Bug 1292099 - --setup-dns is forgotten for using an external PKI
--setup-dns is forgotten for using an external PKI
Product: Fedora
Classification: Fedora
Component: freeipa (Show other bugs)
x86_64 Linux
unspecified Severity medium
: ---
: ---
Assigned To: David Kupka
Fedora Extras Quality Assurance
: 1292042 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2015-12-16 08:17 EST by hdunkel
Modified: 2016-03-31 20:27 EDT (History)
9 users (show)

See Also:
Fixed In Version: freeipa-4.2.4-1.fc23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-03-31 20:27:31 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description hdunkel 2015-12-16 08:17:35 EST
If I run

	ipa-server-install -n example.com -r EXAMPLE.COM --external-ca --subject="O=example AG,C=DE" --setup-dns --forwarder ...

then it asks me get signed certificates and to run ipa-server-install again. Quote:

	The next step is to get /root/ipa.csr signed by your CA and re-run /usr/sbin/ipa-server-install as:
	/usr/sbin/ipa-server-install --external-cert-file=/path/to/signed_certificate --external-cert-file=/path/to/external_ca_certificate

If I do, then DNS is not setup. I have to add the DNS specific options again. This is highly misleading. ipa-server-install should show *all* necessary command line arguments to complete the second step, according to step 1.

Unfortunately the log file is gone. Did you know that ipa-server-install overwrites its own logfiles?
Comment 1 Petr Vobornik 2015-12-17 06:11:18 EST
This is a regression in 4.2.
Comment 2 Petr Vobornik 2015-12-17 06:13:20 EST
Upstream ticket:
Comment 4 Petr Vobornik 2016-01-07 09:51:39 EST
*** Bug 1292042 has been marked as a duplicate of this bug. ***
Comment 5 Jan Kurik 2016-02-24 10:37:55 EST
This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle.
Changing version to '24'.

More information and reason for this action is here:
Comment 6 Fedora Update System 2016-03-21 11:23:03 EDT
freeipa-4.2.4-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb0ac4420c
Comment 7 Fedora Update System 2016-03-22 11:22:31 EDT
freeipa-4.2.4-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb0ac4420c
Comment 8 Fedora Update System 2016-03-31 20:27:27 EDT
freeipa-4.2.4-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.