Yup, here is the output: $ ipa-ca-install Directory Manager (existing master) password:
Run connection check to master Connection check OK Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes [1/28]: creating certificate server db [2/28]: setting up initial replication Starting replication, please wait until this has completed. Update in progress, 21 seconds elapsed Update succeeded [3/28]: creating ACIs for admin [4/28]: creating installation admin user [5/28]: configuring certificate server instance *y <--------------- that's me typing a Y to see if that helps* ipaserver.install.dogtaginstance: CRITICAL Failed to configure CA instance ipaserver.install.dogtaginstance: CRITICAL See the installation logs and the following files/directories for more information: ipaserver.install.dogtaginstance: CRITICAL /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. CA configuration failed. On Wed, Mar 20, 2024 at 1:33 PM Rob Crittenden <rcrit...@redhat.com> wrote: > Omar wrote: > > I will attach the logs today. It's been a couple of days and the > > installation is still at the same spot ( [5/28]: configuring > > certificate server instance ). > > > > Rob, I know you mention something about waiting on a prompt (Y/N), but I > > don't see it in any of the logs. Thoughts? > > You raised this previously in the thread: > > > Is the installation failing because the: > > INFO: Server certificate: > CN=ldap.app.uaap.maxar.com <http://ldap.app.uaap.maxar.com> > > <http://ldap.app.uaap.maxar.com>,OU=UAAP,O=Maxar > > Technologies Inc,L=Herndon,ST=Virginia,C=US > > WARNING: UNTRUSTED ISSUER encountered on > > 'CN=ldap.app.uaap.maxar.com > <http://ldap.app.uaap.maxar.com> > > <http://ldap.app.uaap.maxar.com>,OU=UAAP,O=Maxar > > Technologies Inc,L=Herndon,ST=Virginia,C=US' > indicates a > > non-trusted CA cert 'CN=Maxar DS Issuing CA > > East,DC=DS,DC=Maxar,DC=com' > > Trust this certificate (y/N)? SEVERE: FATAL: SSL > alert sent: > > BAD_CERTIFICATE > > > > ?? how do I pass a "Y" to this script? > ~ > > So you still have a certificate trust issue. I suppose you could try > typing "y" and enter and see what happens. But the root cause is missing > CA trust so this is just likely to fail later. > > rob > > > > > //omar > > > > On Mon, Mar 18, 2024 at 4:40 PM Rob Crittenden <rcrit...@redhat.com > > <mailto:rcrit...@redhat.com>> wrote: > > > > You can tar them up, gzip them, redact as needed and reply to the > > thread. As long as the result is < 256k it should go through ok. > > > > rob > > > > Omar wrote: > > > Rob & Flo, > > > > > > How can I send you some of the install, debug, and spawn logs? > > > > > > On Mon, Mar 18, 2024 at 2:27 PM Omar <usridz...@gmail.com > > <mailto:usridz...@gmail.com> > > > <mailto:usridz...@gmail.com <mailto:usridz...@gmail.com>>> wrote: > > > > > > Sorry for the late reply. I'm sure the CA Certs are the > correct > > > ones. I will attempt to do the replicas again and this time > I'll > > > trace the logs to make sure I catch the errors and update the > > ticket. > > > > > > When I say "hang" I mean that it takes forever to come back > from > > > step 5 ([5/28]: configuring certificate server instance) and > > then if > > > I hit "enter" it will just drop to an error. > > > > > > I'll post the error when I see it again. Thanks > > > > > > On Fri, Mar 15, 2024 at 1:35 PM Rob Crittenden > > <rcrit...@redhat.com <mailto:rcrit...@redhat.com> > > > <mailto:rcrit...@redhat.com <mailto:rcrit...@redhat.com>>> > wrote: > > > > > > Omar via FreeIPA-users wrote: > > > > Here is some more info: > > > > > > > > WARNING: The CA service is only installed on one > server > > > (<master > > > > hostname here>). > > > > It is strongly recommended to install it on another > > server. > > > > Run ipa-ca-install(1) on another master to > > accomplish this. > > > > > > > > > > > > The ipa-replica-install command was successful > > > > > > > > > > > > That was from the replica install, here is me installing > the > > > ca-cert on > > > > the replica: > > > > > > > > $ ipa-cacert-manage install -t CT,C,C > maxar-ca-chain.crt > > > > Installing CA certificate, please wait > > > > Verified CN=Maxar DS Issuing CA > > East,DC=DS,DC=Maxar,DC=com > > > > Verified CN=Maxar DS Issuing CA > > West,DC=DS,DC=Maxar,DC=com > > > > CA certificate successfully installed > > > > The ipa-cacert-manage command was successful > > > > > > What I don't understand is why you didn't have to install > this > > > chain in > > > order to install the servers at all. Are you sure this is > the > > > right chain? > > > > > > This data is replicated so it doesn't matter which server > > it is > > > added on. > > > > > > > > > > > and the cacert update: > > > > > > > > $ ipa-certupdate > > > > Systemwide CA database updated. > > > > Systemwide CA database updated. > > > > The ipa-certupdate command was successful > > > > > > This has to be run everywhere after updating a chain. > > > > > > > > > > > > > > > but when I try to run ipa-ca-install, it fails and it > > hangs here: > > > > > > > > $ ipa-ca-install > > > > Directory Manager (existing master) password: > > > > > > > > > > > > Run connection check to master > > > > Connection check OK > > > > Configuring certificate server (pki-tomcatd). > Estimated > > > time: 3 minutes > > > > [1/28]: creating certificate server db > > > > [2/28]: setting up initial replication > > > > Starting replication, please wait until this has > > completed. > > > > Update in progress, 21 seconds elapsed > > > > Update succeeded > > > > > > > > > > > > [3/28]: creating ACIs for admin > > > > [4/28]: creating installation admin user > > > > [5/28]: configuring certificate server instance > > > > > > > > > > > > Thoughts? > > > > > > IPA treats PKI as a black box. Occasionally it will spit > > out an > > > error > > > that is useful in the install log but usually you have to > pair > > > it with > > > the pki-ca-spawn log and sometimes also the ca debug log to > > > determine > > > what is going on. > > > > > > It also depends on the definition of fail and hang. You can > > > monitor the > > > pki-ca-spawn log for activity, for example, during > > installation. > > > > > > rob > > > > > > > > > > > > > > > > > > > On Fri, Mar 15, 2024 at 12:12 PM Omar > > <usridz...@gmail.com <mailto:usridz...@gmail.com> > > > <mailto:usridz...@gmail.com <mailto:usridz...@gmail.com>> > > > > <mailto:usridz...@gmail.com <mailto:usridz...@gmail.com> > > <mailto:usridz...@gmail.com <mailto:usridz...@gmail.com>>>> wrote: > > > > > > > > for the context: > > > > I fixed my master IPA server, with all new and valid > > certs > > > (server & > > > > CA chain). I installed two replicas, both installed > > > successfully, > > > > but when I try to run the ipa-ca-install they both > > fail. > > > Thoughs? > > > > > > > > On Thu, Mar 14, 2024 at 9:28 AM Florence Blanc-Renaud > > > > <f...@redhat.com <mailto:f...@redhat.com> > > <mailto:f...@redhat.com <mailto:f...@redhat.com>> > > > <mailto:f...@redhat.com <mailto:f...@redhat.com> > > <mailto:f...@redhat.com <mailto:f...@redhat.com>>>> wrote: > > > > > > > > Hi, > > > > > > > > On Thu, Mar 14, 2024 at 1:10 PM Omar Pagan via > > > FreeIPA-users > > > > <freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>> > > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>>>> wrote: > > > > > > > > Found this in the logs: > > > > > > > > INFO: Server certificate: > > > CN=ldap.app.uaap.maxar.com > > <http://ldap.app.uaap.maxar.com> <http://ldap.app.uaap.maxar.com> > > > > <http://ldap.app.uaap.maxar.com > >,OU=UAAP,O=Maxar > > > > Technologies Inc,L=Herndon,ST=Virginia,C=US > > > > WARNING: UNTRUSTED ISSUER encountered on > > > > 'CN=ldap.app.uaap.maxar.com > > <http://ldap.app.uaap.maxar.com> > > > <http://ldap.app.uaap.maxar.com> > > > > <http://ldap.app.uaap.maxar.com > >,OU=UAAP,O=Maxar > > > > Technologies Inc,L=Herndon,ST=Virginia,C=US' > > > indicates a > > > > non-trusted CA cert 'CN=Maxar DS Issuing CA > > > > East,DC=DS,DC=Maxar,DC=com' > > > > Trust this certificate (y/N)? SEVERE: FATAL: > SSL > > > alert sent: > > > > BAD_CERTIFICATE > > > > javax.ws.rs <http://javax.ws.rs> > > <http://javax.ws.rs> > > > <http://javax.ws.rs>.ProcessingException: > > > > RESTEASY004655: Unable to invoke request > > > > at > > > > > > > > > > > org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:317) > > > > at > > > > > > > > > > > org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:442) > > > > at > > > > > > > > > > > org.jboss.resteasy.client.jaxrs.internal.proxy.ClientInvoker.invoke(ClientInvoker.java:106) > > > > at > > > > > > > > > > > org.jboss.resteasy.client.jaxrs.internal.proxy.ClientProxy.invoke(ClientProxy.java:76) > > > > at > > com.sun.proxy.$Proxy23.getInfo(Unknown > > > Source) > > > > at > > > > > > > > org.dogtagpki.common.InfoClient.getInfo(InfoClient.java:43) > > > > at > > > > > > > > > com.netscape.certsrv.client.PKIClient.getInfo(PKIClient.java:221) > > > > at > > > > > > > > com.netscape.cmstools.cli.MainCLI.getClient(MainCLI.java:603) > > > > at > > > org.dogtagpki.cli.CLI.getClient(CLI.java:207) > > > > at com.netscape.cmstools.ca > > <http://com.netscape.cmstools.ca> > > > <http://com.netscape.cmstools.ca> > > > > > > > > > <http://com.netscape.cmstools.ca > >.CACLI.getSubsystemClient(CACLI.java:66) > > > > at > > > > > > > > > > > com.netscape.cmstools.range.RangeRequestCLI.execute(RangeRequestCLI.java:80) > > > > at > > > > > > > org.dogtagpki.cli.CommandCLI.execute(CommandCLI.java:58) > > > > at > > org.dogtagpki.cli.CLI.execute(CLI.java:357) > > > > at > > org.dogtagpki.cli.CLI.execute(CLI.java:357) > > > > at > > > > > > > > > > com.netscape.cmstools.cli.SubsystemCLI.execute(SubsystemCLI.java:79) > > > > at > > org.dogtagpki.cli.CLI.execute(CLI.java:357) > > > > at > > > > > > > > com.netscape.cmstools.cli.MainCLI.execute(MainCLI.java:665) > > > > at > > > > > > > com.netscape.cmstools.cli.MainCLI.main(MainCLI.java:701) > > > > Caused by: java.io.IOException: > SocketException > > > cannot write > > > > on socket: Failed to write to socket: > (-12276) > > > Unable to > > > > communicate securely with peer: requested > domain > > > name does > > > > not match the server's certificate. > > > > at > > > > > > > org.mozilla.jss.ssl.SSLSocket.write(SSLSocket.java:1538) > > > > at > > > > > > > > > org.mozilla.jss.ssl.SSLOutputStream.write(SSLOutputStream.java:27) > > > > at org.apache.http.impl.io > > <http://org.apache.http.impl.io> > > > <http://org.apache.http.impl.io> > > > > > > > > > <http://org.apache.http.impl.io > >.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:160) > > > > at org.apache.http.impl.io > > <http://org.apache.http.impl.io> > > > <http://org.apache.http.impl.io> > > > > > > > > > <http://org.apache.http.impl.io > >.AbstractSessionOutputBuffer.flush(AbstractSessionOutputBuffer.java:168) > > > > at > > > > > > > > > > > org.apache.http.impl.AbstractHttpClientConnection.doFlush(AbstractHttpClientConnection.java:273) > > > > at > > > > > > > > > > > org.apache.http.impl.AbstractHttpClientConnection.flush(AbstractHttpClientConnection.java:279) > > > > at > > > > > > > > > > > org.apache.http.impl.conn.ManagedClientConnectionImpl.flush(ManagedClientConnectionImpl.java:188) > > > > at > > > > > > > > > > > org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:241) > > > > at > > > > > > > > > > > org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123) > > > > at > > > > > > > > > > > org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:684) > > > > at > > > > > > > > > > > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:486) > > > > at > > > > > > > > > > > org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:836) > > > > at > > > > > > > > > > > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) > > > > at > > > > > > > > > > > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) > > > > at > > > > > > > > > > > org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:313) > > > > ... 17 more > > > > Caused by: > > org.mozilla.jss.ssl.SSLSocketException: > > > Failed to > > > > write to socket: (-12276) Unable to > communicate > > > securely > > > > with peer: requested domain name does not > match > > > the server's > > > > certificate. > > > > at > > > org.mozilla.jss.ssl.SSLSocket.socketWrite(Native > > > > Method) > > > > at > > > > > > > org.mozilla.jss.ssl.SSLSocket.write(SSLSocket.java:1532) > > > > ... 31 more > > > > CalledProcessError: Command '['pki', '-d', > > > > '/etc/pki/pki-tomcat/alias', '-f', > > > > '/etc/pki/pki-tomcat/password.conf', '-U', > > > > 'https://ldap01.app.uaap.maxar.com:443', > > > 'ca-range-request', > > > > 'request', '--install-token', > > > > '/tmp/tmp_nt6hud0/install-token', > > > '--output-format', 'json', > > > > '--debug']' returned non-zero exit status > 255. > > > > File > > > > > > > "/usr/lib/python3.6/site-packages/pki/server/pkispawn.py", > > > > line 575, in main > > > > scriptlet.spawn(deployer) > > > > File > > > > > > > > > > > "/usr/lib/python3.6/site-packages/pki/server/deployment/scriptlets/configuration.py", > > > > line 586, in spawn > > > > subsystem.request_ranges(master_url, > > > > session_id=deployer.install_token.token) > > > > File > > > > > > > > "/usr/lib/python3.6/site-packages/pki/server/subsystem.py", > > > > line 1119, in request_ranges > > > > master_url, 'request', > > session_id=session_id, > > > > install_token=install_token) > > > > File > > > > > > > > "/usr/lib/python3.6/site-packages/pki/server/subsystem.py", > > > > line 1107, in request_range > > > > output = subprocess.check_output(cmd) > > > > File "/usr/lib64/python3.6/subprocess.py", > > line > > > 356, in > > > > check_output > > > > **kwargs).stdout > > > > File "/usr/lib64/python3.6/subprocess.py", > > line > > > 438, in run > > > > output=stdout, stderr=stderr) > > > > > > > > > > > > 2024-03-14T00:38:53Z CRITICAL Failed to > > configure > > > CA instance > > > > 2024-03-14T00:38:53Z CRITICAL See the > > installation > > > logs and > > > > the following files/directories for more > > information: > > > > 2024-03-14T00:38:53Z CRITICAL > > > /var/log/pki/pki-tomcat > > > > 2024-03-14T00:38:53Z DEBUG Traceback (most > > recent > > > call last): > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", > > > > line 635, in start_creation > > > > run_step(full_msg, method) > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", > > > > line 621, in run_step > > > > method() > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/cainstance.py", > > > > line 627, in __spawn_instance > > > > nolog_list=nolog_list > > > > File > > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py", > > > > line 227, in spawn_instance > > > > self.handle_setup_error(e) > > > > File > > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py", > > > > line 606, in handle_setup_error > > > > ) from None > > > > RuntimeError: CA configuration failed. > > > > > > > > 2024-03-14T00:38:53Z DEBUG [error] > > RuntimeError: CA > > > > configuration failed. > > > > 2024-03-14T00:38:53Z DEBUG Removing > > > /root/.dogtag/pki-tomcat/ca > > > > 2024-03-14T00:38:53Z DEBUG File > > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/installutils.py", > > > > line 781, in run_script > > > > return_value = main_function() > > > > > > > > File "/sbin/ipa-ca-install", line 307, in > main > > > > install(safe_options, options) > > > > > > > > File "/sbin/ipa-ca-install", line 273, in > > install > > > > install_replica(safe_options, options) > > > > > > > > File "/sbin/ipa-ca-install", line 210, in > > > install_replica > > > > ca.install(True, config, options, > > > custodia=custodia) > > > > > > > > File > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/ca.py", > > > > line 270, in install > > > > install_step_0(standalone, > replica_config, > > > options, > > > > custodia=custodia) > > > > > > > > File > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/ca.py", > > > > line 355, in install_step_0 > > > > > > pki_config_override=options.pki_config_override, > > > > > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/cainstance.py", > > > > line 501, in configure_instance > > > > self.start_creation(runtime=runtime) > > > > > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", > > > > line 635, in start_creation > > > > run_step(full_msg, method) > > > > > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/service.py", > > > > line 621, in run_step > > > > method() > > > > > > > > File > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/cainstance.py", > > > > line 627, in __spawn_instance > > > > nolog_list=nolog_list > > > > > > > > File > > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py", > > > > line 227, in spawn_instance > > > > self.handle_setup_error(e) > > > > > > > > File > > > > > > > > > > "/usr/lib/python3.6/site-packages/ipaserver/install/dogtaginstance.py", > > > > line 606, in handle_setup_error > > > > ) from None > > > > > > > > 2024-03-14T00:38:53Z DEBUG The > > ipa-ca-install command > > > > failed, exception: RuntimeError: CA > > configuration > > > failed. > > > > > > > > Is the installation failing because the: > > > > INFO: Server certificate: > > > CN=ldap.app.uaap.maxar.com > > <http://ldap.app.uaap.maxar.com> <http://ldap.app.uaap.maxar.com> > > > > <http://ldap.app.uaap.maxar.com > >,OU=UAAP,O=Maxar > > > > Technologies Inc,L=Herndon,ST=Virginia,C=US > > > > WARNING: UNTRUSTED ISSUER encountered on > > > > 'CN=ldap.app.uaap.maxar.com > > <http://ldap.app.uaap.maxar.com> > > > <http://ldap.app.uaap.maxar.com> > > > > <http://ldap.app.uaap.maxar.com > >,OU=UAAP,O=Maxar > > > > Technologies Inc,L=Herndon,ST=Virginia,C=US' > > > indicates a > > > > non-trusted CA cert 'CN=Maxar DS Issuing CA > > > > East,DC=DS,DC=Maxar,DC=com' > > > > Trust this certificate (y/N)? SEVERE: FATAL: > SSL > > > alert sent: > > > > BAD_CERTIFICATE > > > > > > > > ?? how do I pass a "Y" to this script? > > > > > > > > > > > > Not really easy to read the logs as I'm lacking > the > > > context, but > > > > it looks like the CA fails to communicate with > the > > > LDAP server. > > > > Did you install the first server with an > externally > > > signed LDAP > > > > server certificate? If that's the case, you are > > > probably just > > > > missing the external CA cert. > > > > Use /ipa-cacert-manage install-t CT,C,C > > extca.pem /on > > > one of the > > > > servers if not already done, then execute > > > ipa-certupdate on all > > > > the hosts enrolled in the domain (all servers > > and clients, > > > > including the server where you run > > ipa-cacert-manage). > > > > > > > > flo > > > > > > > > //omar > > > > -- > > > > > _______________________________________________ > > > > FreeIPA-users mailing list -- > > > > freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>> > > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>>> > > > > To unsubscribe send an email to > > > > freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org>> > > > > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org>>> > > > > Fedora Code of Conduct: > > > > > > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > > > List Guidelines: > > > > > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > > > List Archives: > > > > > > > > > > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > > > > Do not reply to spam, report it: > > > > > > https://pagure.io/fedora-infrastructure/new_issue > > > > > > > > > > > > -- > > > > _______________________________________________ > > > > FreeIPA-users mailing list -- > > > freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org> > > > <mailto:freeipa-users@lists.fedorahosted.org > > <mailto:freeipa-users@lists.fedorahosted.org>> > > > > To unsubscribe send an email to > > > freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > > <mailto:freeipa-users-le...@lists.fedorahosted.org > > <mailto:freeipa-users-le...@lists.fedorahosted.org>> > > > > Fedora Code of Conduct: > > > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > > > List Guidelines: > > > https://fedoraproject.org/wiki/Mailing_list_guidelines > > > > List Archives: > > > > > > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org > > > > Do not reply to spam, report it: > > > https://pagure.io/fedora-infrastructure/new_issue > > > > > > > > > > >
-- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue