Ticket was cloned from Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1637717
The command "openstack undercloud install" fails with: 2018-10-02T18:38:49Z DEBUG args=/usr/sbin/ipa-join -s ipa.example.test -b dc=example,dc=test -w XXXXXXXX 2018-10-02T18:38:49Z DEBUG Process finished, return code=15 2018-10-02T18:38:49Z DEBUG stdout= 2018-10-02T18:38:49Z DEBUG stderr=Incorrect password.
However we found that the root cause was that the certificate downloaded from IPA server (http://ipa.example.test/ipa/config/ca.crt) was an intermediate certificate, not the root certificate.
The problem is that the error is misleading. The password was fine, but the problem was that the certificate validation failed.
Metadata Update from @rcritten: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1637717
Metadata Update from @rcritten: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1637717, https://bugzilla.redhat.com/show_bug.cgi?id=1637719 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1637717)
Metadata Update from @rcritten: - Issue assigned to rcritten
PR https://github.com/freeipa/freeipa/pull/2447
master:
ipa-4-6:
ipa-4-7:
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.