Receiving errors "Error in CertificatePanel(): updateStatus returns failure" after ipa-replica-install fails

Solution Unverified - Updated -


  • Replica installer fails to configure new CA after ipa-replica-install fails once with the following errors::
Error in CertificatePanel(): updateStatus returns failure
ERROR: ConfigureCA: CertificatePanel() failure
ERROR: unable to create CA
  • Debug install log
ipa         : DEBUG    stderr=
ipa         : CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname <hostname> -cs_port 9445 -client_certdb_dir /tmp/tmp-xSl3lV -client_certdb_pwd XXXXXXXX -preop_pin ORxGuaa1K93BoP08uUBs -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject CN=ipa-ca-agent,O=<domainname> -ldap_host <hostname> -ldap_port 7389 -bind_dn cn=Directory Manager -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name CN=CA Subsystem,O=<domainname> -ca_ocsp_cert_subject_name CN=OCSP Subsystem,O=<domainname> -ca_server_cert_subject_name CN=<hostname>,O=<domainname> -ca_audit_signing_cert_subject_name CN=CA Audit,O=<domainname> -ca_sign_cert_subject_name CN=Certificate Authority,O=<domainname> -external false -clone true -clone_p12_file ca.p12 -clone_p12_password XXXXXXXX -sd_hostname <master-hostname> -sd_admin_port 443 -sd_admin_name admin -sd_admin_password XXXXXXXX -clone_start_tls true -clone_uri https://<master-hostname>:443' returned non-zero exit status 255
creation of replica failed: Configuration of CA failed
ipa         : DEBUG    Configuration of CA failed
  File "/usr/sbin/ipa-replica-install", line 496, in <module>

  File "/usr/sbin/ipa-replica-install", line 426, in main
    (CA, cs) = cainstance.install_replica_ca(config)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 1164, in install_replica_ca

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 531, in configure_instance
    self.start_creation("Configuring certificate server", 210)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 257, in start_creation

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 667, in __configure_instance
    raise RuntimeError('Configuration of CA failed')

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
[1]    45980 exit 1     ipa-replica-install --setup-ca -d


  • Red Hat Enterprise Linux 6.3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.