Receiving errors "Error in CertificatePanel(): updateStatus returns failure" after ipa-replica-install fails

Solution Unverified - Updated -


  • Replica installer fails to configure new CA after ipa-replica-install fails once with the following errors::
Error in CertificatePanel(): updateStatus returns failure
ERROR: ConfigureCA: CertificatePanel() failure
ERROR: unable to create CA
  • Debug install log
ipa         : DEBUG    stderr=
ipa         : CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent ConfigureCA -cs_hostname <hostname> -cs_port 9445 -client_certdb_dir /tmp/tmp-xSl3lV -client_certdb_pwd XXXXXXXX -preop_pin ORxGuaa1K93BoP08uUBs -domain_name IPA -admin_user admin -admin_email root@localhost -admin_password XXXXXXXX -agent_name ipa-ca-agent -agent_key_size 2048 -agent_key_type rsa -agent_cert_subject CN=ipa-ca-agent,O=<domainname> -ldap_host <hostname> -ldap_port 7389 -bind_dn cn=Directory Manager -bind_password XXXXXXXX -base_dn o=ipaca -db_name ipaca -key_size 2048 -key_type rsa -key_algorithm SHA256withRSA -save_p12 true -backup_pwd XXXXXXXX -subsystem_name pki-cad -token_name internal -ca_subsystem_cert_subject_name CN=CA Subsystem,O=<domainname> -ca_ocsp_cert_subject_name CN=OCSP Subsystem,O=<domainname> -ca_server_cert_subject_name CN=<hostname>,O=<domainname> -ca_audit_signing_cert_subject_name CN=CA Audit,O=<domainname> -ca_sign_cert_subject_name CN=Certificate Authority,O=<domainname> -external false -clone true -clone_p12_file ca.p12 -clone_p12_password XXXXXXXX -sd_hostname <master-hostname> -sd_admin_port 443 -sd_admin_name admin -sd_admin_password XXXXXXXX -clone_start_tls true -clone_uri https://<master-hostname>:443' returned non-zero exit status 255
creation of replica failed: Configuration of CA failed
ipa         : DEBUG    Configuration of CA failed
  File "/usr/sbin/ipa-replica-install", line 496, in <module>

  File "/usr/sbin/ipa-replica-install", line 426, in main
    (CA, cs) = cainstance.install_replica_ca(config)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 1164, in install_replica_ca

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 531, in configure_instance
    self.start_creation("Configuring certificate server", 210)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 257, in start_creation

  File "/usr/lib/python2.6/site-packages/ipaserver/install/", line 667, in __configure_instance
    raise RuntimeError('Configuration of CA failed')

Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
[1]    45980 exit 1     ipa-replica-install --setup-ca -d


  • Red Hat Enterprise Linux 6.3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In