I tried the workaround and it's working. Thanks for your help.
Le jeu. 12 sept. 2019 à 13:38, Florence Blanc-Renaud a
écrit :
> On 9/11/19 10:53 PM, danielle lampert wrote:
> >
> > When creating the file manually and running the command, this seems to
> > work. Later I have other problems : wh
After googling i tried to run following test on ldap-b-3 (new replica
where it failed and got following)
[root@ldap-b-3 tmp]# python ipa-custodia-check.in `hostname` --verbose
[2019-09-18T16:33:51 ipa-custodia-tester] : Platform:
Linux-3.10.0-514.el7.x86_64-x86_64-with-centos-7.3.1611-Core
[2019-0
After your suggestion i didn't get CA_REJECT error but i got following
error. ( [error] INVALID_CREDENTIALS: {'desc': 'Invalid
credentials'})
[root@ldap-b-3 ~]# ipa-replica-install -N -w X -U
ipaserver.install.installutils: ERRORUnable to resolve the IP
address 10.31.1.24 to a host name,
Interesting,
You are saying edit that line and restart httpd and try to create new
replica? I wonder how it was working 8 months ago then? anyway i am
going to do that and let you know.
also i would like to mention one more thing, i brought my (primary
LDAP + CA Master) after 8 month do you thin
Satish Patel wrote:
> Thanks Rob,
>
> This is the output of ldap-ca-master
>
> # matches for CA REST API
> "^/ca/rest/account/login|^/ca/rest/account/logout|^/ca/rest/installer/installToken|^/ca/rest/securityDomain/domainInfo|^/ca/rest/securityDomain/installToken|^/ca/rest/profiles|^/ca/rest/aut
Yep, the key is there, which makes sense because I can issue certificates from
the intermediate CA on ipa01, it's just the replication to ipa02 and ipa03
that's failing.
< 0> rsa ocspSigningCert cert-pki-ca
< 1> rsa Server-Cert cert-pki-ca
< 2> rsa (orphan)
<
