Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 432904 - ipa-replica-install fails
ipa-replica-install fails
Product: freeIPA
Classification: Retired
Component: ipa-server (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Rob Crittenden
Chandrasekar Kannan
Depends On:
Blocks: freeipa10 429034
  Show dependency treegraph
Reported: 2008-02-14 20:13 EST by Rob Crittenden
Modified: 2015-01-04 18:30 EST (History)
2 users (show)

See Also:
Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-03-27 03:16:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Don't export the CA into a PKCS#12 on replicas (3.43 KB, patch)
2008-02-14 20:40 EST, Rob Crittenden
no flags Details | Diff

  None (edit)
Description Rob Crittenden 2008-02-14 20:13:31 EST
Description of problem as reported by Yi:

Replica creation does not work for me.

Version-Release number of selected component (if applicable):


How reproducible:

Every time

Steps to Reproduce:
1. on ipaserver host, do "ipa-replica-prepare" --> success
2. copy the file "replica-info-IPAQA.COM" on host "ipaserver" to host
"ipareplica"  --> success
3. on ipareplica host, do "ipa-replica-install replica-info-IPAQA.COM" --> failed
Actual results:

[root@ipareplica ~]# ipa-replica-install replica-info-IPAQA.COM
Directory Manager (existing master) password:
Password (confirm):

Configuring directory server:
 [1/16]: creating directory server user
 [2/16]: creating directory server instance
 [3/16]: adding default schema
 [4/16]: enabling memberof plugin
 [5/16]: enabling referential integrity plugin
 [6/16]: enabling distributed numeric assignment plugin
 [7/16]: creating indices
 [8/16]: configuring ssl for ds instance
creation of replica failed: Command '/usr/bin/pk12util -d
/etc/dirsrv/slapd-IPAQA-COM/ -o /etc/dirsrv/slapd-IPAQA-COM//cacert.p12 -n CA
certificate -w /etc/dirsrv/slapd-IPAQA-COM//pwdfile.txt -k
/etc/dirsrv/slapd-IPAQA-COM//pwdfile.txt' returned non-zero exit status 24
Comment 1 Rob Crittenden 2008-02-14 20:40:20 EST
Created attachment 294960 [details]
Don't export the CA into a PKCS#12 on replicas

Don't create a backup of the PKCS#12 cert on replicas
Name the file created by ipa-replica-prepare after the FQDN of the target
Comment 2 Rob Crittenden 2008-02-14 20:42:20 EST
Committed as changeset 641
Comment 3 Yi Zhang 2008-04-03 14:21:03 EDT
qa verified, bug closed
build used: 4-3-2008 daily build

Note You need to log in before you can comment on or make changes to this bug.