https://bugzilla.redhat.com/show_bug.cgi?id=788084 (Red Hat Enterprise Linux 6)
Description of problem: Version-Release number of selected component (if applicable): ipa-server-2.2.0-101.20120205T0931zgit55cd9e7.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Install ipa server 2. Create replica file 3. Install ipa replica 4. Make sure lookup fails for slave (Remove all DNS records of slave from master/ Point the slave to another DNS which does not lookup.) 5. Install ipa ca on slave with --no-host-dns option Actual results: ipa-ca-install fails [root@skyfire ~]# ipa-ca-install -p Secret123 -w Secret123 --skip-conncheck --unattended --no-host-dns /var/lib/ipa/replica-info-skyfire.lab.eng.pnq.redhat.com.gpg Warning: skipping DNS resolution of host skyfire.lab.eng.pnq.redhat.com Configuring directory server for the CA: Estimated time 30 seconds [1/3]: creating directory server user [2/3]: creating directory server instance [3/3]: restarting directory server done configuring pkids. Configuring certificate server: Estimated time 3 minutes 30 seconds [1/11]: creating certificate server user [2/11]: creating pki-ca instance [3/11]: configuring certificate server instance ipa : CRITICAL failed to configure ca instance Command '/usr/bin/perl /usr/bin/pkisilent 'ConfigureCA' '-cs_hostname' 'skyfire.lab.eng.pnq.redhat.com' '-cs_port' '9445' '-client_certdb_dir' '/tmp/tmp-XjrHAu' '-client_certdb_pwd' XXXXXXXX '-preop_pin' 'jl79lmqfIychyBVPZXQX' '-domain_name' 'IPA' '-admin_user' 'admin' '-admin_email' 'root@localhost' '-admin_password' XXXXXXXX '-agent_name' 'ipa-ca-agent' '-agent_key_size' '2048' '-agent_key_type' 'rsa' '-agent_cert_subject' 'CN=ipa-ca-agent,O=LAB.ENG.PNQ.REDHAT.COM' '-ldap_host' 'skyfire.lab.eng.pnq.redhat.com' '-ldap_port' '7389' '-bind_dn' 'cn=Directory Manager' '-bind_password' XXXXXXXX '-base_dn' 'o=ipaca' '-db_name' 'ipaca' '-key_size' '2048' '-key_type' 'rsa' '-key_algorithm' 'SHA256withRSA' '-save_p12' 'true' '-backup_pwd' XXXXXXXX '-subsystem_name' 'pki-cad' '-token_name' 'internal' '-ca_subsystem_cert_subject_name' 'CN=CA Subsystem,O=LAB.ENG.PNQ.REDHAT.COM' '-ca_ocsp_cert_subject_name' 'CN=OCSP Subsystem,O=LAB.ENG.PNQ.REDHAT.COM' '-ca_server_cert_subject_name' 'CN=skyfire.lab.eng.pnq.redhat.com,O=LAB.ENG.PNQ.REDHAT.COM' '-ca_audit_signing_cert_subject_name' 'CN=CA Audit,O=LAB.ENG.PNQ.REDHAT.COM' '-ca_sign_cert_subject_name' 'CN=Certificate Authority,O=LAB.ENG.PNQ.REDHAT.COM' '-external' 'false' '-clone' 'true' '-clone_p12_file' 'ca.p12' '-clone_p12_password' XXXXXXXX '-sd_hostname' 'zetaprime.lab.eng.pnq.redhat.com' '-sd_admin_port' '443' '-sd_admin_name' 'admin' '-sd_admin_password' XXXXXXXX '-clone_start_tls' 'true' '-clone_uri' 'https://zetaprime.lab.eng.pnq.redhat.com:443'' returned non-zero exit status 255 creation of replica failed: Configuration of CA failed Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. [root@skyfire ~]# Expected results: ipa-ca-install should succeed with --no-host-dns option even if there is no resolution of hostname. Additional info:
Source bugzilla was closed. This is not something want or can fix.
Metadata Update from @dpal: - Issue assigned to rcritten - Issue set to the milestone: Tickets Deferred
Login to comment on this ticket.