Description of problem:

I have seen the following failures in the past week:
1. cert renew problem:  some certs (randomly) not get renewed while other certs
that have same "Not After" vales are being renewed.

2. DNS A record problem: sometimes, ipa server reports "ipa: ERROR: Host does
not have corresponding DNS A record", when a similar "ipa service-add
<service>" command success before system time adjusted. And after the test
script finished running, the exact same command success.

3. Power test for cert renew: I want to make sure the automatic renew feature
continue to work after all certs are being renewed at least once. The test
result is always failed. Sometimes all certs are being renewed two times, and
failed at third round of renewal test. Most of time, they failed at second
round of test.

What fustrate me is the test results are different almost everytime. I have
been debuging and restruct my test script but I have seen NO logic error for my
test script. I really need deveopers help to find out the exact cause of the
problem. It is possible I have wrong logic flow or even wrong understanding of
the feature.

To get started, I want to focus on one specific error first: caSSLServiceCert
renew failed. I will post test log and host information as comment of this bug
report

Thanks


Version-Release number of selected component (if applicable):
[root@fig (RH6.4-x86_64) ipa-autorenewcert] rpm -qi ipa-server
Name        : ipa-server                   Relocations: (not relocatable)
Version     : 3.0.0                             Vendor: Red Hat, Inc.
Release     : 9.el6                         Build Date: Tue 27 Nov 2012
06:28:28 AM PST
Install Date: Mon 03 Dec 2012 11:05:50 AM PST      Build Host:
x86-001.build.bos.redhat.com
Group       : System Environment/Base       Source RPM: ipa-3.0.0-9.el6.src.rpm
Size        : 4366857                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://www.freeipa.org/
Summary     : The IPA authentication server
Description :
IPA is an integrated solution to provide centrally managed Identity (machine,
user, virtual machines, groups, authentication credentials), Policy
(configuration settings, access control information) and Audit (events,
logs, analysis thereof). If you are installing an IPA server you need
to install this package (in other words, most people should NOT install
this package).