Is it true that these "Errors" appear on an IPA server without CA role
present and can be ignored?
CRITICAL:
pki.server.healthcheck.certs.expiration.CASystemCertExpiryCheck: Invalid
PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.expiration.KRASystemCertExpiryCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.expiration.OCSPSystemCertExpiryCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.expiration.TKSSystemCertExpiryCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.expiration.TPSSystemCertExpiryCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.trustflags.CASystemCertTrustFlagCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.trustflags.KRASystemCertTrustFlagCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.trustflags.OCSPSystemCertTrustFlagCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.trustflags.TKSSystemCertTrustFlagCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.certs.trustflags.TPSSystemCertTrustFlagCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.clones.connectivity_and_data.ClonesConnectivyAndDataCheck
CRITICAL: pki.server.healthcheck.meta.csconfig.CADogtagCertsConfigCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.csconfig.KRADogtagCertsConfigCheck: Invalid
PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.csconfig.OCSPDogtagCertsConfigCheck: Invalid
PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.csconfig.TKSDogtagCertsConfigCheck: Invalid
PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.csconfig.TPSDogtagCertsConfigCheck: Invalid
PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.connectivity.DogtagCACertsConnectivityCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.connectivity.DogtagKRAConnectivityCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.connectivity.DogtagOCSPConnectivityCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.connectivity.DogtagTKSConnectivityCheck:
Invalid PKI instance: pki-tomcat
CRITICAL:
pki.server.healthcheck.meta.connectivity.DogtagTPSConnectivityCheck:
Invalid PKI instance: pki-tomcat
CRITICAL: ipahealthcheck.ipa.roles.IPACRLManagerCheck: Unable to read
/var/lib/pki/pki-tomcat/conf/ca/CS.cfg
As well as these for a disabled trust domain?
ERROR: ipahealthcheck.ipa.trust.IPATrustDomainsCheck.domain-list:
/usr/sbin/sssctl domain-list reports mismatch: sssd domains mydomain.at,
buero.mydomain.at, org.mydomain.at trust domains buero.mydomain.at,
mydomain.at, org.mydomain.at, tk.mydomain.at
ERROR: ipahealthcheck.ipa.trust.IPATrustCatalogCheck.domain-status:
Execution of domain-status failed: CalledProcessError(Command
['/usr/sbin/sssctl', 'domain-status', 'tk.mydomain.at',
'--active-server'] returned non-zero exit status 1: 'Unable to get
online status\n')
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
