Previously, the Network Security Services (NSS) library was not successfully shut down because several certificate objects that were created by using the NSS library were not properly dereferenced. A subsequent initialization of the NSS library in another part of the installer previously failed because the library was not cleaned. As a consequence, the user was prevented from installing an IdM server with a CA certificate signed by an external authority. A patch has been backported to fix this bug, and the installation of an IdM server with a CA certificate signed by an external authority no longer fails.
Fix is seen as there is no NSS error seen while doing ipa-server-install using external CA.
ipa-admintools-3.0.0-47.el6_7.1.x86_64
ipa-debuginfo-3.0.0-47.el6_7.1.x86_64
ipa-client-3.0.0-47.el6_7.1.x86_64
ipa-server-3.0.0-47.el6_7.1.x86_64
ipa-server-trust-ad-3.0.0-47.el6_7.1.x86_64
ipa-python-3.0.0-47.el6_7.1.x86_64
ipa-server-selinux-3.0.0-47.el6_7.1.x86_64
samba4-python-4.0.0-66.el6_6.rc4.x86_64
samba4-libs-4.0.0-66.el6_6.rc4.x86_64
samba4-common-4.0.0-66.el6_6.rc4.x86_64
samba4-winbind-4.0.0-66.el6_6.rc4.x86_64
samba4-4.0.0-66.el6_6.rc4.x86_64
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://rhn.redhat.com/errata/RHBA-2015-2634.html