Red Hat Bugzilla – Bug 1292099
--setup-dns is forgotten for using an external PKI
Last modified: 2016-03-31 20:27:31 EDT
If I run
ipa-server-install -n example.com -r EXAMPLE.COM --external-ca --subject="O=example AG,C=DE" --setup-dns --forwarder ...
then it asks me get signed certificates and to run ipa-server-install again. Quote:
The next step is to get /root/ipa.csr signed by your CA and re-run /usr/sbin/ipa-server-install as:
/usr/sbin/ipa-server-install --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate
If I do, then DNS is not setup. I have to add the DNS specific options again. This is highly misleading. ipa-server-install should show *all* necessary command line arguments to complete the second step, according to step 1.
Unfortunately the log file is gone. Did you know that ipa-server-install overwrites its own logfiles?
This is a regression in 4.2.
*** Bug 1292042 has been marked as a duplicate of this bug. ***
This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle.
Changing version to '24'.
More information and reason for this action is here:
freeipa-4.2.4-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb0ac4420c
freeipa-4.2.4-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb0ac4420c
freeipa-4.2.4-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.