Any tips for diving into this a bit more to troubleshoot?
For the 1st time I'm setting up an ipa-server 4.4 replica with CA
features enabled but the replica install seems to hang forever here:
Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes
[1/27]: creating certificate server user
[2/27]: configuring certificate server instance
[3/27]: stopping certificate server instance to update CS.cfg
[4/27]: backing up CS.cfg
[5/27]: disabling nonces
[6/27]: set up CRL publishing
[7/27]: enable PKIX certificate path discovery and validation
[8/27]: starting certificate server instance
< no output after this >
The replica-install.log file ends here:
2017-03-15T22:16:05Z DEBUG Starting external process
2017-03-15T22:16:05Z DEBUG args=/bin/systemctl is-active
2017-03-15T22:16:05Z DEBUG Process finished, return code=0
2017-03-15T22:16:05Z DEBUG stdout=active
2017-03-15T22:16:05Z DEBUG stderr=
2017-03-15T22:16:05Z DEBUG wait_for_open_ports: localhost [8080, 8443]
2017-03-15T22:16:06Z DEBUG Waiting until the CA is running
2017-03-15T22:16:06Z DEBUG request POST
2017-03-15T22:16:06Z DEBUG request body ''
I've confirmed that SELINUX is disabled, there is no firewall and the
AWS Security Groups are allowing TCP:8080 and TCP:8443 to the replica
instance. The systemctl command also verifies that
email@example.com is "active" as well.
Any tips for debugging further?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project