Could you check if your "requiredSecret" value matches the "secret" in
"/etc/pki/pki-tomcat/server.xml"?
I had two lines where they were different and the value has to match the secret
in "/etc/httpd/conf.d/ipa-pki-proxy.conf". Once they all matched I restarted
pki-tomcatd@pki-tomcat.service and httpd and both CLI and WebGUI certificate
management worked again.
According to a different thread "tomcat pre-9.0.31.0 uses 'requiredSecret' and
afterward uses 'secret'."
I am running my FreeIPA server on CentOS 8 Stream which uses tomcat 9.0.30. My
uninformed guess is the last FreeIPA update from 4.9.3 to 4.9.6 configured
"secret" only and not "requiredSecret" which "broke" the config for the tomcat
version used. Hope this helps.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
