Clone of https://bugzilla.redhat.com/show_bug.cgi?id=1639890
Description of problem: While requesting a certificate from an IPA client, I am seeing the following error: [root@rhel-2 certs]# openssl req -new -newkey rsa:2048 -keyout ipauser1.key -nodes -out ipauser1.csr -subj '/CN=ipauser1' Generating a RSA private key .......................................................+++++ ............................+++++ writing new private key to 'ipauser1.key' ----- [root@rhel-2 certs]# ipa cert-request ipauser1.csr --principal=ipauser1 --certificate-out=ipauser1.crt ipa: ERROR: non-public: ResponseNotReady: Request-sent Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/ipalib/backend.py", line 141, in execute return self.Command[_name](*args, **options) File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 450, in __call__ return self.__do_call(*args, **options) File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 478, in __do_call ret = self.run(*args, **options) File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 801, in run return self.forward(*args, **options) File "/usr/lib/python3.6/site-packages/ipaclient/plugins/cert.py", line 56, in forward result = super(CertRetrieveOverride, self).forward(*args, **options) File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 824, in forward *args, **kw) File "/usr/lib/python3.6/site-packages/ipalib/rpc.py", line 1144, in forward return self._call_command(command, params) File "/usr/lib/python3.6/site-packages/ipalib/rpc.py", line 1120, in _call_command return command(*params) File "/usr/lib/python3.6/site-packages/ipalib/rpc.py", line 1274, in _call return self.__request(name, args) File "/usr/lib/python3.6/site-packages/ipalib/rpc.py", line 1241, in __request verbose=self.__verbose >= 3, File "/usr/lib64/python3.6/xmlrpc/client.py", line 1154, in request return self.single_request(host, handler, request_body, verbose) File "/usr/lib/python3.6/site-packages/ipalib/rpc.py", line 712, in single_request response = h.getresponse() File "/usr/lib64/python3.6/http/client.py", line 1321, in getresponse raise ResponseNotReady(self.__state) http.client.ResponseNotReady: Request-sent ipa: ERROR: an internal error has occurred Version-Release number of selected component (if applicable): ipa-client-4.7.0-5.el8+1821+bae8e9a4.x86_64 python3-libs-3.6.6-13.el8.x86_64 [root@rhel-2 certs]# How reproducible: Unknown. So far only happened the first time I tried to request a cert successfully. Steps to Reproduce: 1. Setup IPA server and client 2. Add ipauser1 user 3. openssl req -new -newkey rsa:2048 -keyout ipauser1.key -nodes -out ipauser1.csr -subj '/CN=ipauser1' 4. ipa cert-request ipauser1.csr --principal=ipauser1 --certificate-out=ipauser1.crt Actual results: Shows error above. Expected results: no error and writes cert to ipauser1.crt file.
This issue can be forcibly reproduced:
ipa user-find
/run/ipa/ccaches
401
500
Metadata Update from @ftweedal: - Issue assigned to ftweedal
PR: https://github.com/freeipa/freeipa/pull/2517
Metadata Update from @ftweedal: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/2517
master:
ipa-4-6:
ipa-4-7:
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
ipa-4-9:
Log in to comment on this ticket.