Bug 432904 - ipa-replica-install fails
Summary: ipa-replica-install fails
Status: CLOSED ERRATA
Alias: None
Product: freeIPA
Classification: Retired
Component: ipa-server (Show other bugs)
(Show other bugs)
Version: 1.0
Hardware: All Linux
high
high
Target Milestone: ---
Assignee: Rob Crittenden
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: freeipa10 429034
TreeView+ depends on / blocked
 
Reported: 2008-02-15 01:13 UTC by Rob Crittenden
Modified: 2015-01-04 23:30 UTC (History)
2 users (show)

Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-03-27 07:16:54 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Don't export the CA into a PKCS#12 on replicas (3.43 KB, patch)
2008-02-15 01:40 UTC, Rob Crittenden
no flags Details | Diff

Description Rob Crittenden 2008-02-15 01:13:31 UTC
Description of problem as reported by Yi:

Replica creation does not work for me.

Version-Release number of selected component (if applicable):

ipa-server-0.99-13.638.20080213

How reproducible:

Every time

Steps to Reproduce:
1. on ipaserver host, do "ipa-replica-prepare" --> success
2. copy the file "replica-info-IPAQA.COM" on host "ipaserver" to host
"ipareplica"  --> success
3. on ipareplica host, do "ipa-replica-install replica-info-IPAQA.COM" --> failed
  
Actual results:

[root@ipareplica ~]# ipa-replica-install replica-info-IPAQA.COM
Directory Manager (existing master) password:
Password (confirm):

Configuring directory server:
 [1/16]: creating directory server user
 [2/16]: creating directory server instance
 [3/16]: adding default schema
 [4/16]: enabling memberof plugin
 [5/16]: enabling referential integrity plugin
 [6/16]: enabling distributed numeric assignment plugin
 [7/16]: creating indices
 [8/16]: configuring ssl for ds instance
creation of replica failed: Command '/usr/bin/pk12util -d
/etc/dirsrv/slapd-IPAQA-COM/ -o /etc/dirsrv/slapd-IPAQA-COM//cacert.p12 -n CA
certificate -w /etc/dirsrv/slapd-IPAQA-COM//pwdfile.txt -k
/etc/dirsrv/slapd-IPAQA-COM//pwdfile.txt' returned non-zero exit status 24

Comment 1 Rob Crittenden 2008-02-15 01:40:20 UTC
Created attachment 294960 [details]
Don't export the CA into a PKCS#12 on replicas

Don't create a backup of the PKCS#12 cert on replicas
Name the file created by ipa-replica-prepare after the FQDN of the target

Comment 2 Rob Crittenden 2008-02-15 01:42:20 UTC
Committed as changeset 641

Comment 3 Yi Zhang 2008-04-03 18:21:03 UTC
qa verified, bug closed
build used: 4-3-2008 daily build


Note You need to log in before you can comment on or make changes to this bug.