Description of problem: Version-Release number of selected component (if applicable): ipa-server-1.91-0.2010121421gitcec6703.fc14.x86_64 389-ds-base-1.2.7.4-1.fc14.x86_64 pki-ca-1.3.6-1.fc14.noarch How reproducible: Always Steps to Reproduce: 1. Run ipa-server-install (command used "ipa-server-install --hostname=gsrf14ipas.lab.eng.pnq.redhat.com -r LAB.ENG.PNQ.REDHAT.COM -n lab.eng.pnq.redhat.com -p Secret123 -P Secret123 -a Secret123 -u admin -U --no-ntp") 2. 3. Actual results: # ipa-server-install --hostname=gsrf14ipas.lab.eng.pnq.redhat.com -r LAB.ENG.PNQ.REDHAT.COM -n lab.eng.pnq.redhat.com -p Secret123 -P Secret123 -a Secret123 -u admin -U --no-ntp The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will set up the FreeIPA Server. This includes: * Create and configure an instance of Directory Server * Create and configure a Kerberos Key Distribution Center (KDC) * Configure Apache (httpd) Excluded by options: * Configure the Network Time Daemon (ntpd) To accept the default shown in brackets, press the Enter key. The IPA Master Server will be configured with Hostname: gsrf14ipas.lab.eng.pnq.redhat.com IP address: 10.65.201.180 Domain name: lab.eng.pnq.redhat.com Configuring directory server for the CA: Estimated time 30 minutes [1/3]: creating directory server user [2/3]: creating directory server instance [3/3]: restarting directory server done configuring pkids. Configuring certificate server: Estimated time 36 minutes [1/16]: creating certificate server user [2/16]: creating pki-ca instance [3/16]: restarting certificate server [4/16]: configuring certificate server instance [5/16]: restarting certificate server [6/16]: creating CA agent PKCS#12 file in /root [7/16]: creating RA agent certificate database [8/16]: importing CA chain to RA certificate database Unexpected error - see ipaserver-install.log for details: Unable to retrieve CA chain: request failed with HTTP status 500 Expected results: Successful setup of IPA with no error messages. Additional info:
Created attachment 468861 [details] ipaserver-install.log
This is the cause: https://fedorahosted.org/freeipa/ticket/320 You will find instructions on how to fix it temporarily until dogtag is fixed in F14.