Description of problem: I have a client facing this upstream bug when trying to deploy overcloud with SSL everywhere: https://bugs.launchpad.net/tripleo/+bug/1811207 "Warning: tag is a metaparam; this value will inherit to all contained resources in the tripleo::firewall::rule definition", "Warning: Could not get certificate: Execution of '/usr/bin/getcert request -I httpd-management -f /etc/pki/tls/certs/httpd/httpd-management.crt -c IPA -N CN= -K HTTP/ -D -C \"pkill -USR1 httpd\" -w -k /etc/pki/tls/private/httpd/httpd-management.key' returned 2: New signing request \"httpd-management\" added.", "Error: /Stage[main]/Tripleo::Profile::Base::Certmonger_user/Tripleo::Certmonger::Httpd[httpd-management]/Certmonger_certificate[httpd-management]: Could not evaluate: Could not get certificate: Server at https://kvm.triliodata.demo/ipa/xml denied our request, giving up: 3007 (RPC failed at server. 'fqdn' is required).", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/Exec[tripleo-ca-crl]: Skipping because of failed dependencies", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/File[tripleo-ca-crl-file]: Skipping because of failed dependencies", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/Exec[tripleo-ca-crl-process-command]: Skipping because of failed dependencies", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/Cron[tripleo-refresh-crl-file]: Skipping because of failed dependencies" Could this be pull downstream ? Version-Release number of selected component (if applicable): puppet-tripleo-8.3.6-15.el7ost.noarch How reproducible: Unknown Steps to Reproduce: 1. Deploy with SSL everywhere 2. 3. Actual results: Fails with the error "Warning: tag is a metaparam; this value will inherit to all contained resources in the tripleo::firewall::rule definition", "Warning: Could not get certificate: Execution of '/usr/bin/getcert request -I httpd-management -f /etc/pki/tls/certs/httpd/httpd-management.crt -c IPA -N CN= -K HTTP/ -D -C \"pkill -USR1 httpd\" -w -k /etc/pki/tls/private/httpd/httpd-management.key' returned 2: New signing request \"httpd-management\" added.", "Error: /Stage[main]/Tripleo::Profile::Base::Certmonger_user/Tripleo::Certmonger::Httpd[httpd-management]/Certmonger_certificate[httpd-management]: Could not evaluate: Could not get certificate: Server at https://kvm.triliodata.demo/ipa/xml denied our request, giving up: 3007 (RPC failed at server. 'fqdn' is required).", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/Exec[tripleo-ca-crl]: Skipping because of failed dependencies", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/File[tripleo-ca-crl-file]: Skipping because of failed dependencies", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/Exec[tripleo-ca-crl-process-command]: Skipping because of failed dependencies", "Warning: /Stage[main]/Tripleo::Certmonger::Ca::Crl/Cron[tripleo-refresh-crl-file]: Skipping because of failed dependencies" Expected results: Goes beyond that part. Additional info:
Sorry it seem it was backported after all. BZ 1643423 Closing BZ
*** This bug has been marked as a duplicate of bug 1643423 ***