[Freeipa-devel] Integration of dogtag10

Ade Lee alee at redhat.com
Wed Sep 19 14:18:47 UTC 2012 

Its a bug.  Basically, the d10 instance is trying to get an installation
token from the security domain, using a new restful interface.  This, on
a dogtag 9 instance, results in a 404.

We need to change the d10 code to fall back to the old interface in case
the new one does not work.  
https://fedorahosted.org/pki/ticket/334 has been created on dogtag trac,

Ade

On Wed, 2012-09-19 at 13:58 +0200, Martin Kosek wrote:
> Hello Ade,
> 
> I am continuing a testing of integration of dogtag10 + ipa 3.0 on Fedora 18.
> After defining the missing apache-commons-codec.jar link + permissive SELinux,
> clean IPA installation + cert operations works fine. I just hit an issue when
> installing an F18+dogtag10 replica for a F17+dogtag9 master.
> 
> Is this scenario still unsupported or is it a bug?
> 
> (I am moving the whole dogtag10 development discussion outside of the previous
> long thread since your and pviktori's patches have been accepted and pushed).
> 
> ipa-replica-install output:
> 
> # ipa-replica-install -p Secret123 -w Secret123 --setup-ca
> ~/replica-info-vm-021.idm.lab.bos.redhat.com.gpg
> Run connection check to master
> Check connection from replica to remote master 'vm-086.idm.lab.bos.redhat.com':
> ...
> 
> Connection from master to replica is OK.
> 
> Connection check OK
> Configuring ntpd
>   [1/4]: stopping ntpd
>   [2/4]: writing configuration
>   [3/4]: configuring ntpd to start on boot
>   [4/4]: starting ntpd
> done configuring ntpd.
> Configuring directory server for the CA: Estimated time 30 seconds
>   [1/3]: creating directory server user
>   [2/3]: creating directory server instance
>   [3/3]: restarting directory server
> done configuring pkids.
> Configuring certificate server: Estimated time 3 minutes 30 seconds
>   [1/15]: creating certificate server user
>   [2/15]: configuring certificate server instance
> 
> Your system may be partly configured.
> Run /usr/sbin/ipa-server-install --uninstall to clean up.
> 
> Unexpected error - see /var/log/ipareplica-install.log for details:
> IOError: [Errno 2] No such file or directory:
> '/var/lib/pki/pki-tomcat/alias/ca_backup_keys.p12'
> 
> 
> ipa+pki logs attached.
> 
> Thanks,
> Martin

More information about the Freeipa-devel mailing list