Hmm, really? The port 8443 is already checked in FreeIPA 4.0.4 or later, based on this ticket:
https://fedorahosted.org/freeipa/ticket/4564 If your installation crashed because port 8443 was occupied, the fix 4564 is either incomplete or non-functional and we should fix it. On 04/01/2015 01:38 PM, Roberto Cornacchia wrote: > I had this error during my first installation. It turned out the problem > was that port 8443 was already used by another process. > > Roberto > > On 31 March 2015 at 19:54, Markus Roth <mar...@die5roths.de> wrote: > >> Hi all, >> >> I want setup freeipa 4.1.3 on a fresh installed fedora 21. >> The ipa-server-install shows the following output: >> >> configuring NTP daemon (ntpd) >> [1/4]: stopping ntpd >> [2/4]: writing configuration >> [3/4]: configuring ntpd to start on boot >> [4/4]: starting ntpd >> Done configuring NTP daemon (ntpd). >> Configuring directory server (dirsrv): Estimated time 1 minute >> [1/38]: creating directory server user >> [2/38]: creating directory server instance >> [3/38]: adding default schema >> [4/38]: enabling memberof plugin >> [5/38]: enabling winsync plugin >> [6/38]: configuring replication version plugin >> [7/38]: enabling IPA enrollment plugin >> [8/38]: enabling ldapi >> [9/38]: configuring uniqueness plugin >> [10/38]: configuring uuid plugin >> [11/38]: configuring modrdn plugin >> [12/38]: configuring DNS plugin >> [13/38]: enabling entryUSN plugin >> [14/38]: configuring lockout plugin >> [15/38]: creating indices >> [16/38]: enabling referential integrity plugin >> [17/38]: configuring certmap.conf >> [18/38]: configure autobind for root >> [19/38]: configure new location for managed entries >> [20/38]: configure dirsrv ccache >> [21/38]: enable SASL mapping fallback >> [22/38]: restarting directory server >> [23/38]: adding default layout >> [24/38]: adding delegation layout >> [25/38]: creating container for managed entries >> [26/38]: configuring user private groups >> [27/38]: configuring netgroups from hostgroups >> [28/38]: creating default Sudo bind user >> [29/38]: creating default Auto Member layout >> [30/38]: adding range check plugin >> [31/38]: creating default HBAC rule allow_all >> [32/38]: initializing group membership >> [33/38]: adding master entry >> [34/38]: configuring Posix uid/gid generation >> [35/38]: adding replication acis >> [36/38]: enabling compatibility plugin >> [37/38]: tuning directory server >> [38/38]: configuring directory to start on boot >> Done configuring directory server (dirsrv). >> Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 >> seconds >> [1/27]: creating certificate server user >> [2/27]: configuring certificate server instance >> [3/27]: stopping certificate server instance to update CS.cfg >> [4/27]: backing up CS.cfg >> [5/27]: disabling nonces >> [6/27]: set up CRL publishing >> [7/27]: enable PKIX certificate path discovery and validation >> [8/27]: starting certificate server instance >> [error] RuntimeError: CA did not start in 300.0s >> CA did not start in 300.0s >> >> The ipa server install log shows this: >> >> 2015-03-31T17:39:35Z DEBUG The CA status is: check interrupted >> 2015-03-31T17:39:35Z DEBUG Waiting for CA to start... >> 2015-03-31T17:39:36Z DEBUG Traceback (most recent call last): >> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >> line >> 382, in start_creation >> run_step(full_msg, method) >> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >> line >> 372, in run_step >> method() >> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", >> line 526, in __start >> self.start() >> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >> line >> 279, in start >> self.service.start(instance_name, capture_output=capture_output, >> wait=wait) >> File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py", >> line >> 229, in start >> self.wait_until_running() >> File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py", >> line >> 223, in wait_until_running >> raise RuntimeError('CA did not start in %ss' % timeout) >> RuntimeError: CA did not start in 300.0s >> >> 2015-03-31T17:39:36Z DEBUG [error] RuntimeError: CA did not start in >> 300.0s >> 2015-03-31T17:39:36Z DEBUG File "/usr/lib/python2.7/site- >> packages/ipaserver/install/installutils.py", line 642, in run_script >> return_value = main_function() >> >> File "/usr/sbin/ipa-server-install", line 1183, in main >> ca_signing_algorithm=options.ca_signing_algorithm) >> >> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", >> line 520, in configure_instance >> self.start_creation(runtime=210) >> >> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >> line >> 382, in start_creation >> run_step(full_msg, method) >> >> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >> line >> 372, in run_step >> method() >> >> File "/usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py", >> line 526, in __start >> self.start() >> >> File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", >> line >> 279, in start >> self.service.start(instance_name, capture_output=capture_output, >> wait=wait) >> >> File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py", >> line >> 229, in start >> self.wait_until_running() >> >> File "/usr/lib/python2.7/site-packages/ipaplatform/redhat/services.py", >> line >> 223, in wait_until_running >> raise RuntimeError('CA did not start in %ss' % timeout) >> >> 2015-03-31T17:39:36Z DEBUG The ipa-server-install command failed, >> exception: >> RuntimeError: CA did not start in 300.0s >> >> I uninstalled the ipa server completely several times and installed it >> again. >> But it always stops at the same step with the setup. >> >> Can anybody help? >> >> Markus. >> >> -- >> Manage your subscription for the Freeipa-users mailing list: >> https://www.redhat.com/mailman/listinfo/freeipa-users >> Go to http://freeipa.org for more info on the project >> > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project