Hi,

Dne 10.7.2015 v 22:33 Orion Poplawski napsal(a):
On 07/08/2015 11:31 AM, Orion Poplawski wrote:
  But then when I go to make a replica:

# ipa-replica-prepare ipa1.nwra.com --dirsrv_pkcs12=nwra.com.p12
--dirsrv_pin=XXXXXX --http_pkcs12=nwra.com.p12 --http_pin=XXXXXX
Directory Manager (existing master) password:

(SEC_ERROR_LIBRARY_FAILURE) security library failure.

Which looks like others are experiencing (with not resolution that I could
see) https://www.redhat.com/archives/freeipa-users/2015-April/msg00514.html

Unfortunately this error code can mean almost anything, NSS isn't particularly helpful with errors.


Putting AddTrustExternalCARoot into nwra.com.p12 doesn't appear to help.


Filed https://fedorahosted.org/freeipa/ticket/5117


Without ipa-replica-prepare log or pk12util output it's really hard to tell what's going on. Could you provide the output of the following commands:

    # pk12util -l nwra.com.p12

# ipa-replica-prepare -v ipa1.nwra.com --dirsrv_pkcs12=nwra.com.p12 --dirsrv_pin=XXXXXX --http_pkcs12=nwra.com.p12 --http_pin=XXXXXX

?

Honza

--
Jan Cholasta

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to