Hi everyone,


This is my first time posting here - please be gentle.


I currently have ~40 CentOS 6.6 servers authenticating against my FreeIPA
server running on another CentOS 6.6 server.
(ipa-server-3.0.0-42.el6.centos.x86_64 and
ipa-client-3.0.0-42.el6.centos.x86_64) The server has been running stable
for the last ~4 months without issue, slowly building up from five servers
to the current forty. This server is paired with a puppet/foreman server to
manage the servers themselves.


I am having an issue with my FreeIPA server and I cannot figure out what is
going wrong. As of right now all 40 servers can still authenticate without
issue, so that is good. 


My issue is similar to what I saw here:
where I receive a pop-up error "IPA Error 4301: Certificate operation cannot
be completed: Unable to communicate with CMS (Not Found)". The issue
described at the above link is fairly old, and I checked my .jar symlinks
and they appear to all be ok. The pop-up appears when I go to Identity >
Hosts > and click on a host. The host information appears to all be correct,
and if I make changes the error appears again, but the changes seem to take
effect (tested changing a host description). 


The failures prevent me from adding new hosts in Foreman. When I try to add
a new host is says "Unable to save - Failed to create testvm.server.com's
realm entry: ERF12-5287 [ProxyAPI::ProxyException]: Unable to create realm
entry ([RestClient::BadRequest]: 400 Bad Request) for proxy


Does anyone have any ideas on what I can do to fix this? I can post any logs
that I have, but I do not know which are relevant to this issue.



-Chris Tobey

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to