[Freeipa-devel] Integration of dogtag10
Ade Lee
alee at redhat.com
Wed Sep 19 14:18:47 UTC 2012
Its a bug. Basically, the d10 instance is trying to get an installation
token from the security domain, using a new restful interface. This, on
a dogtag 9 instance, results in a 404.
We need to change the d10 code to fall back to the old interface in case
the new one does not work.
https://fedorahosted.org/pki/ticket/334 has been created on dogtag trac,
Ade
On Wed, 2012-09-19 at 13:58 +0200, Martin Kosek wrote:
> Hello Ade,
>
> I am continuing a testing of integration of dogtag10 + ipa 3.0 on Fedora 18.
> After defining the missing apache-commons-codec.jar link + permissive SELinux,
> clean IPA installation + cert operations works fine. I just hit an issue when
> installing an F18+dogtag10 replica for a F17+dogtag9 master.
>
> Is this scenario still unsupported or is it a bug?
>
> (I am moving the whole dogtag10 development discussion outside of the previous
> long thread since your and pviktori's patches have been accepted and pushed).
>
> ipa-replica-install output:
>
> # ipa-replica-install -p Secret123 -w Secret123 --setup-ca
> ~/replica-info-vm-021.idm.lab.bos.redhat.com.gpg
> Run connection check to master
> Check connection from replica to remote master 'vm-086.idm.lab.bos.redhat.com':
> ...
>
> Connection from master to replica is OK.
>
> Connection check OK
> Configuring ntpd
> [1/4]: stopping ntpd
> [2/4]: writing configuration
> [3/4]: configuring ntpd to start on boot
> [4/4]: starting ntpd
> done configuring ntpd.
> Configuring directory server for the CA: Estimated time 30 seconds
> [1/3]: creating directory server user
> [2/3]: creating directory server instance
> [3/3]: restarting directory server
> done configuring pkids.
> Configuring certificate server: Estimated time 3 minutes 30 seconds
> [1/15]: creating certificate server user
> [2/15]: configuring certificate server instance
>
> Your system may be partly configured.
> Run /usr/sbin/ipa-server-install --uninstall to clean up.
>
> Unexpected error - see /var/log/ipareplica-install.log for details:
> IOError: [Errno 2] No such file or directory:
> '/var/lib/pki/pki-tomcat/alias/ca_backup_keys.p12'
>
>
> ipa+pki logs attached.
>
> Thanks,
> Martin
More information about the Freeipa-devel
mailing list