#4505 KRA can't be re-installed in a multi-master setup
Closed: Fixed None Opened 9 years ago by pviktori.

  • Install master and replica, both with CA and KRA
  • Remove KRA on both hosts

At this point, trying to instal KRA on the replica fails:

$ sudo ipa-kra-install replica-info-file.gpg
Usage: ipa-kra-install [options] [replica_file]

ipa-kra-install: error: Too many parameters provided.  No replica file is required.
$ sudo ipa-kra-install
Directory Manager password:


===================================================================
This program will setup Dogtag KRA for the FreeIPA Server.


Configuring KRA server (pki-tomcatd): Estimated time 2 minutes 6 seconds
  [1/5]: configuring KRA instance
failed to configure KRA instance Command ''/usr/sbin/pkispawn' '-s' 'KRA' '-f' '/tmp/tmp_FKfkR'' returned non-zero exit status 1

Your system may be partly configured.
Run ipa-kra-install --uninstall to clean up.

Configuration of KRA failed

This seems to cripple the installation: ipa-kra-install --uninstall will complain that KRA is not installed. Also, ipa-kra-install on the master will complain that it wasn't given a replica file.

UUntil this is fixed, KRA uninstallation is disabled.


master:

  • 9ca5a4e Re-enable uninstall feature for ipa-kra-install

Metadata Update from @pviktori:
- Issue set to the milestone: FreeIPA 4.2 Backlog

7 years ago

Login to comment on this ticket.

Metadata