Hi, On Thu, Aug 11, 2022 at 1:43 PM lol lol via FreeIPA-users < [email protected]> wrote:
> Yes, I have checked ports and no process is running on port 8009, tcp nor > udp. > > Restarting [email protected] takes forever and eventually > fails because of timeout. > > systemctl restart [email protected] > Job for [email protected] failed because a timeout was > exceeded. > See "systemctl status [email protected]" and "journalctl > -xe" for details. > journalctl -xe > août 11 13:31:39 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:40 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:41 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:42 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:43 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:44 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:45 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:46 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:47 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:48 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:49 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:50 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:51 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:52 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:53 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:54 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:56 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:57 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:58 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:31:59 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:00 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:01 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:02 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:03 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:04 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:05 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:06 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:07 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:08 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:09 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:10 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:11 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:12 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:13 ipa.domain.priv ipa-pki-wait-running[79555]: > ipa-pki-wait-running: Connection failed: > HTTPConnectionPool(host='ipa.domain.priv', port=8080): Max retries exceeded > with url: /ca/> > août 11 13:32:13 ipa.domain.priv systemd[1]: [email protected]: > Start-post operation timed out. Stopping. > août 11 13:32:22 ipa.domain.priv sssd_be[809]: GSSAPI client step 1 > août 11 13:32:22 ipa.domain.priv sssd_be[809]: GSSAPI client step 1 > août 11 13:32:22 ipa.domain.priv sssd_be[809]: GSSAPI client step 1 > août 11 13:32:22 ipa.domain.priv sssd_be[809]: GSSAPI client step 2 > août 11 13:33:43 ipa.domain.priv systemd[1]: [email protected]: > State 'stop-sigterm' timed out. Killing. > août 11 13:33:43 ipa.domain.priv systemd[1]: [email protected]: > Killing process 79554 (java) with signal SIGKILL. > août 11 13:33:43 ipa.domain.priv systemd[1]: [email protected]: > Main process exited, code=killed, status=9/KILL > août 11 13:33:43 ipa.domain.priv systemd[1]: [email protected]: > Failed with result 'timeout'. > -- Subject: Unit failed > -- Defined-By: systemd > -- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel > -- > -- The unit [email protected] has entered the 'failed' state > with result 'timeout'. > août 11 13:33:44 ipa.domain.priv systemd[1]: Failed to start PKI Tomcat > Server pki-tomcat. > -- Subject: L'unité (unit) [email protected] a échoué > -- Defined-By: systemd > -- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel > -- > -- L'unité (unit) [email protected] a échoué, avec le > résultat failed. > > > > > /etc/pki/pki-tomcat/server.xml contents: > > <!-- Define an AJP 1.3 Connector on port 8009 --> > <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" > address="localhost4" name="Connector1" secret="..." requiredSecret="..."/> > > And after <Engine> section there's a definition for ipv6. Secrets are the > same. > <Connector address="localhost6" name="Connector1" port="8009" > protocol="AJP/1.3" redirectPort="8443" secret="..." requiredSecret="..."/> > Which tomcat version do you have? Pre 9.0.31.0, the server.xml file needs to define the secret for the connector with "*requiredSecret=*....". WIth 9.0.31.0 and above, the server.xml file needs to define the secret with "*secret=...*". The value must match the one set in /etc/httpd/conf.d/ipa-pki-proxy.conf in the lines "ProxyPassMatch secret=..." flo > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
