Thank you. Just to clarify I currently have both "secret" and "requiredSecret"
set. Originally "requiredSecret" did not match the ipa secret while "secret"
did. I changed "requiredSecret" to also match to fix my issue.
___
FreeIPA-users mailing list --
> The strange thing is this upgrade code has been in IPA since 4.9.0 so
> its unclear why it decided to break now, and in the way it did.
>
> It should only change the attribute from requiredSecret to secret if
> "tomcat version" reports a version >= 9.0.31.0.
Yes, I noticed the python function
Could you check if your "requiredSecret" value matches the "secret" in
"/etc/pki/pki-tomcat/server.xml"?
I had two lines where they were different and the value has to match the secret
in "/etc/httpd/conf.d/ipa-pki-proxy.conf". Once they all matched I restarted
pki-tomcatd@pki-tomcat.service
Thank you. Setting requiredSecret to the same value as secret in
/etc/pki/pki-tomcat/server.xml fixed it for me on CentOS Stream 8. It stopped
working after upgrading FreeIPA from 4.9.3 to 4.9.6.
Seems I barely missed the version that uses "secret":
java -cp catalina.jar
