URL: https://github.com/freeipa/freeipa/pull/526 Title: #526: server install: properly handle PKINIT-related options
HonzaCholasta commented: """ This is what you currently get in CA-less install: ``` # getcert list Number of certificates and requests being tracked: 1. Request ID '20170301121440': status: CA_UNREACHABLE ca-error: Server at https://vm-226.abc.idm.lab.eng.brq.redhat.com/ipa/xml failed request, will retry: -504 (libcurl failed to execute the HTTP POST transaction, explaining: Failed to connect to vm-226.abc.idm.lab.eng.brq.redhat.com port 443: Connection refused). stuck: no key pair storage: type=FILE,location='/var/kerberos/krb5kdc/kdc.key' certificate: type=FILE,location='/var/kerberos/krb5kdc/kdc.crt' CA: IPA issuer: subject: expires: unknown pre-save command: post-save command: track: yes auto-renew: yes # ls /var/kerberos/krb5kdc/kdc.crt ls: cannot access '/var/kerberos/krb5kdc/kdc.crt': No such file or directory ``` """ See the full comment at https://github.com/freeipa/freeipa/pull/526#issuecomment-283325910
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code