If /etc/hostname is not properly configured to fqdn, but python detects the hostname correctly:
$ cat /etc/hostname localhost.localdomain $ python >>> import socket >>> socket.gethostname() 'ipaserver' >>> socket.getfqdn() 'ipaserver.ipa.test'
The installation fails with:
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds [1/25]: creating certificate server user [2/25]: configuring certificate server instance ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpzij2Pc'' returned non-zero exit status 1 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki-ca-install.log ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat
Which is rather cryptic, we should do a better validation. Changing /etc/hostname to fqdn fixes the error.
Isn't it a regression?
shouldn't installer set the /etc/hostname ?
F23, ipa-4.2 $ ipa-server-install - SNIP - Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30 seconds [1/25]: creating certificate server user [2/25]: configuring certificate server instance ipa.ipaserver.install.cainstance.CAInstance: CRITICAL Failed to configure CA instance: Command ''/usr/sbin/pkispawn' '-s' 'CA' '-f' '/tmp/tmpAp57n3'' returned non-zero exit status 1 ipa.ipaserver.install.cainstance.CAInstance: CRITICAL See the installation logs and the following files/directories for more information: ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki-ca-install.log ipa.ipaserver.install.cainstance.CAInstance: CRITICAL /var/log/pki/pki-tomcat [error] RuntimeError: CA configuration failed. ipa.ipapython.install.cli.install_tool(Server): ERROR CA configuration failed. $ cat /etc/hostname mybox.example.local
Ticket #5794 should fix this as well
clossing according to comment 7
Metadata Update from @tbabej: - Issue assigned to mbasti - Issue set to the milestone: FreeIPA 4.4
Login to comment on this ticket.