Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Appendix B. Troubleshooting: Solutions to Specific Problems

For troubleshooting advice for:

B.1. Identity Management Servers
Copier lien

B.1.1. External CA Installation Fails
Copier lien

The ipa-server-install --external-ca command fails with the following error: 
ipa         : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/configuration_file' returned non-zero exit status 1
Configuration of CA failed
The env|grep proxy command displays variables such as the following: 
env|grep proxy
http_proxy=http://example.com:8080
ftp_proxy=http://example.com:8080
https_proxy=http://example.com:8080

What this means:

The *_proxy environmental variables are preventing the server from being installed.

To fix the problem:

  1. Use the following shell script to unset the *_proxy environmental variables: 
    # for i in ftp http https; do unset ${i}_proxy; done
  2. Run the pkidestroy utility to remove the unsuccessful CA subsystem installation: 
    # pkidestroy -s CA -i pki-tomcat; rm -rf /var/log/pki/pki-tomcat  /etc/sysconfig/pki-tomcat  /etc/sysconfig/pki/tomcat/pki-tomcat  /var/lib/pki/pki-tomcat  /etc/pki/pki-tomcat /root/ipa.csr
  3. Remove the failed IdM server installation: 
    # ipa-server-install --uninstall
  4. Retry running ipa-server-install --external-ca.

B.1.2. named Daemon Fails to Start
Copier lien

After installing an IdM server with integrated DNS, the named-pkcs11 fails to start. The /var/log/messages file includes an error message related to the named-pkcs11 service and the ldap.so library: 
ipaserver named[6886]: failed to dynamically load driver 'ldap.so': libldap-2.4.so.2: cannot open shared object file: No such file or directory

What this means:

The bind-chroot package is installed and is preventing the named-pkcs11 service from starting.

To fix the problem:

  1. Uninstall the bind-chroot package. 
    # yum remove bind-chroot
  2. Restart the IdM server. 
    # ipactl restart
When attempting to install an IdM server on a system with IPv6 disabled, the following error occurs during the installation process: 
CRITICAL Failed to restart the directory server
Command '/bin/systemctl restart dirsrv@EXAMPLE.service' returned non-zero exit status 1

What this means:

Installing and running a server requires IPv6 to be enabled on the network. See Section 2.1.3, “System Requirements”.

To fix the problem:

Enable IPv6 on your system. For details, see How do I disable or enable the IPv6 protocol in Red Hat Enterprise Linux? in Red Hat Knowledgebase.
Note that IPv6 is enabled by default on Red Hat Enterprise Linux 7 systems.
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2026 Red HatRetour au début