Identity Management (IdM) / IPA replica installation failure using external CA, error invalid XML character (Unicode: 0x0)

Solution In Progress - Updated -

Issue

Using an external Certificate Authority / CA, the configuration of an IdM/IPA replica with the command ipa-replica-install may fail in some specific scenario, in the step of the IPA Certificate Authority configuration, with the error:

# ipa-replica-install --setup-ca --setup-dns --forwarder=10.0.0.10 --forwarder=10.0.0.11  /var/lib/ipa/replica-info-ipa-replica1.example.com.gpg
...
Configuration of CA failed

And in the /var/log/ipareplica-install.log file:

2014-01-09T08:59:09Z DEBUG stderr=[Fatal Error] :215:93: An invalid XML character (Unicode: 0x0) was found in the element content of the document.

Environment

RHEL 6 and IdM/IPA 3

ipa-server-3.0.0-30.el6
pki-ca-9.0.3-30.el6.noarch
pki-common-9.0.3-30.el6.noarch

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content