ipa-server-install fails at KRA installation time with:
DEBUG: Command: pki -d /etc/pki/pki-tomcat/alias -f /etc/pki/pki-tomcat/password.conf -U https://master.ipa.test:443 --ignore-cert-status UNTRUSTED_ISSUER ca-cert-signing-export --pkcs7\nPKIException: Internal Server Error\nERROR: CalledProcessError: Command \'[\'pki\', \'-d\', \'/etc/pki/pki-tomcat/alias\', \'-f\', \'/etc/pki/pki-tomcat/password.conf\', \'-U\', \'https://master.ipa.test:443\', \'--ignore-cert-status\', \'UNTRUSTED_ISSUER\', \'ca-cert-signing-export\', \'--pkcs7\']\' returned non-zero exit status 255.\n File "/usr/lib/python3.8/site-packages/pki/server/pkispawn.py", line 575, in main\n scriptlet.spawn(deployer)\n File "/usr/lib/python3.8/site-packages/pki/server/deployment/scriptlets/configuration.py", line 756, in spawn\n pem_chain = self.get_cert_chain(instance, issuing_ca)\n File "/usr/lib/python3.8/site-packages/pki/server/deployment/scriptlets/configuration.py", line 543, in get_cert_chain\n output = subprocess.check_output(cmd)\n File "/usr/lib64/python3.8/subprocess.py", line 411, in check_output\n return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,\n File "/usr/lib64/python3.8/subprocess.py", line 512, in run\n raise CalledProcessError(retcode, process.args,\n\n')
Companion Dogtag issue opened at: https://github.com/dogtagpki/pki/issues/3341
Closing, we do not need multiple trackers for the access exception pki/tomcat bug.
Metadata Update from @fcami: - Issue close_status updated to: duplicate - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.