ipa-replica-install fails with the error "RuntimeError: Certificate issuance failed (CA_UNREACHABLE)"
Issue
ipa-replica-install fails. When checking /var/log/ipareplica-install.log for more details, you see the following errors:
2018-04-03T14:53:49Z DEBUG certmonger request is in state dbus.String(u'NEWLY_ADDED_READING_KEYINFO', variant_level=1)
2018-04-03T14:53:54Z DEBUG certmonger request is in state dbus.String(u'CA_UNREACHABLE', variant_level=1)
2018-04-03T14:53:54Z DEBUG Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 504, in start_creation
run_step(full_msg, method)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 494, in run_step
method()
File "/usr/lib/python2.7/site-packages/ipaserver/install/dsinstance.py", line 824, in __enable_ssl
post_command=cmd)
File "/usr/lib/python2.7/site-packages/ipalib/install/certmonger.py", line 317, in request_and_wait_for_cert
raise RuntimeError("Certificate issuance failed ({})".format(state))
RuntimeError: Certificate issuance failed (CA_UNREACHABLE)
2018-04-03T14:53:54Z DEBUG [error] RuntimeError: Certificate issuance failed (CA_UNREACHABLE)
...
File "/usr/lib/python2.7/site-packages/ipalib/install/certmonger.py", line 317, in request_and_wait_for_cert
raise RuntimeError("Certificate issuance failed ({})".format(state))
2018-04-03T14:53:54Z DEBUG The ipa-replica-install command failed, exception: RuntimeError: Certificate issuance failed (CA_UNREACHABLE)
2018-04-03T14:53:54Z ERROR Certificate issuance failed (CA_UNREACHABLE)
2018-04-03T14:53:54Z ERROR The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information
Environment
- IDM
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.