In a CA less setup, if the CA certificate subject contains non-ASCII characters, ipa-server-install fails with a UnicodeDecodeError.
ipa-server-install fails when configuring SSL for HTTPd:
Configuring the web interface (httpd) [1/20]: stopping httpd [2/20]: backing up ssl.conf [3/20]: disabling nss.conf [4/20]: configuring mod_ssl certificate paths [5/20]: setting mod_ssl protocol list [6/20]: configuring mod_ssl log directory [7/20]: disabling mod_ssl OCSP [8/20]: adding URL rewriting rules [9/20]: configuring httpd [10/20]: setting up httpd keytab [11/20]: configuring Gssproxy [12/20]: setting up ssl [error] UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd1 in position 67: invalid continuation byte 'utf-8' codec can't decode byte 0xd1 in position 67: invalid continuation byte The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information
The installation should succeed
freeipa-server-4.9.3-4.fc34.x86_64 freeipa-client-4.9.3-4.fc34.x86_64 389-ds-base-2.0.5-1.fc34.x86_64 pki-ca-10.10.5-6.fc34.noarch krb5-server-1.19.1-3.fc34.x86_64
Traceback:
2021-06-09T16:43:35Z DEBUG Traceback (most recent call last): File "/usr/lib/python3.9/site-packages/ipaserver/install/service.py", line 635, in start_creation run_step(full_msg, method) File "/usr/lib/python3.9/site-packages/ipaserver/install/service.py", line 621, in run_step method() File "/usr/lib/python3.9/site-packages/ipaserver/install/httpinstance.py", line 331, in __setup_ssl p12_certs, p12_priv_keys = certs.pkcs12_to_certkeys( File "/usr/lib/python3.9/site-packages/ipaserver/install/certs.py", line 106, in pkcs12_to_certkeys pems = ipautil.run(args, capture_output=True).raw_output File "/usr/lib/python3.9/site-packages/ipapython/ipautil.py", line 585, in run output = stdout.decode(encoding) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xd1 in position 67: invalid continuation byte
Metadata Update from @frenaud: - Issue assigned to frenaud
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/5823
master:
ipa-4-9:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1973023
Issue linked to Bugzilla: Bug 1973023
Issue linked to Bugzilla: Bug 1973024
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1973023, https://bugzilla.redhat.com/show_bug.cgi?id=1973024 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1973023)
Login to comment on this ticket.