Hello Rob,
Thank you for your comment the -v option is very useful! I give a more clues
about what is happening during the execution:
I got the following messages after running:
ipa-server-certinstall -w -d --pin= name.key name.crt
ipapython.ipautil: DEBUG: stderr=
ipapython.ipautil: DEBUG: Starting external process
ipapython.ipautil: DEBUG: args=/usr/bin/certutil -d dbm:/tmp/tmpRcYnFD -V -n
CN=*.name.com,O=name Ltd,L=city,C=country -u V -f /tmp/tmpRcYnFD/pwdfile.txt
ipapython.ipautil: DEBUG: Process finished, return code=0
ipapython.ipautil: DEBUG: stdout=certutil: certificate is valid
ipapython.ipautil: DEBUG: stderr=
ipalib.frontend: DEBUG: raw: ca_is_enabled(version=u'2.237')
ipalib.frontend: DEBUG: ca_is_enabled(version=u'2.237')
ipapython.ipautil: DEBUG: Starting external process
ipapython.ipautil: DEBUG: args=/usr/bin/certutil -d dbm:/etc/httpd/alias -D -n
Server-Cert -f /etc/httpd/alias/pwdfile.txt
ipapython.ipautil: DEBUG: Process finished, return code=255
ipapython.ipautil: DEBUG: stdout=
ipapython.ipautil: DEBUG: stderr=certutil: could not find certificate named
"Server-Cert": SEC_ERROR_BAD_DATABASE: security library: bad database.
ipapython.admintool: DEBUG: File
"/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute
return_value = self.run()
File
"/usr/lib/python2.7/site-packages/ipaserver/install/ipa_server_certinstall.py",
line 121, in run
self.install_http_cert()
File
"/usr/lib/python2.7/site-packages/ipaserver/install/ipa_server_certinstall.py",
line 163, in install_http_cert
'restart_httpd')
File
"/usr/lib/python2.7/site-packages/ipaserver/install/ipa_server_certinstall.py",
line 284, in import_cert
cdb.delete_cert(old_cert)
File "/usr/lib/python2.7/site-packages/ipaserver/install/certs.py", line 470,
in delete_cert
self.nssdb.delete_cert(nickname)
File "/usr/lib/python2.7/site-packages/ipapython/certdb.py", line 794, in
delete_cert
self.run_certutil(["-D", "-n", nick])
File "/usr/lib/python2.7/site-packages/ipapython/certdb.py", line 281, in
run_certutil
return ipautil.run(new_args, stdin, **kwargs)
File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 563, in run
raise CalledProcessError(p.returncode, arg_string, str(output))
ipapython.admintool: DEBUG: The ipa-server-certinstall command failed,
exception: CalledProcessError: Command '/usr/bin/certutil -d
dbm:/etc/httpd/alias -D -n Server-Cert -f /etc/httpd/alias/pwdfile.txt'
returned non-zero exit status 255
ipapython.admintool: ERROR: Command '/usr/bin/certutil -d dbm:/etc/httpd/alias
-D -n Server-Cert -f /etc/httpd/alias/pwdfile.txt' returned non-zero exit
status 255
ipapython.admintool: ERROR: The ipa-server-certinstall command failed.
What is best as a next step?
Thank you for your help
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
