ipa-replica-install fails with the error "RuntimeError: Certificate issuance failed (CA_UNREACHABLE)"
Issue
ipa-replica-install fails. When checking /var/log/ipareplica-install.log for more details, you see the following errors:
2018-04-03T14:53:49Z DEBUG certmonger request is in state dbus.String(u'NEWLY_ADDED_READING_KEYINFO', variant_level=1)
2018-04-03T14:53:54Z DEBUG certmonger request is in state dbus.String(u'CA_UNREACHABLE', variant_level=1)
2018-04-03T14:53:54Z DEBUG Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation
run_step(full_msg, method)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step
method()
File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 824, in __enable_ssl
post_command=cmd)
File "/usr/lib/python2.7/site-packages/ipalib/install/certmonger.py", line 317, in request_and_wait_for_cert
raise RuntimeError("Certificate issuance failed ({})".format(state))
RuntimeError: Certificate issuance failed (CA_UNREACHABLE)
2018-04-03T14:53:54Z DEBUG [error] RuntimeError: Certificate issuance failed (CA_UNREACHABLE)
...
File "/usr/lib/python2.7/site-packages/ipalib/install/certmonger.py", line 317, in request_and_wait_for_cert
raise RuntimeError("Certificate issuance failed ({})".format(state))
2018-04-03T14:53:54Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Certificate issuance failed (CA_UNREACHABLE)
2018-04-03T14:53:54Z ERROR Certificate issuance failed (CA_UNREACHABLE)
2018-04-03T14:53:54Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information
Environment
- IDM
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
