Bug 1600356
| Summary: | CA install on CAless master fails | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Kaleem <ksiddiqu> | ||||
| Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | ipa-qe <ipa-qe> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 7.6 | CC: | pvoborni, rcritten, tscherf | ||||
| Target Milestone: | rc | Keywords: | Regression | ||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2018-07-16 16:52:06 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
*** This bug has been marked as a duplicate of bug 1596161 *** |
Created attachment 1458258 [details] console output for ipa-server-install and ipa-ca-install Description of problem: While converting a CA-less master to CA Full master, ipa-ca-install fails with following error Done configuring certificate server (pki-tomcatd). Updating DNS system records Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. Error resubmitting certmonger request '20180712050250', please check the request manually [root@dhcp207-17 ~]# Version-Release number of selected component (if applicable): [root@dhcp207-17 ~]# rpm -q ipa-server pki-ca certmonger ipa-server-4.6.4-2.el7.x86_64 pki-ca-10.5.9-1.el7.noarch certmonger-0.78.4-6.el7.x86_64 [root@dhcp207-17 ~]# How reproducible: Always Steps to Reproduce: 1. Install a CA less master ipa-server-install -n testrelm.test -r TESTRELM.TEST -p Secret.123 -a Secret.123 --domain-level=1 -U --setup-dns --forwarder 10.65.201.89 --auto-reverse --http-cert-file /ipatests/server.p12 --dirsrv-cert-file /ipatests/server.p12 --ca-cert-file /ipatests/root.pem --ip-address 10.65.207.17 --no-pkinit --http-pin Secret.123 --dirsrv-pin Secret.123 2. Covert CAless master to CA Master ipa-ca-install -U -p Secret.123 -P admin -w Secret.123 Actual results: CA install fails Expected results: CA install should be successful Additional info: Following error seen for certmonger in /var/log/message Jul 12 10:35:08 dhcp207-17 systemd: Started The Apache HTTP Server. Jul 12 10:35:17 dhcp207-17 dogtag-ipa-ca-renew-agent-submit: Traceback (most recent call last):#012 File "/usr/libexec/certmonger/dogtag-ipa-ca-renew-agent-submit", line 541, in <module>#012 sys.exit(main())#012 File "/usr/libexec/certmonger/dogtag-ipa-ca-renew-agent-submit", line 502, in main#012 api.bootstrap(in_server=True, context='renew', confdir=paths.ETC_IPA)#012 File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 491, in bootstrap#012 raise errors.SystemEncodingError(encoding=fse)#012SystemEncodingError: System encoding must be UTF-8, 'ANSI_X3.4-1968' is not supported. Set LC_ALL="C.UTF-8", or LC_ALL="" and LC_CTYPE="C.UTF-8". Jul 12 10:35:17 dhcp207-17 certmonger: 2018-07-12 10:35:17 [17873] Internal error