The ipv6 wasnt "right" I guess. I have added the host's name into that line.....will retry.
regards ________________________________________ From: Rob Crittenden [[email protected]] Sent: Wednesday, 30 March 2011 8:43 a.m. To: Steven Jones Cc: Martin Kosek; [email protected] Subject: Re: [Freeipa-users] replica install failure.... Steven Jones wrote: > Hi, > > This is F14, guess you missed the hostnames... It is not safe to assume based on hostname which is why I also asked. Your problem is this: Unable to Send Request:java.net.NoRouteToHostException: No route to host java.net.NoRouteToHostException: No route to host It looks to be resolving to a very strange reverse, :-1? Posting Query = https://fed14-64-ipam002.ipa.ac.nz:9445//ca/admin/console/config/wizard?p=4&op=next&xml=true RESPONSE STATUS: HTTP/1.1 302 Moved Temporarily RESPONSE HEADER: Server: Apache-Coyote/1.1 RESPONSE HEADER: Location: https://:-1/ Can you double-check that /etc/hosts is set up correctly? thanks rob > > regards > > > ________________________________________ > From: [email protected] [[email protected]] on > behalf of Martin Kosek [[email protected]] > Sent: Tuesday, 29 March 2011 9:09 p.m. > To: [email protected] > Subject: Re: [Freeipa-users] replica install failure.... > > On Mon, 2011-03-28 at 23:45 +0000, Steven Jones wrote: >> Just tried to make a replica and the install failed with, >> >> [4/11]: configuring certificate server instance >> root : CRITICAL failed to configure ca instance Command >> '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname >> fed14-64-ipam002.ipa.ac.nz -cs_port 9445 -client_certdb_dir /tmp/tmp-r_2iHV >> -client_certdb_pwd 'XXXXXXXX' -preop_pin nnARxLnIWvR9Aw1RYjRn -domain_name >> IPA -admin_user admin -admin_email root@localhost -admin_password 'XXXXXXXX' >> -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa >> -agent_cert_subject "CN=ipa-ca-agent,O=IPA.AC.NZ" -ldap_host >> fed14-64-ipam002.ipa.ac.nz -ldap_port 7389 -bind_dn "cn=Directory Manager" >> -bind_password 'XXXXXXXX' -base_dn o=ipaca -db_name ipaca -key_size 2048 >> -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd >> 'XXXXXXXX' -subsystem_name pki-cad -token_name internal >> -ca_subsystem_cert_subject_name "CN=CA Subsystem,O=IPA.AC.NZ" >> -ca_ocsp_cert_subject_name "CN=OCSP Subsystem,O=IPA.AC.NZ" >> -ca_server_cert_subject_name "CN=fed14-64-ipam002.ipa.ac.nz,O=IPA.AC.NZ" >> -ca_audit_signing_cert_subject_name "CN=CA ! > A! >> udit,O=IPA.AC.NZ" -ca_sign_cert_subject_name "CN=Certificate >> Authority,O=IPA.AC.NZ" -external false -clone true -clone_p12_file ca.p12 >> -clone_p12_password 'XXXXXXXX' -sd_hostname fed14-64-ipam001.ipa.ac.nz >> -sd_admin_port 9445 -sd_admin_name admin -sd_admin_password 'XXXXXXXX' >> -clone_start_tls true -clone_uri https://fed14-64-ipam001.ipa.ac.nz:9444' >> returned non-zero exit status 255 >> creation of replica failed: Configuration of CA failed >> >> Your system may be partly configured. >> Run /usr/sbin/ipa-server-install --uninstall to clean up. >> [root@fed14-64-ipam002 jonesst1]# >> > > Hello Steven, > > can you please send me a version of tomcat6 server on your Fedora 15 > with IPA replica? > > This is most probably a known issue which was stated in Freeipa v2 > announcement: > > [Freeipa-devel] Announcing FreeIPA v2 Server > > [snip] > Known Issues > > * The latest tomcat6 package has not been pushed to updates-testing. > You need tomcat6-6-0.30-5 or higher. The packages can be retrieved from > koji at http://koji.fedoraproject.org/koji/buildinfo?buildID=231410 . > The installation will fail restarting the CA with the current tomcat6 > package in Fedora 15. > [snip] > > > If this is your case, you may want to install the RPMs from koji or just > install them from rawhide repository. > > Regards, > Martin > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
