fortunately that was a VM and with libvirt+qemu snaphost
feature I reverted filesystem to some older(prior to IPA)
state, and yes... that was that only system'slocal problem.
On 09/09/16 18:49, Rob Crittenden wrote:
lejeczek wrote:
hi everybody,
looking at ipareplica-install.log:
raise RuntimeError("%s configuration failed." %
self.subsystem)
RuntimeError: CA configuration failed.
2016-09-09T16:23:17Z DEBUG [error] RuntimeError: CA
configuration failed.
2016-09-09T16:23:17Z DEBUG File
"/usr/lib/python2.7/site-packages/ipapython/admintool.py",
line 171, in
execute
then at /var/log/pki/pki-tomcat/ca/system
I'd suggest looking at the debug log for more details.
0.localhost-startStop-1 - [09/Sep/2016:16:04:22 BST] [3]
[3] Cannot
build CA chain. Error
java.security.cert.CertificateException:
Certificate is not a PKCS #11 certificate
0.localhost-startStop-1 - [09/Sep/2016:16:04:22 BST] [13]
[3] authz
instance DirAclAuthz initialization failed and skipped,
error=Property
internaldb.ldapconn.port missing value
I cannot find anything more telling in the logs. Does it
have anything
to do with what's in:
/etc/httpd/alias/
?
No.
I yum removed
`rpm -qa ipa* 389*` pki-base krb5-pkinit krb5-server
krb5-workstation
pki-tomcat certmonger
rm dirs + reinstalled, yet I cannot find the the root
cause of this mess.
I seriously doubt the problem is local to the box.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
