On 01/11/2016 12:01 PM, Arthur Fayzullin wrote: > Good day, Colleagues! > > And Happy New Year! > > I have tried to install test stend with ipa v4.2 and 2 master-master > servers. > > files /etc/hosts on both servers contain: > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 > ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 > > 10.254.1.114 radipa00.test.ckt radipa00 > 10.254.1.154 radipa01.test.ckt radipa01 > > prepare key for replica server: > [root@radipa00 ipa]# ipa-replica-prepare --ip-address=10.254.1.154 > radipa01.test.ckt > > copy it to replica: > [root@radipa00 ipa]# scp /var/lib/ipa/replica-info-radipa01.test.ckt.gpg > [email protected]:/var/lib/ipa/ > > then on replica start installation: > [root@radipa01 ~]# ipa-replica-install --setup-ca --setup-kra > --mkhomedir --ssh-trust-dns --ip-address=10.254.1.154 --setup-dns > --forwarder=77.88.8.7 --forwarder=77.88.8.3 > /var/lib/ipa/replica-info-radipa01.test.ckt.gpg > > and!!! I have got such error: > [2/23]: configuring certificate server instance > ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to > configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' > '/tmp/tmpvgc4S6'' returned non-zero exit status 1 > ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the > installation logs and the following files/directories for more information: > ipa.ipaserver.install.cainstance.CAInstance: CRITICAL > /var/log/pki-ca-install.log > ipa.ipaserver.install.cainstance.CAInstance: CRITICAL > /var/log/pki/pki-tomcat > [error] RuntimeError: CA configuration failed. > Your system may be partly configured. > Run /usr/sbin/ipa-server-install --uninstall to clean up. > > log file contains this error: > [root@radipa01 ~]# less /var/log/pki/pki-ca-spawn.20160111150634.log > 'application_version': '[APPLICATION_VERSION]'} > 2016-01-11 15:06:34 pkispawn : ERROR ....... Deployment file could > not be parsed correctly. This might be because of unescaped '%%' > characters. You must escape '%%' characters in deployment files > (example - 'setting=foo%%%%bar'). > 2016-01-11 15:06:34 pkispawn : ERROR ....... Interpolation error > ('%' must be followed by '%' or '(', found: '%') > > I have reproduced that error several times with cenos7 and fedora23 > installations. > > I am really confused if I am doing something wrong or may it is > something else... > what it can be? > ____________ > Best wishes!
CCing Endi. There used to be an error, when DM password (used also for Dogtag) contained special characters, PKI installer choked on it. I could not find the bug number right now. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
