Natxo Asenjo wrote:
I do see these errors:
[Wed Sep 07 15:56:13 2016] [error] ipa: INFO:: ping(): SUCCESS
[Wed Sep 07 15:56:13 2016] [error] ipa: INFO: : host_find(u'tftp-1801',
all=False, raw=False, version=u'2.49', no_members=False,
pkey_only=False): CertificateFormatError
[Wed Sep 07 15:56:44 2016] [error] ipa: INFO: : ping(): SUCCESS
[Wed Sep 07 15:56:44 2016] [error] ipa: INFO: : host_find(u'tftp-1801',
all=False, raw=False, version=u'2.49', no_members=False,
pkey_only=False): CertificateFormatError
[Wed Sep 07 15:57:57 2016] [error] ipa: INFO: : ping(): SUCCESS
[Wed Sep 07 15:57:58 2016] [error] ipa: INFO: : host_find(u'tftp-1801',
all=False, raw=False, version=u'2.49', no_members=False,
pkey_only=False): CertificateFormatErro
On Wed, Sep 7, 2016 at 4:01 PM, Natxo Asenjo <[email protected]
<mailto:[email protected]>> wrote:
alas, not woriking again.
On the one kdc
$ ipa host-find tftp-1801
ipa: ERROR: Certificate format error: (SEC_ERROR_LEGACY_DATABASE)
The certificate/key database is in an old, unsupported format.
On the other:
$ ipa host-find tftp-1801
--------------
1 host matched
--------------
Host name: tftp-1801.sub.domain.tld
.....
After rebooting the kdc with the error, no new tracebacks in the
error_log
No new tracebacks but still not working?
The CertificateFormatError is the server logging the equivalent of what
you're seeing in the client.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
