Hi all,
Having a problem with a new server install on RHEL 7 -
Done configuring directory server (dirsrv). Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds [1/31]: creating certificate server user [2/31]: configuring certificate server instance ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmphCcxuk' returned non-zero exit status 1
I have researched through "the google", and not much luck. Although I see others who have had the problem, there seems to be no specific fix.
This is RHEL 7.3 in AWS and ipa-server-4.4.0-14.el7_3.7.x86_64
I have an exact duplicate of this in another VPC with no issues, so just wondering if there are some places to look?
On Wed, Jun 14, 2017 at 08:27:09AM -0500, Kat via FreeIPA-users wrote:
Hi all,
Having a problem with a new server install on RHEL 7 -
Done configuring directory server (dirsrv). Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds [1/31]: creating certificate server user [2/31]: configuring certificate server instance ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command '/usr/sbin/pkispawn -s CA -f /tmp/tmphCcxuk' returned non-zero exit status 1
I have researched through "the google", and not much luck. Although I see others who have had the problem, there seems to be no specific fix.
This is RHEL 7.3 in AWS and ipa-server-4.4.0-14.el7_3.7.x86_64
I have an exact duplicate of this in another VPC with no issues, so just wondering if there are some places to look?
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Hi Kat,
the first thing to look at are the Dogtag logs located in /var/log/pki-ca-spawn.$TIMESTAMP.log and then the logs in pki-tomcat/ subdirectory (mainly ca/debug and ca/system).
You can also look at https://www.freeipa.org/page/Files_to_be_attached_to_bug_report#Dogtag_CA_fa... to see where to look for errors.
freeipa-users@lists.fedorahosted.org