Bug 1410760

Summary: ipa-ca-install fails on replica when IPA Master is installed without CA
Product: Red Hat Enterprise Linux 7 Reporter: Jaroslav Reznik <jreznik>
Component: ipaAssignee: IPA Maintainers <ipa-maint>
Status: CLOSED ERRATA QA Contact: Kaleem <ksiddiqu>
Severity: high Docs Contact: Marc Muehlfeld <mmuehlfe>
Priority: high    
Version: 7.3CC: akasurde, ftweedal, ipa-maint, jcholast, jreznik, kludhwan, mbasti, msauton, pparsons, pvoborni, rcritten, tkrizek, tscherf
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-4.4.0-14.el7_3.5 Doc Type: Bug Fix
Doc Text:
Previously, during an Identity Management (IdM) replica installation that runs on domain level "1" or higher, Directory Server was not configured to use TLS encryption. As a consequence, installing a certificate authority (CA) on that replica failed. Directory Server is now configured to use TLS encryption during the replica installation and as a result, the CA installation works as expected.
 Story Points: ---
Clone Of: 1365858 Environment:
Last Closed: 2017-03-02 17:25:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1365858    
Bug Blocks:    
Attachments:
Description Flags
console.log none

Description Jaroslav Reznik 2017-01-06 11:59:22 UTC 
This bug has been copied from bug #1365858 and has been proposed
to be backported to 7.3 z-stream (EUS).
Comment 3 Petr Vobornik 2017-01-06 17:42:02 UTC 
Fixed upstream
ipa-4-4:
https://fedorahosted.org/freeipa/changeset/cdb6ffb779b7e1e563494eb3234b2441ba74d692
Comment 5 Abhijeet Kasurde 2017-02-01 16:10:46 UTC 
Created attachment 1246712 [details]
console.log
Comment 6 Abhijeet Kasurde 2017-02-01 16:12:06 UTC 
Verified using IPA version::
ipa-server-4.4.0-14.el7_3.6.x86_64

Marking BZ as verified, please see attachment for console.log.
Comment 14 errata-xmlrpc 2017-03-02 17:25:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0388.html