On 08/01/2017 03:26 AM, Florence Blanc-Renaud wrote:
another user hit the same problem as you (ipa-replica-install
--setup-ca fails during pkispawn and the PKI debug log shows an error
related to updateNumberRange). He managed to workaround the issue by
un-enrolling the failing replica and revoking all the certificates
that were created during replica setup attempts (you can find the mail
thread here [1]).
I still don't know what is the root cause of the issue or why the
workaround succeeded, but it's worth giving it a try.
Flo
[1]
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/thread/TJGJZANRCIYTGXCUEAZ3XLISNEO7QOIN/#A54XHWAG4Z6BVX62YRUQXYO5QKW4OXAZ
The logs do look similar to me, so I can give this a shot, what I don't
know is how to revoke all the certificates on the replica server (at
least I'm assuming it's the replica getting the revokations.
--
Mark Haney
Network Engineer at NeoNova
919-460-3330 option 1
mark.ha...@neonova.net
www.neonova.net
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
