[Pkg-freeipa-devel] Bug#898543: nss-pem available
Harry Coin
harrycoin at aol.com
Wed Oct 7 17:11:45 BST 2020
On Fri, 25 Sep 2020 11:46:16 +0300 Timo Aaltonen <tjaalton at debian.org>
wrote:
>
> Hi,
>
> This bug shouldn't happen anymore, as nss-pem is used. There's another
> bug (970880) preventing server install right now though.
>
> --
> t
>
>
File "/usr/lib/python3/dist-packages/ipaserver/install/cainstance.py",
line 484, in configure_instance
self.start_creation(runtime=runtime)
File "/usr/lib/python3/dist-packages/ipaserver/install/service.py",
line 606, in start_creation
run_step(full_msg, method)
File "/usr/lib/python3/dist-packages/ipaserver/install/service.py",
line 592, in run_step
method()
File "/usr/lib/python3/dist-packages/ipaserver/install/cainstance.py",
line 880, in __request_ra_certificate
reqId = certmonger.request_and_wait_for_cert(
File "/usr/lib/python3/dist-packages/ipalib/install/certmonger.py",
line 409, in request_and_wait_for_cert
raise RuntimeError(
2020-10-07T14:45:28Z DEBUG The ipa-server-install command failed,
exception: RuntimeError: Certificate issuance failed (CA_UNREACHABLE:
Error 35 connecting to
https://registry1.1.quietfountain.com:8443/ca/agent/ca//profileReview:
SSL connect error.)
2020-10-07T14:45:28Z ERROR Certificate issuance failed (CA_UNREACHABLE:
Error 35 connecting to
https://registry1.1.quietfountain.com:8443/ca/agent/ca//profileReview:
SSL connect error.)
2020-10-07T14:45:28Z ERROR The ipa-server-install command failed. See
/var/log/ipaserver-install.log for more information
...
[11/30]: starting certificate server instance
[12/30]: configure certmonger for renewals
[13/30]: requesting RA certificate from CA
[error] RuntimeError: Certificate issuance failed (CA_UNREACHABLE:
Error 35 connecting to
https://registry1.1.quietfountain.com:8443/ca/agent/ca//profileReview:
SSL connect error.)
More information about the Pkg-freeipa-devel
mailing list