On Tue, Sep 13, 2016 at 2:10 PM, Natxo Asenjo <[email protected]> wrote:
> hi, > > when trying to add a replica to the Idm environment of a host running > centos 7 (fully patched) to an existing centos 6.8 realm I get this error: > ok, some progress. I found this: https://fedorahosted.org/389/ticket/470 So I went ahead and rebooted the master 6.8 kdc I was replicating from and then it failed in the certificate server instance: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpyHV1BW'' returned non-zero exit status 1 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki-ca-install.log ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. ipa.ipapython.install.cli.install_tool(Replica): ERROR CA configuration failed. But there is no /var/log/pki-ca-install.log : # ls -ltr /var/log/ total 1708 drwx------. 2 root root 6 Jun 10 2014 ppp drwxr-xr-x. 2 ntp ntp 6 May 31 12:29 ntpstats drwx------. 2 root root 6 Jul 18 17:30 httpd drwxr-x---. 2 sssd sssd 6 Aug 2 18:58 sssd -rw-------. 1 root root 0 Sep 13 13:19 tallylog drwx------. 3 root root 16 Sep 13 13:19 samba -rw-------. 1 root root 0 Sep 13 13:20 spooler drwxr-xr-x. 2 root root 4096 Sep 13 13:23 anaconda drwxr-x---. 2 root root 22 Sep 13 13:23 audit drwxr-xr-x. 2 root root 22 Sep 13 13:23 tuned drwxrwx---. 2 tomcat root 25 Sep 13 13:31 tomcat -rw-------. 1 root root 15126 Sep 13 13:31 yum.log -rw-------. 1 root root 8786 Sep 13 13:31 ipaupgrade.log -rw-r--r--. 1 root root 94862 Sep 13 13:59 dmesg.old -rw-------. 1 root root 18112 Sep 13 14:29 ipaclient-install.log -rw-------. 1 root root 40193 Sep 13 14:29 ipaclient-uninstall.log -rw-------. 1 root root 35796 Sep 13 14:29 ipaserver-uninstall.log -rw-r--r--. 1 root root 94862 Sep 13 14:30 dmesg -rw-r--r--. 1 root root 8591 Sep 13 14:30 boot.log -rw-------. 1 root root 2587 Sep 13 14:30 cron -rw-r--r--. 1 root root 200 Sep 13 14:30 wpa_supplicant.log -rw-------. 1 root root 958 Sep 13 14:30 maillog -rw-------. 1 root utmp 768 Sep 13 14:30 btmp -rw-rw-r--. 1 root utmp 13056 Sep 13 14:30 wtmp -rw-r--r--. 1 root root 291416 Sep 13 14:30 lastlog -rw-------. 1 root root 7318 Sep 13 14:31 ipareplica-conncheck.log drwxr-xr-x. 3 root root 35 Sep 13 14:31 dirsrv drwxr-xr-x. 4 root root 4096 Sep 13 14:32 pki -rw-------. 1 root root 87106 Sep 13 14:32 secure -rw-------. 1 root root 742436 Sep 13 14:32 messages -rw-------. 1 root root 202169 Sep 13 14:33 ipareplica-install.log In the ipa-replica-install.log , though, I find this: pkispawn : ERROR ....... Exception from Java Configuration Servlet: 500 Server Error: Internal Server Error pkispawn : ERROR ....... ParseError: not well-formed (invalid token): line 1, column 0: {"Attributes":{"Attribute":[]},"ClassName":"com.netscape.certsrv.base.PKIException","Code":500,"Message":"Clone does not have all the required certificates"} Any clue? -- -- Groeten, natxo
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
