Re: [Freeipa-users] ipa host-del

Tue, 04 Sep 2012 07:28:33 -0700 

george he wrote:

First of all, i don't see any java process after ipactl stop.

Then I turned on debug and this is what I get on terminal:
# ipa host-del hnl09.psych.yale.edu
......
ipa: DEBUG: approved_usage = SSLServer intended_usage = SSLServer
ipa: DEBUG: cert valid True for "CN=cushing.psych.yale.edu,O=PSYCH.YALE.EDU"
ipa: DEBUG: handshake complete, peer = 130.132.167.68:443
ipa: DEBUG: Caught fault 4301 from server
http://cushing.psych.yale.edu/ipa/xml: Certificate operation cannot be
completed: Unable to communicate with CMS (Service Temporarily Unavailable)
ipa: DEBUG: Destroyed connection context.xmlclient
ipa: ERROR: Certificate operation cannot be completed: Unable to
communicate with CMS (Service Temporarily Unavailable)

So there's a "fault 4301" being caught.
And this is at the end of /var/log/httpd/error_log:
[Tue Sep 04 10:17:05 2012] [error] ipa: DEBUG: approved_usage =
SSLServer intended_usage = SSLServer
[Tue Sep 04 10:17:05 2012] [error] ipa: DEBUG: cert valid True for
"CN=cushing.psych.yale.edu,O=PSYCH.YALE.EDU"
[Tue Sep 04 10:17:05 2012] [error] ipa: DEBUG: handshake complete, peer
= 130.132.167.68:443
[Tue Sep 04 10:17:05 2012] [error] (111)Connection refused: proxy: AJP:
attempt to connect to 127.0.0.1:9447 (localhost) failed
[Tue Sep 04 10:17:05 2012] [error] ap_proxy_connect_backend disabling
worker for (localhost)
[Tue Sep 04 10:17:05 2012] [error] proxy: AJP: failed to make connection
to backend: localhost
[Tue Sep 04 10:17:05 2012] [error] ipa: INFO: ad...@psych.yale.edu:
host_del((u'hnl09.psych.yale.edu',), updatedns=False):
CertificateOperationError
[Tue Sep 04 10:17:05 2012] [error] ipa: DEBUG: response:
CertificateOperationError: Certificate operation cannot be completed:
Unable to communicate with CMS (Service Temporarily Unavailable)
[Tue Sep 04 10:17:05 2012] [error] ipa: DEBUG: Destroyed connection
context.ldap2
dogtag does not appear to be running. I'd suggest looking at /var/log/pki-ca/catalina.out or debug to see if it has any hints as what the problem is. 

What distribution is this?

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to