Bug 947889

Summary: RHEL 5.9 client Cannot obtain CA certificate
Product: Red Hat Enterprise Linux 6 Reporter: Rob Crittenden <rcritten>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED DUPLICATE QA Contact: Namita Soman <nsoman>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: francesco.trentini, mkosek
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-04-22 08:40:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rob Crittenden 2013-04-03 13:40:54 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3457

ipa-client-2.1.3-5.el5_9.2

{{{
ipa         : ERROR    Cannot obtain CA certificate
 'ldap://ipa1.example.com' doesn't have a certificate.
 Installation failed. Rolling back changes.
 IPA client is not configured on this system.
}}}

Current workaround is:

wget -O /etc/ipa/ca.crthttp://ipa1.example.com/ipa/config/ca.crt

ipa-client-install --no-ntp --mkhomedir --ca-cert-file=/etc/ipa/ca.crt
Comment 3 Martin Kosek 2013-04-22 08:40:08 UTC 
I just discovered a RHEL-6.5 bug (Bug 948928) for the double encoded certificate issue. This should fix the RHEL-5.9 client issue (Bug 915504).

Marking as a dup of 948928.

*** This bug has been marked as a duplicate of bug 948928 ***