Logging is a bit incomplete when using a custom CA subject passed in via --ca-subject.
If there is a problem finding the IPA CA certificate then the installer will log:
ERROR IPA CA certificate not found in /tmp/servercert.pem, /tmp/cacert.pem
It should include the subject that is being looked for.
Metadata Update from @rcritten: - Issue tagged with: easyfix
@rcritten can you please provide a bit more context. e.g. what command causes the error mentioned above?
Metadata Update from @pvoborni: - Issue tagged with: debugging
This is from a second stage ipa-server-install with an external CA.
This message will be seen if none of the certificates passed in has a subject which matches what IPA is expecting it to be. The log message doesn't show what IPA is expecting, just that it doesn't match "something".
PR:https://github.com/freeipa/freeipa/pull/1447
master:
ipa-4-6:
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.