hi,

In a test network I followed the procedure especified in
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/migrating-ipa-proc.html
to migrate from a centos 6.7 ipa server to a new centos 7 ipa server.

Everything went fine, I shutdown the centos 6.7 host and i can kinit to the
test realm like before with everything being handled by the centos 7.1 ipa
server.

Unfortunately, firefox is not loading the web ui with the message:

An error occurred during a connection to kdc2.unix.domain.tld. The OCSP
server experienced an internal error. (Error code:
sec_error_ocsp_server_error)


Chrome works fine, it does not query the ocsp responder apparently. If I
turn off the ocsp queries in firefox, everything works.

So how can I troubleshoot this? I have turned off the firewall in the
centos 7.1 hosts, selinux is permissive.

--
Groeten,
natxo
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to