[Bug 1769440] [NEW] freeipa server install fails - Configuring the web interface, setting up ssl

Sun, 06 May 2018 03:01:23 -0700 

Public bug reported:

Setting up FreeIPA server fails at "Configuring the web interface", step
12/21

It's in a cleanly started LXC Ubuntu Bionic container. The
ppa:freeipa/ppa is also used to get tomcat 8.5.30-1ubuntu1.2

Configuring the web interface (httpd)
  [1/21]: stopping httpd
  [2/21]: backing up ssl.conf
  [3/21]: disabling nss.conf
  [4/21]: configuring mod_ssl certificate paths
  [5/21]: setting mod_ssl protocol list to TLSv1.0 - TLSv1.2
  [6/21]: configuring mod_ssl log directory
  [7/21]: disabling mod_ssl OCSP
  [8/21]: adding URL rewriting rules
  [9/21]: configuring httpd
  [10/21]: setting up httpd keytab
  [11/21]: configuring Gssproxy
  [12/21]: setting up ssl
  [error] RuntimeError: Certificate issuance failed (CA_REJECTED)
ipapython.admintool: ERROR    Certificate issuance failed (CA_REJECTED)
ipapython.admintool: ERROR    The ipa-server-install command failed. See 
/var/log/ipaserver-install.log for more information

and in the log there is

2018-05-05T20:37:29Z DEBUG stderr=
2018-05-05T20:37:29Z DEBUG step duration: httpd configure_gssproxy 1.09 sec
2018-05-05T20:37:29Z DEBUG   [12/21]: setting up ssl
2018-05-05T20:37:33Z DEBUG certmonger request is in state 
dbus.String(u'GENERATING_KEY_PAIR', variant_level=1)
2018-05-05T20:37:38Z DEBUG certmonger request is in state 
dbus.String(u'CA_REJECTED', variant_level=1)
2018-05-05T20:37:42Z DEBUG Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line 
555, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line 
541, in run_step
    method()
  File "/usr/lib/python2.7/dist-packages/ipaserver/install/httpinstance.py", 
line 376, in __setup_ssl
    passwd_fname=key_passwd_file
  File "/usr/lib/python2.7/dist-packages/ipalib/install/certmonger.py", line 
320, in request_and_wait_for_cert
    raise RuntimeError("Certificate issuance failed ({})".format(state))
RuntimeError: Certificate issuance failed (CA_REJECTED)

2018-05-05T20:37:42Z DEBUG   [error] RuntimeError: Certificate issuance failed 
(CA_REJECTED)
2018-05-05T20:37:42Z DEBUG   File 
"/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line 174, in exec
ute
...

** Affects: freeipa (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1769440

Title:
  freeipa server install fails - Configuring the web interface, setting
  up ssl

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1769440/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to