Hello, I came back from vacation and noticed that the pki-tomcatd was not running. All other services are running fine, I can kinit admin and search for users, I can also log into the UI and see everything. When I try to start the service I see the following errors: Mar 11 20:44:44 ldap01.app.uaap.maxar.com ipa-pki-wait-running[7903]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat> Mar 11 20:44:44 ldap01.app.uaap.maxar.com systemd[1]: pki-tomcatd@pki-tomcat.service: Start-post operation timed out. Stopping.
I have checked all the certs and everything is in order: $ getcert list | grep expire expires: 2025-01-22 14:07:35 UTC expires: 2025-01-22 14:06:46 UTC expires: 2025-01-22 14:06:45 UTC expires: 2025-01-22 14:06:45 UTC expires: 2043-02-02 14:06:44 UTC expires: 2025-01-22 14:06:45 UTC expires: 2025-02-02 14:08:10 UTC I also have checked this: $ klist -ekt /etc/dirsrv/ds.keytab Keytab name: FILE:/etc/dirsrv/ds.keytab KVNO Timestamp Principal ---- ------------------- ------------------------------------------------------ 2 02/02/2023 14:06:06 ldap/ldap01.app.uaap.maxar....@app.uaap.maxar.com (aes256-cts-hmac-sha1-96) 2 02/02/2023 14:06:06 ldap/ldap01.app.uaap.maxar....@app.uaap.maxar.com (aes128-cts-hmac-sha1-96) 2 02/02/2023 14:06:06 ldap/ldap01.app.uaap.maxar....@app.uaap.maxar.com (aes128-cts-hmac-sha256-128) 2 02/02/2023 14:06:06 ldap/ldap01.app.uaap.maxar....@app.uaap.maxar.com (aes256-cts-hmac-sha384-192) 2 02/02/2023 14:06:06 ldap/ldap01.app.uaap.maxar....@app.uaap.maxar.com (camellia128-cts-cmac) 2 02/02/2023 14:06:06 ldap/ldap01.app.uaap.maxar....@app.uaap.maxar.com (camellia256-cts-cmac) not sure if that's correct or not. Please help, I don't see why pki-tomcatd would just die on me for no reason. I haven't run any updates / upgrades on the system and it was working fine before I left. Thanks -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue