Dear Florence, dear all,
thanks for this hint.
I searched/checked further and found somewhere in an old thread on this
list with
ldapsearch -xLLL -D "cn=Directory Manager" -W -b
ou=certificateprofiles,ou=ca,o=ipaca
'(&(nsds5ReplConflict=*)(objectclass=ldapsubentry)
an entry
dn:
cn=KDCs_PKINIT_
On 3/19/19 11:08 AM, Marisa Sandhoff via FreeIPA-users wrote:
Dear all,
thank you very much for your help.
After some more searching, I found that this command (from
https://floblanc.wordpress.com/2017/09/11/troubleshooting-freeipa-pki-tomcatd-fails-to-start/)
[root@ipa2 ~] certutil -L -d /etc
Dear all,
thank you very much for your help.
After some more searching, I found that this command (from
https://floblanc.wordpress.com/2017/09/11/troubleshooting-freeipa-pki-tomcatd-fails-to-start/)
[root@ipa2 ~] certutil -L -d /etc/pki/pki-tomcat/alias -n 'subsystemCert
cert-pki-ca'
shows that
Hi Rob,
thanks for pointing us into that direction.
Actually, I already looked into /var/log/pkg/pkg-tomcat/ca/debug, but couldn't
find anything that rang the bell. Here are the last couple of lines.
[root@ipa2 ca]# tail -40 debug
[18/Mar/2019:14:36:39][SerialNumberUpdateTask]: TCP Keep-Alive:
Hi,
thanks for coming back to this.
here is the output:
[root@ipa2 ~]# klist -ekt /etc/dirsrv/ds.keytab
Keytab name: FILE:/etc/dirsrv/ds.keytab
KVNO Timestamp Principal
--- --
2 08/15/2016 11:18:33
ldap/ipa2.
Robbie Harwood via FreeIPA-users wrote:
> Marisa Sandhoff via FreeIPA-users
> writes:
>
>> [18/Mar/2019:14:36:27.577557647 +0100] - ERR - set_krb5_creds - Could
>> not get initial credentials for principal
>> [ldap/ipa2.pleiades.uni-wuppertal...@pleiades.uni-wuppertal.de] in
>> keytab [FILE:/etc/
Marisa Sandhoff via FreeIPA-users
writes:
> [18/Mar/2019:14:36:27.577557647 +0100] - ERR - set_krb5_creds - Could
> not get initial credentials for principal
> [ldap/ipa2.pleiades.uni-wuppertal...@pleiades.uni-wuppertal.de] in
> keytab [FILE:/etc/dirsrv/ds.keytab]: -1765328324 (Generic error (see
