-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 01/01/2013 11:42 PM, Rob Crittenden wrote: > Dale Macartney wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> >> On 12/29/2012 06:38 PM, Rob Crittenden wrote: >>> Dale Macartney wrote: >>>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Afternoon all >>>> >>>> using Fedora 18 Beta and attempting to install FreeIPA 3.1 >>>> >>>> when running through the install of "ipa-server-install --setup-dns" I >>>> end up with a failure with the below output >>>> >>>> >>>> [root@ds01 ~]# ipa-server-install --setup-dns >>>> ..... >>>> ..... >>>> Done configuring directory server (dirsrv). >>>> Configuring certificate server (pki-tomcatd): Estimated time 3 minutes >>>> 30 seconds >>>> [1/20]: creating certificate server user >>>> [2/20]: configuring certificate server instance >>>> [3/20]: disabling nonces >>>> [4/20]: creating RA agent certificate database >>>> [5/20]: importing CA chain to RA certificate database >>>> [6/20]: fixing RA database permissions >>>> [7/20]: setting up signing cert profile >>>> [8/20]: set up CRL publishing >>>> [9/20]: set certificate subject base >>>> [10/20]: enabling Subject Key Identifier >>>> [11/20]: enabling CRL and OCSP extensions for certificates >>>> [12/20]: setting audit signing renewal to 2 years >>>> [13/20]: configuring certificate server to start on boot >>>> [14/20]: restarting certificate server >>>> [15/20]: requesting RA certificate from CA >>>> [16/20]: issuing RA agent certificate >>>> Unexpected error - see /var/log/ipaserver-install.log for details: >>>> CalledProcessError: Command '/usr/bin/sslget -v -n ipa-ca-agent -p >>>> XXXXXXXX -d /tmp/tmp-kUFAyN -r /ca/agent/ca/profileReview?requestId=7 >>>> ds01.domain.com:8443' returned non-zero exit status 6 >>>> >>>> >>>> there is absolutely nothing in any logs at all apart from a few selinux >>>> audit logs (system running in permissive mode). >>>> >>>> Any thoughts? >>> >>> This usually means a problem with DNS. >> Hmm... normally I set a dns forwarder of 10.0.0.254... This time I tried >> it with no forwarder at all... Same error occurs... > > Not really sure. The errors out of sslget are not particularly helpful. > > I'd check /etc/hosts to be sure it is sane, and perhaps dig/host to be sure that the forward and reverse entries match up. that'll teach me for using non-kickstarted systems... error is caused by mis or unconfigured /etc/hosts > > rob > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBAgAGBQJQ44ADAAoJEAJsWS61tB+qo9cP/RR+zhZ4tX7lSmeD5MOK1ACa aci0s9HfROU2K/deiS8qLFKtxVdvm8itc2lda4TVwTHbhVompKi3mpp3KBlB8te/ 6WLpuC2agQeSPSlxlaDi6+6ue9/5c0bLogf5EJDEjGae/hsC3AJfYiW661WgAnZg qrU3X0rn00giy+sAOd0oFuqeBo+Hu/KZF3sDHF/YVK8fDMtajnZcj7C6zy1zOmdP bWj7flqZSZA3LlsOyq0e77U0VW5aFnEGE87ywNyCiXvuZjI/02iOijpPKpppk1If 9zVLPncDDU2smyGbEBE4/aylNbwzXa4izWQ9KwjqU2kWLd+tIq/74/gu7dDVjeOP dTnQuGWsSJlrEEuLlwks09BmOl2kIBr/EB/EZt1R31ldL+d1vK8aV3pBmXgptVsG l3R8rAvhu5WoJCKG4gtQVGSn1HkoSPHjc5FGIw/UjXbANcZlIONwujh6gdNHm2vk syk47+7ThamYTx3Hpq+dggxFcEekq+z1MWLP5gv5Odt/Vc810ziTn+QK97gY5UMM OD1kR34QN1FQsjn5qsjX9TumU4xvtvnuqgpj+0RTWGFk+55HFfdcTr+8rJKLsxrW g+Runt3DCu3YlUU+7Nc1FNLfwzjh227OzX1NxsMNTUYyCoOAHM85Ty6nGmFdkoBG XJeYI5r3FYZ1e/9Jtysq =TlwR -----END PGP SIGNATURE-----
0xB5B41FAA.asc
Description: application/pgp-keys
0xB5B41FAA.asc.sig
Description: PGP signature
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
