root# ipa-server-certinstall -w -d ipa5.fixedandmobile.com.p12
Peer's certificate issuer is not trusted (certutil: certificate is invalid: Peer's Certificate issuer is not recognized.
). Please run ipa-cacert-manage install and ipa-certupdate to install the CA certificate.
The ipa-server-certinstall command failed.
root# ipa-certupdate -v
ipapython.admintool: DEBUG: Not logging to a file
ipalib.rpc: DEBUG: failed to find session_cookie in persistent storage for principal 'admin@FIXEDANDMOBILE.COM'
ipalib.rpc: INFO: trying https://ipa5.fixedandmobile.com/ipa/json
ipalib.rpc: DEBUG: New HTTP connection (ipa5.fixedandmobile.com)
ipalib.rpc: DEBUG: received Set-Cookie (<type 'list'>)'['ipa_session=MagBearerToken=7%2feoIywViL2KTkXiG1w0hP0DdWEaK4pE75LdZtDKSRPqBDLuzEqJdY%2fUnrwLqOBnhZBTqjj8gdAGD%2fSWn%2bwq1xLTiDo7%2f8CRETD%2bW5AvHT1VNFFRZibPfE1JS2BVE09q%2bdQrPAV60PA4cth2Qcdsvfp0U2oLj1xML6eRsoXG00REURhaFp8cCaB9AuQVKLbO8Byf3Pie3qafgN1SJ04jzA%3d%3d;path=/ipa;httponly;secure;']'
ipalib.rpc: DEBUG: storing cookie 'ipa_session=MagBearerToken=7%2feoIywViL2KTkXiG1w0hP0DdWEaK4pE75LdZtDKSRPqBDLuzEqJdY%2fUnrwLqOBnhZBTqjj8gdAGD%2fSWn%2bwq1xLTiDo7%2f8CRETD%2bW5AvHT1VNFFRZibPfE1JS2BVE09q%2bdQrPAV60PA4cth2Qcdsvfp0U2oLj1xML6eRsoXG00REURhaFp8cCaB9AuQVKLbO8Byf3Pie3qafgN1SJ04jzA%3d%3d;' for principal admin@FIXEDANDMOBILE.COM
ipalib.backend: DEBUG: Created connection context.rpcclient_139889220220816
ipalib.rpc: INFO: [try 1]: Forwarding 'schema' to json server 'https://ipa5.fixedandmobile.com/ipa/json'
ipalib.rpc: DEBUG: HTTP connection keep-alive (ipa5.fixedandmobile.com)
ipalib.rpc: DEBUG: received Set-Cookie (<type 'list'>)'['ipa_session=MagBearerToken=7PkGtgj%2fPCAF7lH774apcgiEy8NWrTzE3mFkHYl0eLj3%2bujnT%2fQru5wDXVKPv5ky7TwRzS%2bVifAcvSv97FnucGLDC%2b17365XlJuuexo2K0IueTFg5oFAdOf6aCk%2bB%2bNC8Rjawej3u1gidQa8y285gLYBmD0rW44cdrHaulcW72pgD1ts1%2fC1uwRsolhCx30Iwfe0Qj9TGSjd0OvS0TfS0A%3d%3d;path=/ipa;httponly;secure;']'
ipalib.rpc: DEBUG: storing cookie 'ipa_session=MagBearerToken=7PkGtgj%2fPCAF7lH774apcgiEy8NWrTzE3mFkHYl0eLj3%2bujnT%2fQru5wDXVKPv5ky7TwRzS%2bVifAcvSv97FnucGLDC%2b17365XlJuuexo2K0IueTFg5oFAdOf6aCk%2bB%2bNC8Rjawej3u1gidQa8y285gLYBmD0rW44cdrHaulcW72pgD1ts1%2fC1uwRsolhCx30Iwfe0Qj9TGSjd0OvS0TfS0A%3d%3d;' for principal admin@FIXEDANDMOBILE.COM
ipalib.backend: DEBUG: Destroyed connection context.rpcclient_139889220220816
ipalib.plugable: DEBUG: importing all plugin modules in ipaclient.remote_plugins.schema$79e69edd...
ipalib.plugable: DEBUG: importing plugin module ipaclient.remote_plugins.schema$79e69edd.plugins
ipalib.plugable: DEBUG: importing all plugin modules in ipaclient.plugins...
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.automember
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.automount
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.ca
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.cert
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.certmap
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.certprofile
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.csrgen
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.dns
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.hbacrule
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.hbactest
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.host
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.idrange
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.internal
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.location
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.migration
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.misc
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.otptoken
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.otptoken_yubikey
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.passwd
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.permission
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.rpcclient
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.server
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.service
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.sudorule
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.topology
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.trust
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.user
ipalib.plugable: DEBUG: importing plugin module ipaclient.plugins.vault
ipalib.rpc: DEBUG: found session_cookie in persistent storage for principal 'admin@FIXEDANDMOBILE.COM', cookie: 'ipa_session=MagBearerToken=7PkGtgj%2fPCAF7lH774apcgiEy8NWrTzE3mFkHYl0eLj3%2bujnT%2fQru5wDXVKPv5ky7TwRzS%2bVifAcvSv97FnucGLDC%2b17365XlJuuexo2K0IueTFg5oFAdOf6aCk%2bB%2bNC8Rjawej3u1gidQa8y285gLYBmD0rW44cdrHaulcW72pgD1ts1%2fC1uwRsolhCx30Iwfe0Qj9TGSjd0OvS0TfS0A%3d%3d'
ipalib.rpc: DEBUG: setting session_cookie into context 'ipa_session=MagBearerToken=7PkGtgj%2fPCAF7lH774apcgiEy8NWrTzE3mFkHYl0eLj3%2bujnT%2fQru5wDXVKPv5ky7TwRzS%2bVifAcvSv97FnucGLDC%2b17365XlJuuexo2K0IueTFg5oFAdOf6aCk%2bB%2bNC8Rjawej3u1gidQa8y285gLYBmD0rW44cdrHaulcW72pgD1ts1%2fC1uwRsolhCx30Iwfe0Qj9TGSjd0OvS0TfS0A%3d%3d;'
ipalib.rpc: INFO: trying https://ipa5.fixedandmobile.com/ipa/session/json
ipalib.rpc: DEBUG: New HTTP connection (ipa5.fixedandmobile.com)
ipalib.rpc: DEBUG: received Set-Cookie (<type 'list'>)'['ipa_session=MagBearerToken=7PkGtgj%2fPCAF7lH774apcgiEy8NWrTzE3mFkHYl0eLj3%2bujnT%2fQru5wDXVKPv5ky7TwRzS%2bVifAcvSv97FnucGLDC%2b17365XlJuuexo2K0IueTFg5oFAdOf6aCk%2bB%2bNC8Rjawej3u1gidQa8y285gLYBmD0rW44cdrHaulcW72pgD1ts1%2fC1uwRsolhCx30Iwfe0Qj9TGSjd0OvS0TfS0A%3d%3d;path=/ipa;httponly;secure;']'
ipalib.rpc: DEBUG: storing cookie 'ipa_session=MagBearerToken=7PkGtgj%2fPCAF7lH774apcgiEy8NWrTzE3mFkHYl0eLj3%2bujnT%2fQru5wDXVKPv5ky7TwRzS%2bVifAcvSv97FnucGLDC%2b17365XlJuuexo2K0IueTFg5oFAdOf6aCk%2bB%2bNC8Rjawej3u1gidQa8y285gLYBmD0rW44cdrHaulcW72pgD1ts1%2fC1uwRsolhCx30Iwfe0Qj9TGSjd0OvS0TfS0A%3d%3d;' for principal admin@FIXEDANDMOBILE.COM
ipalib.backend: DEBUG: Created connection context.rpcclient_139889190138192
ipalib.install.kinit: DEBUG: Initializing principal host/ipa5.fixedandmobile.com@FIXEDANDMOBILE.COM using keytab /etc/krb5.keytab
ipalib.install.kinit: DEBUG: using ccache /tmp/tmp-Rln5Jh/ccache
ipapython.admintool: DEBUG: File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 178, in execute
return_value = self.run()
File "/usr/lib/python2.7/site-packages/ipaclient/install/ipa_certupdate.py", line 62, in run
run_with_args(api)
File "/usr/lib/python2.7/site-packages/ipaclient/install/ipa_certupdate.py", line 83, in run_with_args
kinit_keytab(principal, paths.KRB5_KEYTAB, ccache_name)
File "/usr/lib/python2.7/site-packages/ipalib/install/kinit.py", line 47, in kinit_keytab
cred = gssapi.Credentials(name=name, store=store, usage='initiate')
File "/usr/lib64/python2.7/site-packages/gssapi/creds.py", line 64, in __new__
store=store)
File "/usr/lib64/python2.7/site-packages/gssapi/creds.py", line 148, in acquire
usage)
File "ext_cred_store.pyx", line 182, in gssapi.raw.ext_cred_store.acquire_cred_from (gssapi/raw/ext_cred_store.c:1732)
ipapython.admintool: DEBUG: The ipa-certupdate command failed, exception: GSSError: Major (851968): Unspecified GSS failure. Minor code may provide more information, Minor (2529639107): No credentials cache found
ipapython.admintool: ERROR: Major (851968): Unspecified GSS failure. Minor code may provide more information, Minor (2529639107): No credentials cache found
ipapython.admintool: ERROR: The ipa-certupdate command failed.