On 9/23/2014 6:35 PM, swartz wrote:
On 9/22/2014 7:59 PM, Ade Lee wrote:
If you scroll to the end of the CS.cfg, does it look like it has been
truncated?
I'd have to say no. It doesn't look truncated to me. At least there are
no obvious signs. But then again I don't know everything that is
On 10/3/2014 2:30 AM, Alexander Bokovoy wrote:
This issue is known -- when CA install fails, we rollback but since CA
isn't installed, we miss rolling it back. There is a ticket for
eventually fixing this issue.
Which ticket is this? The rollback was actually disabled to allow
troubleshooting
On 2/6/2015 8:39 AM, Martin Kosek wrote:
Reinstalling the pki-selinux rpm (found references in some other forum posts)
via yum reinstall pki-selinux is not enough to help.
The solution is as follows:
yum downgrade pki-selinux pki-ca pki-common pki-setup pki-silent pki-java-tools
pki-symkey
Hi,
I need some information from you. Which versions of the PKI packages
that you are using on the CentOS 6.6 and 7.0 machines? Could you email
me the PKI CA debug logs (/var/log/pki-ca/debug or
/var/log/pki/pki-tomcat/ca/debug) from both machines?
There's a possibility it may be related to
On 1/6/2015 4:55 AM, Anthony Messina wrote:
I'm discussing this with Ade (CC'd). Based on the stack trace it looks
like the replica thinks the master returns an incomplete information
about the security domain, probably due to the different Dogtag versions
used in master and replica.
We need
On 3/11/2015 10:13 PM, Gould, Joshua wrote:
The selftests.log contradicts itself and I¹m not really sure where to look
next. Any ideas?
There's an existing ticket about the confusing selftest messages:
https://fedorahosted.org/pki/ticket/1249
Could you post the full CA debug log (i.e.
http://www.colovore.com
On Mon, Mar 23, 2015 at 1:36 PM, Endi Sukma Dewata
edew...@redhat.com mailto:edew...@redhat.com wrote:
Thanks for the info. The transaction log doesn't indicate the
cause of the problem either. I might need to provide a custom
build
On 2/25/2015 6:35 PM, Martin Kosek wrote:
yum -y remove pki-selinux pki-ca pki-common pki-setup pki-silent pki-java-tools
pki-symkey pki-util pki-native-tools ipa-server-selinux ipa-server ipa-client
ipa-admintools ipa-python ipa-pki-ca-theme ipa-pki-common-theme 389-ds-base
389-ds-base-libs
On 2/26/2015 8:02 AM, Les Stott wrote:
rm -rf /etc/pki-ca /var/lib/pki-ca /var/log/pki-ca /etc/certmonger
/etc/sysconfig/pki-ca /etc/sysconfig/pki /var/run/pki-ca.pid
/usr/share/pki /etc/ipa /var/log/ipa* reboot
Now you have a clean slate.
Do you know which step of the steps above actually
On 3/23/2015 12:10 PM, Michael Pawlak wrote:
Rob,
Thanks. Any additional eyes would be greatly apprecated.
*Michael Pawlak*
Web Systems Administrator | Colovore LLC
E: m...@colovore.com mailto:m...@colovore.com
C: 408.316.2154
http://www.colovore.com
On Mon, Mar 23, 2015 at 6:24 AM, Rob
: 408.316.2154
http://www.colovore.com
On Mon, Mar 23, 2015 at 12:14 PM, Endi Sukma Dewata edew...@redhat.com
wrote:
Hi,
Unfortunately the code doesn't log the exact cause of the problem. I need
some additional info:
1. Which platform are you using?
2. What are the versions
On 5/12/2015 1:11 PM, Nalin Dahyabhai wrote:
On Tue, May 12, 2015 at 06:39:13PM +0200, Thibaut Pouzet wrote:
There is no more this weird friendlyName :unable to print
attribute thing, but the NoSuchTokenException is still in the debug log
of pki-ca
Thank you for you answer though,
On 5/12/2015 11:39 AM, Thibaut Pouzet wrote:
There is no more this weird friendlyName :unable to print
attribute thing, but the NoSuchTokenException is still in the debug log
of pki-ca
Hi,
Could you post or email me the CS.cfg and the log files of the CA? Thanks.
--
Endi S.
On 3/11/2015 8:55 PM, Endi Sukma Dewata wrote:
On 3/11/2015 10:13 PM, Gould, Joshua wrote:
The selftests.log contradicts itself and I¹m not really sure where to
look
next. Any ideas?
There's an existing ticket about the confusing selftest messages:
https://fedorahosted.org/pki/ticket/1249
On 4/1/2015 2:29 AM, Martin Kosek wrote:
On 03/31/2015 07:58 PM, Dmitri Pal wrote:
On 03/31/2015 01:54 PM, Markus Roth wrote:
Hi all,
I want setup freeipa 4.1.3 on a fresh installed fedora 21.
The ipa-server-install shows the following output:
...
Done configuring directory server
On 4/1/2015 4:29 PM, Markus Roth wrote:
Am Mittwoch, 1. April 2015, 16:04:54 schrieben Sie:
On 4/1/2015 11:56 AM, Endi Sukma Dewata wrote:
On 03/31/2015 01:54 PM, Markus Roth wrote:
Hi all,
I want setup freeipa 4.1.3 on a fresh installed fedora 21.
The ipa-server-install shows
On 4/1/2015 11:56 AM, Endi Sukma Dewata wrote:
On 03/31/2015 01:54 PM, Markus Roth wrote:
Hi all,
I want setup freeipa 4.1.3 on a fresh installed fedora 21.
The ipa-server-install shows the following output:
...
Done configuring directory server (dirsrv).
Configuring certificate server
On 5/19/2015 3:54 AM, Thibaut Pouzet wrote:
Hi,
It appeared that the NSS DB had fips enabled due to the troubleshooting
of an old problem :
# modutil -dbdir /var/lib/pki-ca/alias/ -list
Listing of PKCS #11 Modules
---
1. NSS Internal
Hi,
If you're cloning from an IPA running on RHEL/CentOS 6 with CA signed by
another CA you are likely hitting this issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1291747
The bug has been fixed in this package: pki-ca-9.0.3-45. You'll need to install
it on the master, then restart the
On 1/28/2016 2:45 PM, Endi Sukma Dewata wrote:
Hi,
If you're cloning from an IPA running on RHEL/CentOS 6 with CA signed by
another CA you are likely hitting this issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1291747
The bug has been fixed in this package: pki-ca-9.0.3-45. You'll need
On 7/12/2016 12:17 PM, bahan w wrote:
Hello everyone.
I'm using ipa 3.0.0-47 on a RHEL6.6 OS (multi-masters).
Today I tried to restart the IPA service with the commande
###
service ipa restart
###
And I got the following warning concerning the pkica service :
###
Since the file
On 9/9/2016 8:09 AM, Petr Vobornik wrote:
On 09/09/2016 02:33 PM, Giorgos Kafataridis wrote:
Yes, I have followed
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrading.html
to the letter.
The only reason
On 9/12/2016 9:35 PM, Endi Sukma Dewata wrote:
On 9/9/2016 2:46 PM, Georgios Kafataridis wrote:
I've tried that but still the same result.
[root@ipa-server /]# ldapsearch -D "cn=directory manager" -W -p 389 -h
localhost -b "uid=admin,ou=people,o=ipaca"
Enter LDAP Passw
On 9/9/2016 2:46 PM, Georgios Kafataridis wrote:
I've tried that but still the same result.
[root@ipa-server /]# ldapsearch -D "cn=directory manager" -W -p 389 -h
localhost -b "uid=admin,ou=people,o=ipaca"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base
24 matches
Mail list logo