alexey safonov via FreeIPA-users wrote: > what is the current status of that issue? since Rocky 9.6 was released > is it safe to update from 9.5?
dogtag has this fixed upstream but it isn't in any RHEL release yet. You can look at your configuration. If you lack rewrite.config then you can follow the steps to configure it prior to upgrading. This is a permanent fix. If the file is there then you should be fine upgrading with no intervention. NOTE: this is a per-server configuration so its possible that one server in a cluster is fine and the others need the configuration. rob > > вт, 27 мая 2025 г. в 21:45, Rob Crittenden via FreeIPA-users > <[email protected]>: >> >> Günther J. Niederwimmer via FreeIPA-users wrote: >>> Hello, >>> >>> Am Montag, 26. Mai 2025, 10:14:09 Mitteleuropäische Sommerzeit schrieb >>> Florence Blanc-Renaud via FreeIPA-users: >>>> Hi, >>>> >>>> On Fri, May 23, 2025 at 6:29 PM Günther J. Niederwimmer via FreeIPA-users < >>>> >>>> [email protected]> wrote: >>>>> Hallo Liste, >>>>> >>>>> I'm running Oracle 9.5, but since updating to 9.6, FreeIPA hasn't worked >>>>> anymore. The replica server survived the upgrade. I've tried it three >>>>> times >>>>> now, restoring a backup and updating to 9.6, with the same result. The IPA >>>>> server is the older installation, around 9.2. >>>>> >>>>> How can I fix this? Any help is appreciated. >>>> >>>> Which component is failing? If it's the PKI Certificate server you may be >>>> hitting this issue: >>>> https://bugzilla.redhat.com/show_bug.cgi?id=2350322 >>>> https://issues.redhat.com/browse/RHEL-88370 >>> >>> ipactl status >>> Directory Service: RUNNING >>> krb5kdc Service: STOPPED >>> kadmin Service: STOPPED >>> httpd Service: RUNNING >>> ipa-custodia Service: STOPPED >>> pki-tomcatd Service: RUNNING >>> ipa-otpd Service: STOPPED >> >> I'd recommend running: ipactl restart --skip-version-check >> >> Then look to see what services are running. If only pki-tomcatd isn't >> running then it's like you've run into the bug Flo mentioned. >> >>> When I change this to the Bugreports I have a Broken LDAP Database ? >> >> I don't understand. Any changes in the BZ would only affect pki-tomcat. >> >>> >>> In the Moment I stopped the Update/Upgrade on this Server is not the best >>> :-( >> >> The upgrade is likely failing because of the bug. The missing >> configuration file is causing the CA to properly redirect requests hence >> the 404. >> >>> >>> Can I change the Replica to a Master and then install the old Master NEW? >> >> Sure. Look in the documentation for promoting a server. There are a >> number of steps you'll need to take. >> >> rob >> >>> >>>> Other users implemented the workaround described in this comment >>>> <https://bugzilla.redhat.com/show_bug.cgi?id=2350322#c3> and managed to >>>> have IPA start. >>>> HTH, >>>> flo >>>> >>>>> mit freundlichen Grüßen / best regards >>>>> >>>>> Günther J. Niederwimmer >>>>> >>>>> -- >>>>> _______________________________________________ >>>>> FreeIPA-users mailing list -- [email protected] >>>>> To unsubscribe send an email to [email protected] >>>>> Fedora Code of Conduct: >>>>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >>>>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >>>>> List Archives: >>>>> https://lists.fedorahosted.org/archives/list/[email protected] >>>>> ted.org Do not reply to spam, report it: >>>>> https://pagure.io/fedora-infrastructure/new_issue >>> >>> >> >> -- >> _______________________________________________ >> FreeIPA-users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedorahosted.org/archives/list/[email protected] >> Do not reply to spam, report it: >> https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
