With a ca-less PR for ansible-freeipa I ran into an issue with setting up CA-less replica and the option ipareplica_setup_ca: https://github.com/freeipa/ansible-freeipa/pull/298#issuecomment-641849890 The command line installer is failing in the same way when I combine --[http,dirsrv,pkinit]-cert-file options with --setup-ca:
The remote master does not have a CA installed, can't set up CA
ipa-replica-install --dirsrv-cert-file ca-less-test/dirsrv.p12 --dirsrv-cert-name dirsrv-cert --dirsrv-pin SomePKCS12password --http-cert-file ca-less-test/httpd.p12 --http-cert-name httpd-cert --http-pin SomePKCS12password --pkinit-cert-file ca-less-test/pkinit.p12 --pkinit-cert-name pkinit-cert --pkinit-pin SomePKCS12password -P admin -p <password> --setup-ca
Metadata Update from @frenaud: - Issue assigned to frenaud
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/4802
Metadata Update from @frenaud: - Issue set to the milestone: FreeIPA 4.8.8
master:
ipa-4-8:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.