Hi, The replica installation is failing when the replica attempts to contact the CA on the master to log into the security domain. According to your log, this is https://ipa01.ix.test.com:9445
Can the master be resolved and reached from the replica? Can port 9445 be reached (as well as ports 9444 and 9443?) You can also check the master's /var/log/pki-ca/debug log to see if any communication was received from the replica. Ade On Mon, 2011-06-13 at 16:17 +0200, Sigbjorn Lie wrote: > On 06/13/2011 04:12 PM, Simo Sorce wrote: > > On Mon, 2011-06-13 at 15:23 +0200, Sigbjorn Lie wrote: > >> Hi, > >> > >> I have successfully configured one IPA replica, now I'm trying to > >> configure a second replica, but I'm not having much success. I've > >> attached the output of ipa-replica-install -d. I get as far as "[4/11]: > >> configuring certificate server instance". The machine is configured in > >> the same way as the 2 first machines. They are all F15, updated with all > >> available packages from the official repos. > >> > >> The installation fails when it's trying to connect to the dogtag server > >> on the ipa replica it's just configured, with a "Invalid clone_uri" > >> message. (See the attached file for details). > >> > >> I'm not sure where to start looking. The only difference from the 2 > >> first IPA servers, is that this server is located at another subnet, > >> over a site-to-site VPN connection. > >> > >> Any suggestions to what might be wrong? > > I have never seen this error, have you created a new replica package > > with ipa-replica-prepare to create the second replica ? > > > > Yes, a fresh package was created using ipa-replica-prepare and scp'ed to > the new ipa server. I've even tried re-creating the package. Still the > same error message. > > > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
