 AM, Endi Sukma Dewata wrote:
On 03/31/2015 01:54 PM, Markus Roth wrote:
I want setup freeipa 4.1.3 on a fresh installed fedora 21.
The ipa-server-install shows the following output:
Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd): Estimated time 3
[1/27]: creating certificate server user
[2/27]: configuring certificate server instance
[3/27]: stopping certificate server instance to update CS.cfg
[4/27]: backing up CS.cfg
[5/27]: disabling nonces
[6/27]: set up CRL publishing
[7/27]: enable PKIX certificate path discovery and validation
[8/27]: starting certificate server instance
[error] RuntimeError: CA did not start in 300.0s
CA did not start in 300.0s
The ipa server install log shows this:
2015-03-31T17:39:35Z DEBUG The CA status is: check interrupted
2015-03-31T17:39:35Z DEBUG Waiting for CA to start...
I uninstalled the ipa server completely several times and installed
But it always stops at the same step with the setup.
Can anybody help?
Based on the IPA install log alone it looks like the DS is already
started, and the Dogtag is already started too in step [3/27]. It's the
restart on step [8/27] that is failing.
We will need to see the Dogtag debug log in order to know if Dogtag is
indeed failing to restart or the installer for some reason cannot
connect to Dogtag.
Based on the logs that you sent me, the Dogtag took a really long time
INFORMATION: Server startup in 739700 ms
More than half of that time was spent starting the CA subsystem alone:
INFORMATION: Deployment of configuration descriptor /etc/pki
/pki-tomcat/Catalina/localhost/ca.xml has finished in 393,390 ms
The whole (failed) IPA installation took about 38 minutes. Is this correct?
It's possible the system was running out of entropy. You might want to
install haveged or rngd. See:
However, the system seems to be running very slowly in general. How
powerful is this machine?
Endi S. Dewata
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project