Description of problem: Noticed this in my freeipa's dc log. It tries to run every minute or so and it fails Version-Release number of selected component: freeipa-server-dns-4.9.10-3.fc36 Additional info: reporter: libreport-2.17.1 cgroup: 0::/system.slice/ipa-dnskeysyncd.service cmdline: /usr/bin/python3 -I /usr/libexec/ipa/ipa-dnskeysyncd crash_function: run exception_type: ipapython.ipautil.CalledProcessError executable: /usr/libexec/ipa/ipa-dnskeysyncd interpreter: python3-3.10.6-1.fc36.x86_64 kernel: 5.18.16-200.fc36.x86_64 runlevel: N 3 type: Python3 uid: 996 Truncated backtrace: #1 [/usr/lib/python3.10/site-packages/ipapython/ipautil.py:599] run #2 [/usr/lib/python3.10/site-packages/ipaserver/dnssec/bindmgr.py:146] install_key #3 [/usr/lib/python3.10/site-packages/ipaserver/dnssec/bindmgr.py:205] sync_zone #4 [/usr/lib/python3.10/site-packages/ipaserver/dnssec/bindmgr.py:232] sync #5 [/usr/lib/python3.10/site-packages/ipaserver/dnssec/keysyncer.py:128] syncrepl_refreshdone #6 [/usr/lib64/python3.10/site-packages/ldap/syncrepl.py:464] syncrepl_poll #7 [/usr/libexec/ipa/ipa-dnskeysyncd:130] <module>
Created attachment 1904890 [details] File: backtrace
Created attachment 1904891 [details] File: cpuinfo
Created attachment 1904892 [details] File: environ
Created attachment 1904893 [details] File: mountinfo
Created attachment 1904894 [details] File: namespaces
Created attachment 1904895 [details] File: open_fds
Hi, thanks for your BZ report. Based on the journal backtrace (dnssec-keyfromlabel: warning: ENGINE_load_private_key failed (not found)\ndnssec-keyfromlabel: fatal: failed to get key <domain removed>/RSASHA256: not found\n'), it can be closed as a duplicate of BZ #2115865. There is already an update of openssl-pkcs11 (FEDORA-2022-2f6e9a0b6c has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-2f6e9a0b6c) that contains a fix. Can you try to update and confirm it properly solves your issue? *** This bug has been marked as a duplicate of bug 2115865 ***