> After libnsspem.so is added to Ubuntu16.04, all expired certificates pass the > change time > and the test is renewed normally. However, there are new problems during the > IPA-replica-install test. The details are as follows: > > ipa-client-install --domain=hiido.host.yydevops.com --realm=YYDEVOPS.COM > --server=ipa-test-65-188.hiido.host.yydevops.com > Everything is all right .... > > root@fs-hiido-dn-12-65-18:/home/liangrui# ipa-replica-install > Run connection check to master > Connection check OK > Configuring NTP daemon (ntpd) > [1/4]: stopping ntpd > [2/4]: writing configuration > [3/4]: configuring ntpd to start on boot > [4/4]: starting ntpd > Done configuring NTP daemon (ntpd). > Configuring directory server (dirsrv). Estimated time: 1 minute > [1/43]: creating directory server user > [2/43]: creating directory server instance > [3/43]: restarting directory server > [4/43]: adding default schema > [5/43]: enabling memberof plugin > [6/43]: enabling winsync plugin > [7/43]: configuring replication version plugin > [8/43]: enabling IPA enrollment plugin > [9/43]: enabling ldapi > [10/43]: configuring uniqueness plugin > [11/43]: configuring uuid plugin > [12/43]: configuring modrdn plugin > [13/43]: configuring DNS plugin > [14/43]: enabling entryUSN plugin > [15/43]: configuring lockout plugin > [16/43]: configuring topology plugin > [17/43]: creating indices > [18/43]: enabling referential integrity plugin > [19/43]: configuring certmap.conf > [20/43]: configure autobind for root > [21/43]: configure new location for managed entries > [22/43]: configure dirsrv ccache > [23/43]: enabling SASL mapping fallback > [24/43]: restarting directory server > [25/43]: creating DS keytab > [26/43]: retrieving DS Certificate > [27/43]: restarting directory server > ipa : CRITICAL Failed to restart the directory server. See the > installation log > for details. > [error] SystemExit: 1 > ipa.ipapython.install.cli.install_tool(Replica): ERROR The > ipa-replica-install command > failed. See /var/log/ipareplica-install.log for more information > > > #cat /var/log/ipareplica-install.log > .... > 2022-08-08T09:14:29Z DEBUG stdout= > 2022-08-08T09:14:29Z DEBUG stderr=Keytab successfully retrieved and stored in: > /etc/dirsrv/ds.keytab > > 2022-08-08T09:14:29Z DEBUG duration: 1 seconds > 2022-08-08T09:14:29Z DEBUG [26/43]: retrieving DS Certificate > 2022-08-08T09:14:29Z DEBUG Loading Index file from > '/var/lib/ipa/sysrestore/sysrestore.index' > 2022-08-08T09:14:29Z DEBUG Starting external process > 2022-08-08T09:14:29Z DEBUG args=/usr/bin/certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -L -n > YYDEVOPS.COM IPA CA -a > 2022-08-08T09:14:29Z DEBUG Process finished, return code=255 > 2022-08-08T09:14:29Z DEBUG stdout= > 2022-08-08T09:14:29Z DEBUG stderr=certutil: Could not find cert: YYDEVOPS.COM > IPA CA > : PR_FILE_NOT_FOUND_ERROR: File not found > > 2022-08-08T09:14:29Z DEBUG Starting external process > 2022-08-08T09:14:29Z DEBUG args=/usr/bin/certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -N -f > /etc/dirsrv/slapd-YYDEVOPS-COM//pwdfile.txt > 2022-08-08T09:14:29Z DEBUG Process finished, return code=0 > 2022-08-08T09:14:29Z DEBUG stdout= > 2022-08-08T09:14:29Z DEBUG stderr= > 2022-08-08T09:14:29Z DEBUG Starting external process > 2022-08-08T09:14:29Z DEBUG args=/usr/bin/certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -A -n > YYDEVOPS.COM IPA CA -t CT,C,C -a > 2022-08-08T09:14:29Z DEBUG Process finished, return code=0 > 2022-08-08T09:14:29Z DEBUG stdout= > 2022-08-08T09:14:29Z DEBUG stderr= > 2022-08-08T09:14:29Z DEBUG Starting external process > 2022-08-08T09:14:29Z DEBUG args=/usr/bin/certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -A -n > YYDEVOPS.COM IPA CA -t CT,C,C -a > 2022-08-08T09:14:29Z DEBUG Process finished, return code=0 > 2022-08-08T09:14:29Z DEBUG stdout= > 2022-08-08T09:14:29Z DEBUG stderr= > 2022-08-08T09:14:29Z DEBUG certmonger request is in state > dbus.String(u'GENERATING_KEY_PAIR', variant_level=1) > 2022-08-08T09:14:34Z DEBUG certmonger request is in state > dbus.String(u'CA_UNREACHABLE', variant_level=1) > 2022-08-08T09:14:34Z DEBUG flushing > ldapi://%2fvar%2frun%2fslapd-YYDEVOPS-COM.socket from > SchemaCache > 2022-08-08T09:14:34Z DEBUG retrieving schema for SchemaCache > url=ldapi://%2fvar%2frun%2fslapd-YYDEVOPS-COM.socket > conn=<ldap.ldapobject.SimpleLDAPObject instance at 0x7f36a4433e60> > 2022-08-08T09:14:34Z DEBUG duration: 5 seconds > 2022-08-08T09:14:34Z DEBUG [27/43]: restarting directory server > 2022-08-08T09:14:34Z DEBUG Starting external process > 2022-08-08T09:14:34Z DEBUG args=/bin/systemctl --system daemon-reload > 2022-08-08T09:14:35Z DEBUG Process finished, return code=0 > 2022-08-08T09:14:35Z DEBUG stdout= > 2022-08-08T09:14:35Z DEBUG stderr= > 2022-08-08T09:14:35Z DEBUG Starting external process > 2022-08-08T09:14:35Z DEBUG args=/bin/systemctl restart > dirsrv(a)YYDEVOPS-COM.service > 2022-08-08T09:14:36Z DEBUG Process finished, return code=0 > 2022-08-08T09:14:36Z DEBUG stdout= > 2022-08-08T09:14:36Z DEBUG stderr= > 2022-08-08T09:14:36Z DEBUG Starting external process > 2022-08-08T09:14:36Z DEBUG args=/bin/systemctl is-active > dirsrv(a)YYDEVOPS-COM.service > 2022-08-08T09:14:36Z DEBUG Process finished, return code=3 > 2022-08-08T09:14:36Z DEBUG stdout=failed > > 2022-08-08T09:14:36Z DEBUG stderr= > 2022-08-08T09:14:36Z DEBUG Starting external process > 2022-08-08T09:14:36Z DEBUG args=/bin/systemctl is-active > dirsrv(a)YYDEVOPS-COM.service > 2022-08-08T09:14:36Z DEBUG Process finished, return code=3 > 2022-08-08T09:14:36Z DEBUG stdout=failed > > 2022-08-08T09:14:36Z DEBUG stderr= > 2022-08-08T09:14:36Z CRITICAL Failed to restart the directory server. See the > installation > log for details. > 2022-08-08T09:14:36Z DEBUG Traceback (most recent call last): > File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line > 447, in start_creation > run_step(full_msg, method) > File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line > 437, in run_step > method() > File "/usr/lib/python2.7/dist-packages/ipaserver/install/dsinstance.py", > line > 625, in __restart_instance > self.restart(self.serverid) > File "/usr/lib/python2.7/dist-packages/ipaserver/install/dsinstance.py", > line > 619, in restart > raise e > SystemExit: 1 > > 2022-08-08T09:14:36Z DEBUG [error] SystemExit: 1 > 2022-08-08T09:14:36Z DEBUG File > "/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line 171, in > execute > return_value = self.run() > File "/usr/lib/python2.7/dist-packages/ipapython/install/cli.py", line 318, > in > run > cfgr.run() > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 310, > in run > self.execute() > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 332, > in execute > for nothing in self._executor(): > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 372, > in __runner > self._handle_exception(exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 394, > in _handle_exception > six.reraise(*exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 362, > in __runner > step() > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 359, > in <lambda> > step = lambda: next(self.__gen) > File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 81, > in > run_generator_with_yield_from > six.reraise(*exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 59, > in > run_generator_with_yield_from > value = gen.send(prev_value) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 586, > in _configure > next(executor) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 372, > in __runner > self._handle_exception(exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 449, > in _handle_exception > self.__parent._handle_exception(exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 394, > in _handle_exception > six.reraise(*exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 446, > in _handle_exception > super(ComponentBase, self)._handle_exception(exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 394, > in _handle_exception > six.reraise(*exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 362, > in __runner > step() > File "/usr/lib/python2.7/dist-packages/ipapython/install/core.py", line 359, > in <lambda> > step = lambda: next(self.__gen) > File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 81, > in > run_generator_with_yield_from > six.reraise(*exc_info) > File "/usr/lib/python2.7/dist-packages/ipapython/install/util.py", line 59, > in > run_generator_with_yield_from > value = gen.send(prev_value) > File "/usr/lib/python2.7/dist-packages/ipapython/install/common.py", line > 63, > in _install > for nothing in self._installer(self.parent): > File > "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py", > line 1652, in main > promote(self) > File > "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py", > line 375, in decorated > func(installer) > File > "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py", > line 1359, in promote > promote=True, pkcs12_info=dirsrv_pkcs12_info) > File > "/usr/lib/python2.7/dist-packages/ipaserver/install/server/replicainstall.py", > line 125, in install_replica_ds > promote=promote, > File "/usr/lib/python2.7/dist-packages/ipaserver/install/dsinstance.py", > line > 399, in create_replica > self.start_creation(runtime=60) > File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line > 447, in start_creation > run_step(full_msg, method) > File "/usr/lib/python2.7/dist-packages/ipaserver/install/service.py", line > 437, in run_step > method() > File "/usr/lib/python2.7/dist-packages/ipaserver/install/dsinstance.py", > line > 625, in __restart_instance > self.restart(self.serverid) > File "/usr/lib/python2.7/dist-packages/ipaserver/install/dsinstance.py", > line > 619, in restart > raise e > > 2022-08-08T09:14:36Z DEBUG The ipa-replica-install command failed, exception: > SystemExit: > 1 > 2022-08-08T09:14:36Z ERROR The ipa-replica-install command failed. See > /var/log/ipareplica-install.log for more information > > #less /var/log/dirsrv/slapd-YYDEVOPS-COM/errors > [08/Aug/2022:17:14:36 +0800] - SSL alert: Security Initialization: Can't find > certificate (Server-Cert) for family cn=RSA,cn=encryption,cn=config (Netscape > Portable > Runtime error -8174 - security library: bad database.) > [08/Aug/2022:17:14:36 +0800] - SSL alert: Security Initialization: Unable to > retrieve > private key for cert Server-Cert of family cn=RSA,cn=encryption,cn=config > (Netscape > Portable Runtime error -8174 - security library: bad database.) > [08/Aug/2022:17:14:36 +0800] - SSL failure: None of the cipher are valid > [08/Aug/2022:17:14:36 +0800] - ERROR: SSL2 Initialization Failed. Disabling > SSL2. > [08/Aug/2022:17:14:36 +0800] - 389-Directory/1.3.4.9 B2016.109.158 starting up > [08/Aug/2022:17:14:36 +0800] - Can't find certificate Server-Cert in > attrcrypt_fetch_private_key: -8174 - security library: bad database. > [08/Aug/2022:17:14:36 +0800] - Can't get private key from cert Server-Cert in > attrcrypt_fetch_private_key: -8174 - security library: bad database. > [08/Aug/2022:17:14:36 +0800] - Error: unable to initialize attrcrypt system > for userRoot > [08/Aug/2022:17:14:36 +0800] - start: Failed to start databases, err=-1 > BDB0092 Unknown > error: -1 > [08/Aug/2022:17:14:36 +0800] - Failed to start database plugin ldbm database > [08/Aug/2022:17:14:36 +0800] - WARNING: ldbm instance userRoot already exists > [08/Aug/2022:17:14:36 +0800] - ldbm_config_read_instance_entries: failed to > add instance > entry cn=userRoot,cn=ldbm database,cn=plugins,cn=config > [08/Aug/2022:17:14:36 +0800] - ldbm_config_load_dse_info: failed to read > instance entries > [08/Aug/2022:17:14:36 +0800] - start: Loading database configuration failed > [08/Aug/2022:17:14:36 +0800] - Failed to start database plugin ldbm database > [08/Aug/2022:17:14:36 +0800] - Error: Failed to resolve plugin dependencies > [08/Aug/2022:17:14:36 +0800] - Error: betxnpreoperation plugin 7-bit check is > not started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin Account Usability > Plugin is not > started > [08/Aug/2022:17:14:36 +0800] - Error: accesscontrol plugin ACL Plugin is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin ACL preoperation is > not started > [08/Aug/2022:17:14:36 +0800] - Error: betxnpreoperation plugin Auto > Membership Plugin is > not started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin Class of Service is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin deref is not started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin HTTP Client is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin IPA DNS is not > started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin IPA Lockout is not started > [08/Aug/2022:17:14:36 +0800] - Error: betxnpostoperation plugin IPA MODRDN is > not started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin IPA Topology > Configuration is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin IPA UUID is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin ipa-winsync is not > started > [08/Aug/2022:17:14:36 +0800] - Error: extendedop plugin ipa_enrollment_extop > is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin ipaUniqueID > uniqueness is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin krbCanonicalName > uniqueness is > not started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin krbPrincipalName > uniqueness is > not started > [08/Aug/2022:17:14:36 +0800] - Error: database plugin ldbm database is not > started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin Legacy Replication Plugin > is not > started > [08/Aug/2022:17:14:36 +0800] - Error: betxnpreoperation plugin Linked > Attributes is not > started > [08/Aug/2022:17:14:36 +0800] - Error: betxnpreoperation plugin Managed > Entries is not > started > [08/Aug/2022:17:14:36 +0800] - Error: betxnpostoperation plugin MemberOf > Plugin is not > started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin Multimaster Replication > Plugin is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin netgroup uniqueness > is not > started > [08/Aug/2022:17:14:36 +0800] - Error: betxnpostoperation plugin referential > integrity > postoperation is not started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin Roles Plugin is not > started > [08/Aug/2022:17:14:36 +0800] - Error: preoperation plugin sudorule name > uniqueness is not > started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin USN is not started > [08/Aug/2022:17:14:36 +0800] - Error: object plugin Views is not started > [08/Aug/2022:17:14:36 +0800] - Error: extendedop plugin whoami is not started > > root@fs-hiido-dn-12-65-18:/var/log/dirsrv/slapd-YYDEVOPS-COM# certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -L > > Certificate Nickname Trust Attributes > > SSL,S/MIME,JAR/XPI > > YYDEVOPS.COM IPA CA CT,C,C > YYDEVOPS.COM IPA CA CT,C,C > > > root@fs-hiido-dn-12-65-18:/var/log/dirsrv/slapd-YYDEVOPS-COM# certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -L -n YYDEVOPS.COM IPA CA -a > certutil: Could not find cert: YYDEVOPS.COM > : PR_FILE_NOT_FOUND_ERROR: File not found > root@fs-hiido-dn-12-65-18:/var/log/dirsrv/slapd-YYDEVOPS-COM# certutil -d > /etc/dirsrv/slapd-YYDEVOPS-COM/ -L -n 'YYDEVOPS.COM IPA CA' -a > -----BEGIN CERTIFICATE----- > MIIDpTCCAo2gAwIBAgIBEzANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKDAxZWURF > Vk9QUy5DT00xHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMDA3 > MzExNzExMzlaFw00MDA3MzExNzExMzlaMDcxFTATBgNVBAoMDFlZREVWT1BTLkNP > TTEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B > AQEFAAOCAQ8AMIIBCgKCAQEAvKlmpaCuohS3WQgnG2Ppzr56MCpjTyJgPifDZpvC > NkRCS+MtqaRKC2NX2E8oZjQAqbkUaeVfduuTL7BmTQgblm29mfKEGWtQiezNbp2k > X20xzRqRV85P7Vz1H+mGLUFb3WbKcFPFlWNqKwxPcpQi49ajACwjHaXBu+dtjT5D > wTuV1tQskwl17x1r858DoW1L9OwwXT08f7zIWwdUaENwZKBhVBntA4se1Zow0euC > KQOy1z9x1PQPhmVuHf8xqZnqHC7de95/k1JWBe8pa0k8EKKJ0SckI8siX7cSViKx > rSC/yR5pn7Q4GuN6cT7epayO/voWStaKK0NnjMO/Ue6ShQIDAQABo4G7MIG4MB8G > A1UdIwQYMBaAFLk6xAYxQbKeq6CoTqaaCAV6VJc/MB0GA1UdDgQWBBS5OsQGMUGy > nqugqE6mmggFelSXPzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjBV > BggrBgEFBQcBAQRJMEcwRQYIKwYBBQUHMAGGOWh0dHA6Ly9pcGEtdGVzdC02NS0x > ODguaGlpZG8uaG9zdC55eWRldm9wcy5jb206ODAvY2Evb2NzcDANBgkqhkiG9w0B > AQsFAAOCAQEAWQ27Ct/fKQ6AUg4szZ5zvoQ3H94GCxExQZRPhkx48XJnHF2mrAkd > zlvUBOZ1HSAaB7ym4svjnrjVIC/BhjXH2k7BvfSCDJlkm5IP7J2DIJ+czvduRftz > c+4TXOIJ14u5PY+Bcn4BHQ1iR1erR1LGaHa6G9IzbYVtNmY5gWHokFOcRbQmduLl > ddZPlkdujWU8WxdXzuULBgfnHSFoNB8SATFo686RTmflAPG0So72LhzF4ElFm1An > dUIftRc4PvS7DtQD7VVSc86VhCJVIGTCOx/BfbI05JP8HXQDYjBSUIezCH8rjOhu > HA89ijC2ULSXBOdmtOddGxuc72wSjeqMVQ== > -----END CERTIFICATE----- > -----BEGIN CERTIFICATE----- > MIIDpTCCAo2gAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRUwEwYDVQQKDAxZWURF > Vk9QUy5DT00xHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMDA3 > MzExNjU2NDZaFw00MDA3MzExNjU2NDZaMDcxFTATBgNVBAoMDFlZREVWT1BTLkNP > TTEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B > AQEFAAOCAQ8AMIIBCgKCAQEAvKlmpaCuohS3WQgnG2Ppzr56MCpjTyJgPifDZpvC > NkRCS+MtqaRKC2NX2E8oZjQAqbkUaeVfduuTL7BmTQgblm29mfKEGWtQiezNbp2k > X20xzRqRV85P7Vz1H+mGLUFb3WbKcFPFlWNqKwxPcpQi49ajACwjHaXBu+dtjT5D > wTuV1tQskwl17x1r858DoW1L9OwwXT08f7zIWwdUaENwZKBhVBntA4se1Zow0euC > KQOy1z9x1PQPhmVuHf8xqZnqHC7de95/k1JWBe8pa0k8EKKJ0SckI8siX7cSViKx > rSC/yR5pn7Q4GuN6cT7epayO/voWStaKK0NnjMO/Ue6ShQIDAQABo4G7MIG4MB8G > A1UdIwQYMBaAFLk6xAYxQbKeq6CoTqaaCAV6VJc/MA8GA1UdEwEB/wQFMAMBAf8w > DgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBS5OsQGMUGynqugqE6mmggFelSXPzBV > BggrBgEFBQcBAQRJMEcwRQYIKwYBBQUHMAGGOWh0dHA6Ly9pcGEtdGVzdC02NS0x > ODguaGlpZG8uaG9zdC55eWRldm9wcy5jb206ODAvY2Evb2NzcDANBgkqhkiG9w0B > AQsFAAOCAQEAQcgq+Tm9Mqxy0Kk1eX/E7/7B0sa8WoeNFTpIweyeZEQdJyxQwe3T > gQeDBZsP6meqscWTgsmxNdm9bCpPlBnPThbGNgHsdmLzCQvpLDU1cn7BQs+jFoNJ > YC9g+eIzhFAw3E63WG//0VJyPkOOXrXc3o2QCqKHBZFrnn2YpYqXJN/bqN2rLwHS > s5NOuK7Q70kq6etz+T9o+s5uM2A3RYTiPen4SY9kKkcMJ1CKyh6YatRUV0o7kTvA > 0it2cFc74mIdsqb91VgYL+kzKTIIWH88OZYaMIWxj60gGBntKyF61RlCnhW94GQw > SkdKwEAIXTJTMJwk849tbGwi7Tk4MOT5pA== > -----END CERTIFICATE----- > root@fs-hiido-dn-12-65-18:/var/log/dirsrv/slapd-YYDEVOPS-COM# > > > > According to the log output, are the quotes missing, so the name cannot be > found, or are > there two (YYDEVOPS.COM IPA CA) names, so the service cannot be replicated? > > /var/log/ipareplica-install.log > 2022-08-08T09:14:29Z DEBUG stderr=certutil: Could not find cert: YYDEVOPS.COM > IPA CA > : PR_FILE_NOT_FOUND_ERROR: File not found
Strangely, after a few days, I tried IPA-certupDate again Then execute on the new node Ipa - up - install, debug Ipa - up - install, setup - ca - the debug It all worked. The data was replicated.The main reason seems to be libnsspem.so _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
