Hi, I want to install ipa client: ipa-client-install -d
I get the following error:
Verifying that "MyFreeIPA Server" (realm None) is an IPA server
Init LDAP connection to: "MyFreeIPA Server"
Error checking LDAP: Connect error: TLS error -8054:You are attempting
to import a cert with the same issuer/serial as an existing cert, but
that is not the same cert.
Skip "MyFreeIPA Server" : cannot verify if this is an IPA server
Discovery result: UNKNOWN_ERROR; ...................................
Validated servers:
Failed to verify that "MyFreeIPA Server" is an IPA Server.
This may mean that the remote server is not up or is not reachable due
to network or firewall settings.
Please make sure the following ports are opened in the firewall settings:
TCP: 80, 88, 389
UDP: 88 (at least one of TCP/UDP ports 88 has to be open)
Also note that following ports are necessary for ipa-client working
properly after enrollment:
TCP: 464
UDP: 464, 123 (if NTP enabled)
"MyFreeIPA Server" : Provided interactively)
Installation failed. Rolling back changes.
IPA client is not configured on this system.
selinux on the ipa client and ipa server ist permissive, iptables is empty.
It seems to be a problem with the SSL certificate of freeipa.
About the client:
rpm -qi ipa-client
Name : ipa-client
Version : 4.1.0
Release : 18.el7.centos.4
About the freeipa server:
rpm -qi freeipa-server
Name : freeipa-server
Version : 4.1.4
Release : 1.fc21
regards,
Andy
smime.p7s
Description: S/MIME Cryptographic Signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
