[Freeipa-devel] Failed replica installation (v2)
Rob Crittenden
rcritten at redhat.com
Wed Jul 1 13:27:00 UTC 2009
Martin Nagy wrote:
> On Wed, 01 Jul 2009 08:33:36 -0400, Rob Crittenden
> <rcritten at redhat.com> wrote:
>
>> Martin Nagy wrote:
>>> I'm trying to install a replica, but the installation script fails
>>> when trying to restart the 389 server:
>>>
>>> 2009-07-01 04:11:59,777 INFO [01/Jul/2009:04:11:49 -0400] - SSL
>>> alert: CERT_VerifyCertificateNow: verify certificate failed for cert
>>> Server-Cert of family cn=RSA,cn=encryption,cn=config (Netscape
>>> Portable Runtime error -8179 - Peer's Certificate issuer is not
>>> recognized.) [01/Jul/2009:04:11:49 -0400] - SSL failure: None of
>>> the cipher are valid
>>>
>>> Is this somehow my fault or is this a bug?
>> That would be a bug. It would seem that the CA is not being imported
>> into DS either because it wasn't put into the replica file or some
>> other bug.
>
> Submitted as bug# 509111. Is there a workaround? BTW, I can
> see a ca.crt inside the replica info file.
>
> Martin
I'm firing up a second F-11 VM now to give replication a test. It worked
the last time I tried a few weeks ago so I don't know if this is another
F-11 idiosyncrasy or a generic bug.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090701/313b4b9b/attachment.bin>
More information about the Freeipa-devel
mailing list