hi everyone
I'm trying with give values to install a client but it fails quickly:
$ ipa-client-install --server=lxc-ipa1-rider.priv.xx.xx.priv.xx.xx.x. --domain=priv.xx.xx.priv.xx.xx.x. --no-ntp Autodiscovery of servers for failover cannot work with this configuration. If you proceed with the installation, services will be configured to always access the discovered server for all operations and will not fail over to other servers in case of failure. Proceed with fixed values and no DNS discovery? [no]: yes Client hostname: lxc-ipawhale1.priv.xx.xx.priv.xx.xx.x Realm: PRIVATE.xx.xx.PRIVATE.xx.xx.x DNS Domain: priv.xx.xx.priv.xx.xx.x IPA Server: lxc-ipa1-rider.priv.xx.xx.priv.xx.xx.x. BaseDN: dc=priv,dc=xx.dc=xx.dc=priv,dc=xx,dc=xx,dc=x
Continue to configure the system with these values? [no]: yes Skipping synchronizing time with NTP server. User authorized to enroll computers: admin Password for admin@PRIVATE.xx.xx.PRIVATE.xx.xx.x: Successfully retrieved CA cert Subject: CN=Certificate Authority,O=PRIVATE.xx.xx.PRIVATE.xx.xx.x Issuer: CN=Certificate Authority,O=PRIVATE.xx.xx.PRIVATE.xx.xx.x Valid From: 2018-01-04 17:13:36 Valid Until: 2038-01-04 17:13:36
Joining realm failed: libcurl failed to execute the HTTP POST transaction, explaining: Unable to communicate securely with peer: requested domain name does not match the server's certificate.
Installation failed. Rolling back changes. Unconfigured automount client failed: Command 'ipa-client-automount --uninstall --debug' returned non-zero exit status 1
Server's end seems fine but cannot be 100% sure(not an expert). Would you have some suggestions? many thanks, L.
freeipa-users@lists.fedorahosted.org