Identity Management (IdM) / IPA replica installation failure using external CA, error invalid XML character (Unicode: 0x0)

Solution In Progress - Updated -

Issue

Using an external Certificate Authority / CA, the configuration of an IdM/IPA replica with the command ipa-replica-install may fail in some specific scenario, in the step of the IPA Certificate Authority configuration, with the error:

# ipa-replica-install --setup-ca --setup-dns --forwarder=10.0.0.10 --forwarder=10.0.0.11  /var/lib/ipa/replica-info-ipa-replica1.example.com.gpg
...
Configuration of CA failed

And in the /var/log/ipareplica-install.log file:

2014-01-09T08:59:09Z DEBUG stderr=[Fatal Error] :215:93: An invalid XML character (Unicode: 0x0) was found in the element content of the document.

Environment

RHEL 6 and IdM/IPA 3

ipa-server-3.0.0-30.el6
pki-ca-9.0.3-30.el6.noarch
pki-common-9.0.3-30.el6.noarch

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.