I am installing on Docker for MacOS. During initial install, it reaches step
[1/30]: configuring certificate server instance when it shows the error.
I looked in the /data/var/log/ipaserver-install.log and it looks like
everything is OK until it hits the errors below. Any ideas what could cause
this?
FINE: NSSDatabase: Issuing cert for CN=freeipa.mydomain.cloud,O=2023-06-25
23:40:10
FINE: NSSDatabase: - issuer: CN=freeipa.mydomain.cloud,O=2023-06-25 23:40:10
FINE: NSSDatabase: - public key algorithm: RSA
FINE: NSSDatabase: - serial number: 0x79a6edffa89c946d7cb055c19b4befa4
FINE: NSSDatabase: - not before: Sun Jun 25 23:42:17 UTC 2023
FINE: NSSDatabase: - not after: Mon Sep 25 23:42:17 UTC 2023
FINE: NSSDatabase: - hash algorithm: SHA256
FINE: NSSDatabase: - key algorithm: SHA256withRSA
FINE: NSSDatabase: Finding request private key
FINE: NSSDatabase: - private key: 0xdbb9f417bd81a12aa00c1b20227c91a6b2ccefd6
FINE: NSSDatabase: Private key algorithm: RSA
FINE: NSSDatabase: Signing algorithm: SHA256withRSA
FINE: CryptoUtil: Signing certificate
FINE: CryptoUtil: - signing algorithm: RSASignatureWithSHA256Digest
FINE: CryptoUtil: - algorithm name: SHA256withRSA
FINE: CryptoUtil: - algorithm ID: SHA256withRSA
DEBUG: NSSDatabase.add_cert(temp Server-Cert cert-pki-ca)
DEBUG: Command: pki -d /etc/pki/pki-tomcat/alias -C
/tmp/tmp5y2f9zop/XXXXXXXX.txt nss-cert-import --cert
/tmp/tmp_tmyllsd/sslserver.crt --debug temp Server-Cert cert-pki-ca
INFO: Initializing NSS
INFO: Logging into internal token
INFO: Using internal token
java.nio.file.AccessDeniedException: /tmp/nss-cert-11721189233651257758.crt
at
java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
at
java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
at
java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
at
java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:218)
at java.base/java.nio.file.Files.newByteChannel(Files.java:380)
at java.base/java.nio.file.Files.createFile(Files.java:658)
at
java.base/java.nio.file.TempFileHelper.create(TempFileHelper.java:136)
at
java.base/java.nio.file.TempFileHelper.createTempFile(TempFileHelper.java:159)
at java.base/java.nio.file.Files.createTempFile(Files.java:923)
at org.dogtagpki.nss.NSSDatabase.addCertificate(NSSDatabase.java:342)
at
com.netscape.cmstools.nss.NSSCertImportCLI.execute(NSSCertImportCLI.java:104)
at org.dogtagpki.cli.CommandCLI.execute(CommandCLI.java:58)
at org.dogtagpki.cli.CLI.execute(CLI.java:353)
at org.dogtagpki.cli.CLI.execute(CLI.java:353)
at org.dogtagpki.cli.CLI.execute(CLI.java:353)
at com.netscape.cmstools.cli.MainCLI.execute(MainCLI.java:658)
at com.netscape.cmstools.cli.MainCLI.main(MainCLI.java:697)
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
