Alexander Vyrlanovich via FreeIPA-users wrote: > I have exactly the same issue on CentOS 9 Stream after an unsuccessful update. > > I came to the conclusion that PKI and his REST API does not work correctly, > although the tomcat process is running. > Some additional details: when I am trying to access > https://myipahost.com/ca/rest/account/login apache log following errors in > /var/log/httpd/error.log: > > [Fri Jan 31 14:23:33.287276 2025] [ssl:error] [pid 170701:tid 170746] [client > xxx.xxx.xxx.xxx:5412] AH10158: cannot perform post-handshake authentication > [Fri Jan 31 14:23:33.287359 2025] [ssl:error] [pid 170701:tid 170746] SSL > Library Error: error:0A000117:SSL routines::extension not received
This may be related to the client trying to authenticate but there is no application to authenticate with (404). > When I am trying to access https://myipahost.com:8443/pki/ui/ browser give me > "ERROR: [object Object]" We need to see full logs, not snippets to understand what is happening. I believe the CA was not deployed by tomcat given the 404's. The pki debug log + journal may be able to provide information on the failure. rob -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
