report.html

Report generated on 02-Jul-2019 at 15:21:11 by pytest-html v1.21.1

Environment

Packages {'pytest': '3.9.3', 'py': '1.7.0', 'pluggy': '0.8.1'}
Platform Linux-5.1.15-300.fc30.x86_64-x86_64-with-fedora-30-Thirty
Plugins {'metadata': '1.8.0', 'html': '1.21.1', 'sourceorder': '0.5', 'multihost': '3.0'}
Python 3.7.3

Summary

26 tests ran in 458.04 seconds.

25 passed, 0 skipped, 0 failed, 0 errors, 1 expected failures, 0 unexpected passes

Results

Result Test Duration Links
XFailed test_caless.py::TestCertInstall::()::test_ds_intermediate_ca 8.31
self = <ipatests.test_integration.test_caless.TestCertInstall object at 0x7fa23d668be0>

@pytest.mark.xfail(reason='freeipa ticket 6959', strict=True)
def test_ds_intermediate_ca(self):
"Install new DS certificate issued by intermediate CA"

result = self.certinstall('d', 'ca1/subca/server')
> assert result.returncode == 0, result.stderr_text
E AssertionError: Peer's certificate issuer is not trusted (certutil: certificate is invalid: Peer's Certificate issuer is not recognized.
E ). Please run ipa-cacert-manage install and ipa-certupdate to install the CA certificate.
E The ipa-server-certinstall command failed.
E
E assert 1 == 0
E + where 1 = <pytest_multihost.transport.SSHCommand object at 0x7fa23d6680b8>.returncode

/usr/lib/python3.7/site-packages/ipatests/test_integration/test_caless.py:1372: AssertionError
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG Peer's certificate issuer is not trusted (certutil: certificate is invalid: Peer's Certificate issuer is not recognized. transport.py 558 DEBUG ). Please run ipa-cacert-manage install and ipa-certupdate to install the CA certificate. transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_nonexistent_http_pkcs12_file 3.07
---------------------------- Captured stdout setup -----------------------------
<ipatests.pytest_ipa.integration.config.Config object at 0x7fa23d82c940> ------------------------------ Captured log setup ------------------------------
__init__.py 267 INFO Preparing host master.ipa.test transport.py 1760 INFO Connected (version 2.0, client OpenSSH_8.0) transport.py 247 DEBUG Authenticating with private RSA key using user root transport.py 1760 INFO Authentication (publickey) successful! transport.py 318 INFO RUN ['true'] transport.py 513 DEBUG RUN ['true'] transport.py 558 DEBUG -bash: line 1: cd: /ipatests: No such file or directory transport.py 217 DEBUG Exit code: 0 __init__.py 261 INFO Adding master.ipa.test:/ipatests/env.sh to list of logs to collect transport.py 301 DEBUG STAT /ipatests sftp.py 158 INFO [chan 1] Opened sftp connection (server version 3) transport.py 301 DEBUG STAT / transport.py 312 INFO MKDIR /ipatests transport.py 293 INFO WRITE /ipatests/env.sh test_caless.py 151 INFO Generating certificates to /tmp/ipatest-9fwxri2p transport.py 318 INFO RUN ['true'] transport.py 513 DEBUG RUN ['true'] transport.py 217 DEBUG Exit code: 0 __init__.py 261 INFO Adding master.ipa.test:/ipatests/env.sh to list of logs to collect transport.py 301 DEBUG STAT /ipatests transport.py 293 INFO WRITE /ipatests/env.sh transport.py 301 DEBUG STAT /etc/hostname transport.py 301 DEBUG STAT /ipatests/file_backup/etc transport.py 301 DEBUG STAT /ipatests/file_backup transport.py 301 DEBUG STAT /ipatests transport.py 312 INFO MKDIR /ipatests/file_backup transport.py 312 INFO MKDIR /ipatests/file_backup/etc transport.py 318 INFO RUN ['cp', '-af', '/etc/hostname', '/ipatests/file_backup/etc/hostname'] transport.py 513 DEBUG RUN ['cp', '-af', '/etc/hostname', '/ipatests/file_backup/etc/hostname'] transport.py 217 DEBUG Exit code: 0 transport.py 293 INFO WRITE /etc/hostname transport.py 318 INFO RUN ['hostname', 'master.ipa.test'] transport.py 513 DEBUG RUN ['hostname', 'master.ipa.test'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN hostname > '/ipatests/backup_hostname' transport.py 513 DEBUG RUN hostname > '/ipatests/backup_hostname' transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes'] transport.py 513 DEBUG RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes'] transport.py 558 DEBUG Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=12)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:50673 0.0.0.0:* users:(("rpc.statd",pid=2031,fd=9)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:50801 0.0.0.0:* transport.py 558 DEBUG udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=17)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:68 0.0.0.0:* users:(("dhclient",pid=1609,fd=7)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=2030,fd=5),("systemd",pid=1,fd=103)) transport.py 558 DEBUG udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=524,fd=5)) transport.py 558 DEBUG udp UNCONN 0 0 127.0.0.1:935 0.0.0.0:* users:(("rpc.statd",pid=2031,fd=5)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:52410 [::]:* users:(("rpc.statd",pid=2031,fd=11)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:5355 [::]:* users:(("systemd-resolve",pid=582,fd=14)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=2030,fd=7),("systemd",pid=1,fd=105)) transport.py 558 DEBUG udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=524,fd=6)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:45871 [::]:* transport.py 558 DEBUG tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=18)) transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=571,fd=3)) transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:46263 0.0.0.0:* users:(("rpc.statd",pid=2031,fd=10)) transport.py 558 DEBUG tcp LISTEN 0 64 0.0.0.0:44931 0.0.0.0:* transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=13)) transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=2030,fd=4),("systemd",pid=1,fd=102)) transport.py 558 DEBUG tcp ESTAB 0 0 192.168.121.133:22 192.168.121.1:45390 users:(("sshd",pid=2159,fd=5),("sshd",pid=2157,fd=5)) transport.py 558 DEBUG tcp ESTAB 0 0 192.168.121.133:22 192.168.121.199:45930 users:(("sshd",pid=16338,fd=5),("sshd",pid=16336,fd=5)) transport.py 558 DEBUG tcp ESTAB 0 0 192.168.121.133:952 192.168.121.1:2049 transport.py 558 DEBUG tcp LISTEN 0 64 [::]:43987 [::]:* transport.py 558 DEBUG tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=571,fd=4)) transport.py 558 DEBUG tcp LISTEN 0 128 [::]:46219 [::]:* users:(("rpc.statd",pid=2031,fd=12)) transport.py 558 DEBUG tcp LISTEN 0 128 [::]:5355 [::]:* users:(("systemd-resolve",pid=582,fd=15)) transport.py 558 DEBUG tcp LISTEN 0 128 [::]:111 [::]:* users:(("rpcbind",pid=2030,fd=6),("systemd",pid=1,fd=104)) transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes', '-o', 'state', 'all', '( sport = :749 or dport = :749 or sport = :464 or dport = :464 )'] transport.py 513 DEBUG RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes', '-o', 'state', 'all', '( sport = :749 or dport = :749 or sport = :464 or dport = :464 )'] transport.py 558 DEBUG Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port transport.py 217 DEBUG Exit code: 0 transport.py 301 DEBUG STAT /ipatests/crl transport.py 301 DEBUG STAT /ipatests transport.py 312 INFO MKDIR /ipatests/crl transport.py 329 INFO PUT /ipatests/crl/ca2.crl transport.py 329 INFO PUT /ipatests/crl/ca3.crl transport.py 329 INFO PUT /ipatests/crl/ca1.crl transport.py 318 INFO RUN ['true'] transport.py 513 DEBUG RUN ['true'] transport.py 217 DEBUG Exit code: 0 __init__.py 261 INFO Adding master.ipa.test:/ipatests/env.sh to list of logs to collect transport.py 301 DEBUG STAT /ipatests transport.py 293 INFO WRITE /ipatests/env.sh transport.py 329 INFO PUT /ipatests/server.p12 transport.py 329 INFO PUT /ipatests/root.pem transport.py 318 INFO RUN ['/usr/bin/certutil', '-D', '-d', '/etc/httpd/alias', '-n', 'ca1'] transport.py 513 DEBUG RUN ['/usr/bin/certutil', '-D', '-d', '/etc/httpd/alias', '-n', 'ca1'] transport.py 558 DEBUG certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database. transport.py 217 DEBUG Exit code: 255 transport.py 318 INFO RUN ['/usr/bin/certutil', '-D', '-d', '/etc/httpd/alias', '-n', 'ca1/server'] transport.py 513 DEBUG RUN ['/usr/bin/certutil', '-D', '-d', '/etc/httpd/alias', '-n', 'ca1/server'] transport.py 558 DEBUG certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database. transport.py 217 DEBUG Exit code: 255 __init__.py 261 INFO Adding master.ipa.test:/var/log/dirsrv/slapd-IPA-TEST/errors to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/dirsrv/slapd-IPA-TEST/access to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipaserver-install.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipaserver-uninstall.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipaclient-install.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipaclient-uninstall.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipareplica-install.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipareplica-conncheck.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipareplica-ca-install.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipaserver-kra-install.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipa-custodia.audit.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipaclient-uninstall.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/iparestore.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/ipabackup.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/kadmind.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/krb5kdc.log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/httpd/error_log to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/pki/ to list of logs to collect __init__.py 261 INFO Adding master.ipa.test:/var/log/audit/audit.log to list of logs to collect transport.py 318 INFO RUN ['true'] transport.py 513 DEBUG RUN ['true'] transport.py 217 DEBUG Exit code: 0 __init__.py 261 INFO Adding master.ipa.test:/ipatests/env.sh to list of logs to collect transport.py 301 DEBUG STAT /ipatests transport.py 293 INFO WRITE /ipatests/env.sh transport.py 301 DEBUG STAT /etc/hostname transport.py 301 DEBUG STAT /ipatests/file_backup/etc transport.py 318 INFO RUN ['cp', '-af', '/etc/hostname', '/ipatests/file_backup/etc/hostname'] transport.py 513 DEBUG RUN ['cp', '-af', '/etc/hostname', '/ipatests/file_backup/etc/hostname'] transport.py 217 DEBUG Exit code: 0 transport.py 293 INFO WRITE /etc/hostname transport.py 318 INFO RUN ['hostname', 'master.ipa.test'] transport.py 513 DEBUG RUN ['hostname', 'master.ipa.test'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN hostname > '/ipatests/backup_hostname' transport.py 513 DEBUG RUN hostname > '/ipatests/backup_hostname' transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes'] transport.py 513 DEBUG RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes'] transport.py 558 DEBUG Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=12)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:50673 0.0.0.0:* users:(("rpc.statd",pid=2031,fd=9)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:50801 0.0.0.0:* transport.py 558 DEBUG udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=17)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:68 0.0.0.0:* users:(("dhclient",pid=1609,fd=7)) transport.py 558 DEBUG udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=2030,fd=5),("systemd",pid=1,fd=103)) transport.py 558 DEBUG udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=524,fd=5)) transport.py 558 DEBUG udp UNCONN 0 0 127.0.0.1:935 0.0.0.0:* users:(("rpc.statd",pid=2031,fd=5)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:52410 [::]:* users:(("rpc.statd",pid=2031,fd=11)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:5355 [::]:* users:(("systemd-resolve",pid=582,fd=14)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=2030,fd=7),("systemd",pid=1,fd=105)) transport.py 558 DEBUG udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=524,fd=6)) transport.py 558 DEBUG udp UNCONN 0 0 [::]:45871 [::]:* transport.py 558 DEBUG tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=18)) transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=571,fd=3)) transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:46263 0.0.0.0:* users:(("rpc.statd",pid=2031,fd=10)) transport.py 558 DEBUG tcp LISTEN 0 64 0.0.0.0:44931 0.0.0.0:* transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=582,fd=13)) transport.py 558 DEBUG tcp LISTEN 0 128 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=2030,fd=4),("systemd",pid=1,fd=102)) transport.py 558 DEBUG tcp ESTAB 0 0 192.168.121.133:22 192.168.121.1:45390 users:(("sshd",pid=2159,fd=5),("sshd",pid=2157,fd=5)) transport.py 558 DEBUG tcp ESTAB 0 0 192.168.121.133:22 192.168.121.199:45930 users:(("sshd",pid=16338,fd=5),("sshd",pid=16336,fd=5)) transport.py 558 DEBUG tcp ESTAB 0 0 192.168.121.133:952 192.168.121.1:2049 transport.py 558 DEBUG tcp LISTEN 0 64 [::]:43987 [::]:* transport.py 558 DEBUG tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=571,fd=4)) transport.py 558 DEBUG tcp LISTEN 0 128 [::]:46219 [::]:* users:(("rpc.statd",pid=2031,fd=12)) transport.py 558 DEBUG tcp LISTEN 0 128 [::]:5355 [::]:* users:(("systemd-resolve",pid=582,fd=15)) transport.py 558 DEBUG tcp LISTEN 0 128 [::]:111 [::]:* users:(("rpcbind",pid=2030,fd=6),("systemd",pid=1,fd=104)) transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes', '-o', 'state', 'all', '( sport = :749 or dport = :749 or sport = :464 or dport = :464 )'] transport.py 513 DEBUG RUN ['ss', '--all', '--tcp', '--udp', '--numeric', '--processes', '-o', 'state', 'all', '( sport = :749 or dport = :749 or sport = :464 or dport = :464 )'] transport.py 558 DEBUG Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port transport.py 217 DEBUG Exit code: 0 transport.py 301 DEBUG STAT /bin/systemctl transport.py 318 INFO RUN ['systemctl', 'stop', 'httpd'] transport.py 513 DEBUG RUN ['systemctl', 'stop', 'httpd'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN for line in `ipcs -s | grep apache | cut -d " " -f 2`; do ipcrm -s $line; done transport.py 513 DEBUG RUN for line in `ipcs -s | grep apache | cut -d " " -f 2`; do ipcrm -s $line; done transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['systemctl', 'unmask', 'firewalld'] transport.py 513 DEBUG RUN ['systemctl', 'unmask', 'firewalld'] transport.py 558 DEBUG Removed /etc/systemd/system/firewalld.service. transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['systemctl', 'enable', 'firewalld'] transport.py 513 DEBUG RUN ['systemctl', 'enable', 'firewalld'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['systemctl', 'start', 'firewalld'] transport.py 513 DEBUG RUN ['systemctl', 'start', 'firewalld'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ipa-server-install', '-n', 'ipa.test', '-r', 'IPA.TEST', '-p', 'Secret.123', '-a', 'Secret.123', '--domain-level=1', '-U', '--setup-dns', '--forwarder', '192.168.121.1', '--auto-reverse', '--http-cert-file', '/ipatests/server.p12', '--dirsrv-cert-file', '/ipatests/server.p12', '--ca-cert-file', '/ipatests/root.pem', '--ip-address', '192.168.121.133', '--no-pkinit', '--http-pin', 'Secret.123', '--dirsrv-pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-install', '-n', 'ipa.test', '-r', 'IPA.TEST', '-p', 'Secret.123', '-a', 'Secret.123', '--domain-level=1', '-U', '--setup-dns', '--forwarder', '192.168.121.1', '--auto-reverse', '--http-cert-file', '/ipatests/server.p12', '--dirsrv-cert-file', '/ipatests/server.p12', '--ca-cert-file', '/ipatests/root.pem', '--ip-address', '192.168.121.133', '--no-pkinit', '--http-pin', 'Secret.123', '--dirsrv-pin', 'Secret.123'] transport.py 558 DEBUG Checking DNS domain ipa.test, please wait ... transport.py 558 DEBUG Checking DNS domain ipa.test., please wait ... transport.py 558 DEBUG Checking DNS domain 121.168.192.in-addr.arpa., please wait ... transport.py 558 DEBUG Reverse zone 121.168.192.in-addr.arpa. will be created transport.py 558 DEBUG Synchronizing time transport.py 558 DEBUG No SRV records of NTP servers found and no NTP server or pool address was provided. transport.py 558 DEBUG Attempting to sync time with chronyc. transport.py 558 DEBUG Process chronyc waitsync failed to sync time! transport.py 558 DEBUG Unable to sync time with chrony server, assuming the time is in sync. Please check that 123 UDP port is opened, and any time server is on network. transport.py 558 DEBUG Checking DNS domain ipa.test, please wait ... transport.py 558 DEBUG transport.py 558 DEBUG The log file for this installation can be found in /var/log/ipaserver-install.log transport.py 558 DEBUG ============================================================================== transport.py 558 DEBUG This program will set up the FreeIPA Server. transport.py 558 DEBUG Version 4.7.91.dev transport.py 558 DEBUG transport.py 558 DEBUG This includes: transport.py 558 DEBUG * Configure the NTP client (chronyd) transport.py 558 DEBUG * Create and configure an instance of Directory Server transport.py 558 DEBUG * Create and configure a Kerberos Key Distribution Center (KDC) transport.py 558 DEBUG * Configure Apache (httpd) transport.py 558 DEBUG * Configure DNS (bind) transport.py 558 DEBUG transport.py 558 DEBUG Warning: skipping DNS resolution of host master.ipa.test transport.py 558 DEBUG Checking DNS forwarders, please wait ... transport.py 558 DEBUG Using reverse zone(s) 121.168.192.in-addr.arpa. transport.py 558 DEBUG transport.py 558 DEBUG The IPA Master Server will be configured with: transport.py 558 DEBUG Hostname: master.ipa.test transport.py 558 DEBUG IP address(es): 192.168.121.133 transport.py 558 DEBUG Domain name: ipa.test transport.py 558 DEBUG Realm name: IPA.TEST transport.py 558 DEBUG transport.py 558 DEBUG BIND DNS server will be configured to serve IPA domain with: transport.py 558 DEBUG Forwarders: 192.168.121.1 transport.py 558 DEBUG Forward policy: only transport.py 558 DEBUG Reverse zone(s): 121.168.192.in-addr.arpa. transport.py 558 DEBUG transport.py 558 DEBUG Disabled p11-kit-proxy transport.py 558 DEBUG Using default chrony configuration. transport.py 558 DEBUG Warning: IPA was unable to sync time with chrony! transport.py 558 DEBUG Time synchronization is required for IPA to work correctly transport.py 558 DEBUG Configuring directory server (dirsrv). Estimated time: 30 seconds transport.py 558 DEBUG [1/44]: creating directory server instance transport.py 558 DEBUG transport.py 558 DEBUG Starting installation... transport.py 558 DEBUG Created symlink /etc/systemd/system/multi-user.target.wants/dirsrv@IPA-TEST.service → /usr/lib/systemd/system/dirsrv@.service. transport.py 558 DEBUG Opening SELinux policy "//etc/selinux/targeted/policy/policy.31" transport.py 558 DEBUG Successfully opened SELinux policy "//etc/selinux/targeted/policy/policy.31" transport.py 558 DEBUG Allocate local instance <class 'lib389.DirSrv'> with ldapi://%2fvar%2frun%2fslapd-IPA-TEST.socket transport.py 558 DEBUG [2/44]: configure autobind for root transport.py 558 DEBUG [3/44]: stopping directory server transport.py 558 DEBUG [4/44]: updating configuration in dse.ldif transport.py 558 DEBUG [5/44]: starting directory server transport.py 558 DEBUG [6/44]: adding default schema transport.py 558 DEBUG [7/44]: enabling memberof plugin transport.py 558 DEBUG [8/44]: enabling winsync plugin transport.py 558 DEBUG [9/44]: configure password logging transport.py 558 DEBUG [10/44]: configuring replication version plugin transport.py 558 DEBUG [11/44]: enabling IPA enrollment plugin transport.py 558 DEBUG [12/44]: configuring uniqueness plugin transport.py 558 DEBUG [13/44]: configuring uuid plugin transport.py 558 DEBUG [14/44]: configuring modrdn plugin transport.py 558 DEBUG [15/44]: configuring DNS plugin transport.py 558 DEBUG [16/44]: enabling entryUSN plugin transport.py 558 DEBUG [17/44]: configuring lockout plugin transport.py 558 DEBUG [18/44]: configuring topology plugin transport.py 558 DEBUG [19/44]: creating indices transport.py 558 DEBUG [20/44]: enabling referential integrity plugin transport.py 558 DEBUG [21/44]: configuring certmap.conf transport.py 558 DEBUG [22/44]: configure new location for managed entries transport.py 558 DEBUG [23/44]: configure dirsrv ccache and keytab transport.py 558 DEBUG [24/44]: enabling SASL mapping fallback transport.py 558 DEBUG [25/44]: restarting directory server transport.py 558 DEBUG [26/44]: adding sasl mappings to the directory transport.py 558 DEBUG [27/44]: adding default layout transport.py 558 DEBUG [28/44]: adding delegation layout transport.py 558 DEBUG [29/44]: creating container for managed entries transport.py 558 DEBUG [30/44]: configuring user private groups transport.py 558 DEBUG [31/44]: configuring netgroups from hostgroups transport.py 558 DEBUG [32/44]: creating default Sudo bind user transport.py 558 DEBUG [33/44]: creating default Auto Member layout transport.py 558 DEBUG [34/44]: adding range check plugin transport.py 558 DEBUG [35/44]: creating default HBAC rule allow_all transport.py 558 DEBUG [36/44]: adding entries for topology management transport.py 558 DEBUG [37/44]: initializing group membership transport.py 558 DEBUG [38/44]: adding master entry transport.py 558 DEBUG [39/44]: initializing domain level transport.py 558 DEBUG [40/44]: configuring Posix uid/gid generation transport.py 558 DEBUG [41/44]: adding replication acis transport.py 558 DEBUG [42/44]: activating sidgen plugin transport.py 558 DEBUG [43/44]: activating extdom plugin transport.py 558 DEBUG [44/44]: configuring directory to start on boot transport.py 558 DEBUG Done configuring directory server (dirsrv). transport.py 558 DEBUG Configuring Kerberos KDC (krb5kdc) transport.py 558 DEBUG [1/10]: adding kerberos container to the directory transport.py 558 DEBUG [2/10]: configuring KDC transport.py 558 DEBUG [3/10]: initialize kerberos container transport.py 558 DEBUG [4/10]: adding default ACIs transport.py 558 DEBUG [5/10]: creating a keytab for the directory transport.py 558 DEBUG [6/10]: creating a keytab for the machine transport.py 558 DEBUG [7/10]: adding the password extension to the directory transport.py 558 DEBUG [8/10]: creating anonymous principal transport.py 558 DEBUG [9/10]: starting the KDC transport.py 558 DEBUG [10/10]: configuring KDC to start on boot transport.py 558 DEBUG Done configuring Kerberos KDC (krb5kdc). transport.py 558 DEBUG Configuring kadmin transport.py 558 DEBUG [1/2]: starting kadmin transport.py 558 DEBUG [2/2]: configuring kadmin to start on boot transport.py 558 DEBUG Done configuring kadmin. transport.py 558 DEBUG Configuring ipa-custodia transport.py 558 DEBUG [1/5]: Making sure custodia container exists transport.py 558 DEBUG [2/5]: Generating ipa-custodia config file transport.py 558 DEBUG [3/5]: Generating ipa-custodia keys transport.py 558 DEBUG [4/5]: starting ipa-custodia transport.py 558 DEBUG [5/5]: configuring ipa-custodia to start on boot transport.py 558 DEBUG Done configuring ipa-custodia. transport.py 558 DEBUG Configuring directory server (dirsrv) transport.py 558 DEBUG [1/3]: configuring TLS for DS instance transport.py 558 DEBUG [2/3]: adding CA certificate entry transport.py 558 DEBUG [3/3]: restarting directory server transport.py 558 DEBUG Done configuring directory server (dirsrv). transport.py 558 DEBUG Configuring ipa-otpd transport.py 558 DEBUG [1/2]: starting ipa-otpd transport.py 558 DEBUG [2/2]: configuring ipa-otpd to start on boot transport.py 558 DEBUG Done configuring ipa-otpd. transport.py 558 DEBUG Configuring the web interface (httpd) transport.py 558 DEBUG [1/20]: stopping httpd transport.py 558 DEBUG [2/20]: backing up ssl.conf transport.py 558 DEBUG [3/20]: disabling nss.conf transport.py 558 DEBUG [4/20]: configuring mod_ssl certificate paths transport.py 558 DEBUG [5/20]: setting mod_ssl protocol list transport.py 558 DEBUG [6/20]: configuring mod_ssl log directory transport.py 558 DEBUG [7/20]: disabling mod_ssl OCSP transport.py 558 DEBUG [8/20]: adding URL rewriting rules transport.py 558 DEBUG [9/20]: configuring httpd transport.py 558 DEBUG [10/20]: setting up httpd keytab transport.py 558 DEBUG [11/20]: configuring Gssproxy transport.py 558 DEBUG [12/20]: setting up ssl transport.py 558 DEBUG [13/20]: publish CA cert transport.py 558 DEBUG [14/20]: clean up any existing httpd ccaches transport.py 558 DEBUG [15/20]: configuring SELinux for httpd transport.py 558 DEBUG [16/20]: create KDC proxy config transport.py 558 DEBUG [17/20]: enable KDC proxy transport.py 558 DEBUG [18/20]: starting httpd transport.py 558 DEBUG [19/20]: configuring httpd to start on boot transport.py 558 DEBUG [20/20]: enabling oddjobd transport.py 558 DEBUG Done configuring the web interface (httpd). transport.py 558 DEBUG Applying LDAP updates transport.py 558 DEBUG Upgrading IPA:. Estimated time: 1 minute 30 seconds transport.py 558 DEBUG [1/11]: stopping directory server transport.py 558 DEBUG [2/11]: saving configuration transport.py 558 DEBUG [3/11]: disabling listeners transport.py 558 DEBUG [4/11]: enabling DS global lock transport.py 558 DEBUG [5/11]: disabling Schema Compat transport.py 558 DEBUG [6/11]: starting directory server transport.py 558 DEBUG [7/11]: updating schema transport.py 558 DEBUG [8/11]: upgrading server transport.py 558 DEBUG [9/11]: stopping directory server transport.py 558 DEBUG [10/11]: restoring configuration transport.py 558 DEBUG [11/11]: starting directory server transport.py 558 DEBUG Done. transport.py 558 DEBUG Restarting the KDC transport.py 558 DEBUG Configuring DNS (named) transport.py 558 DEBUG [1/12]: generating rndc key file transport.py 558 DEBUG [2/12]: adding DNS container transport.py 558 DEBUG [3/12]: setting up our zone transport.py 558 DEBUG [4/12]: setting up reverse zone transport.py 558 DEBUG [5/12]: setting up our own record transport.py 558 DEBUG [6/12]: setting up records for other masters transport.py 558 DEBUG [7/12]: adding NS record to the zones transport.py 558 DEBUG [8/12]: setting up kerberos principal transport.py 558 DEBUG [9/12]: setting up named.conf transport.py 558 DEBUG [10/12]: setting up server configuration transport.py 558 DEBUG [11/12]: configuring named to start on boot transport.py 558 DEBUG [12/12]: changing resolv.conf to point to ourselves transport.py 558 DEBUG Done configuring DNS (named). transport.py 558 DEBUG Restarting the web server to pick up resolv.conf changes transport.py 558 DEBUG Configuring DNS key synchronization service (ipa-dnskeysyncd) transport.py 558 DEBUG [1/7]: checking status transport.py 558 DEBUG [2/7]: setting up bind-dyndb-ldap working directory transport.py 558 DEBUG [3/7]: setting up kerberos principal transport.py 558 DEBUG [4/7]: setting up SoftHSM transport.py 558 DEBUG [5/7]: adding DNSSEC containers transport.py 558 DEBUG [6/7]: creating replica keys transport.py 558 DEBUG [7/7]: configuring ipa-dnskeysyncd to start on boot transport.py 558 DEBUG Done configuring DNS key synchronization service (ipa-dnskeysyncd). transport.py 558 DEBUG Restarting ipa-dnskeysyncd transport.py 558 DEBUG Restarting named transport.py 558 DEBUG Updating DNS system records transport.py 558 DEBUG Configuring client side components transport.py 558 DEBUG Using existing certificate '/etc/ipa/ca.crt'. transport.py 558 DEBUG Client hostname: master.ipa.test transport.py 558 DEBUG Realm: IPA.TEST transport.py 558 DEBUG DNS Domain: ipa.test transport.py 558 DEBUG IPA Server: master.ipa.test transport.py 558 DEBUG BaseDN: dc=ipa,dc=test transport.py 558 DEBUG Configured sudoers in /etc/nsswitch.conf transport.py 558 DEBUG Configured /etc/sssd/sssd.conf transport.py 558 DEBUG Systemwide CA database updated. transport.py 558 DEBUG Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub transport.py 558 DEBUG Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub transport.py 558 DEBUG Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub transport.py 558 DEBUG SSSD enabled transport.py 558 DEBUG Configured /etc/openldap/ldap.conf transport.py 558 DEBUG Configured /etc/ssh/ssh_config transport.py 558 DEBUG Configured /etc/ssh/sshd_config transport.py 558 DEBUG Configuring ipa.test as NIS domain. transport.py 558 DEBUG Client configuration complete. transport.py 558 DEBUG The ipa-client-install command was successful transport.py 558 DEBUG This program will set up FreeIPA client. transport.py 558 DEBUG Version 4.7.91.dev transport.py 558 DEBUG transport.py 558 DEBUG transport.py 558 DEBUG The ipa-server-install command was successful transport.py 558 DEBUG transport.py 558 DEBUG ============================================================================== transport.py 558 DEBUG Setup complete transport.py 558 DEBUG transport.py 558 DEBUG Next steps: transport.py 558 DEBUG 1. You must make sure these network ports are open: transport.py 558 DEBUG TCP Ports: transport.py 558 DEBUG * 80, 443: HTTP/HTTPS transport.py 558 DEBUG * 389, 636: LDAP/LDAPS transport.py 558 DEBUG * 88, 464: kerberos transport.py 558 DEBUG * 53: bind transport.py 558 DEBUG UDP Ports: transport.py 558 DEBUG * 88, 464: kerberos transport.py 558 DEBUG * 53: bind transport.py 558 DEBUG * 123: ntp transport.py 558 DEBUG transport.py 558 DEBUG 2. You can now obtain a kerberos ticket using the command: 'kinit admin' transport.py 558 DEBUG This ticket will allow you to use the IPA tools (e.g., ipa user-add) transport.py 558 DEBUG and the web user interface. transport.py 558 DEBUG transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['firewall-cmd', '--add-service', 'freeipa-ldap', '--add-service', 'freeipa-ldaps', '--add-service', 'dns'] transport.py 513 DEBUG RUN ['firewall-cmd', '--add-service', 'freeipa-ldap', '--add-service', 'freeipa-ldaps', '--add-service', 'dns'] transport.py 558 DEBUG success transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['firewall-cmd', '--add-service', 'freeipa-ldap', '--add-service', 'freeipa-ldaps', '--add-service', 'dns', '--permanent'] transport.py 513 DEBUG RUN ['firewall-cmd', '--add-service', 'freeipa-ldap', '--add-service', 'freeipa-ldaps', '--add-service', 'dns', '--permanent'] transport.py 558 DEBUG success transport.py 217 DEBUG Exit code: 0 tasks.py 300 INFO Set LDAP debug level transport.py 318 INFO RUN ['ldapmodify', '-x', '-D', 'cn=Directory Manager', '-w', 'Secret.123'] transport.py 513 DEBUG RUN ['ldapmodify', '-x', '-D', 'cn=Directory Manager', '-w', 'Secret.123'] transport.py 558 DEBUG modifying entry "cn=config" transport.py 558 DEBUG transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['sed', '-i', '/debug_level = 7/d', '/etc/sssd/sssd.conf'] transport.py 513 DEBUG RUN ['sed', '-i', '/debug_level = 7/d', '/etc/sssd/sssd.conf'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['sed', '-i', '/\\[*\\]/ a\\debug_level = 7', '/etc/sssd/sssd.conf'] transport.py 513 DEBUG RUN ['sed', '-i', '/\\[*\\]/ a\\debug_level = 7', '/etc/sssd/sssd.conf'] transport.py 217 DEBUG Exit code: 0 __init__.py 261 INFO Adding master.ipa.test:/var/log/sssd to list of logs to collect transport.py 301 DEBUG STAT /bin/systemctl transport.py 318 INFO RUN ['systemctl', 'stop', 'sssd'] transport.py 513 DEBUG RUN ['systemctl', 'stop', 'sssd'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN find /var/lib/sss/db -name '*.ldb' | xargs rm -fv transport.py 513 DEBUG RUN find /var/lib/sss/db -name '*.ldb' | xargs rm -fv transport.py 558 DEBUG removed '/var/lib/sss/db/config.ldb' transport.py 558 DEBUG removed '/var/lib/sss/db/timestamps_ipa.test.ldb' transport.py 558 DEBUG removed '/var/lib/sss/db/cache_implicit_files.ldb' transport.py 558 DEBUG removed '/var/lib/sss/db/timestamps_implicit_files.ldb' transport.py 558 DEBUG removed '/var/lib/sss/db/cache_ipa.test.ldb' transport.py 558 DEBUG removed '/var/lib/sss/db/sssd.ldb' transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['rm', '-fv', '/var/lib/sss/mc/group'] transport.py 513 DEBUG RUN ['rm', '-fv', '/var/lib/sss/mc/group'] transport.py 558 DEBUG removed '/var/lib/sss/mc/group' transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['rm', '-fv', '/var/lib/sss/mc/passwd'] transport.py 513 DEBUG RUN ['rm', '-fv', '/var/lib/sss/mc/passwd'] transport.py 558 DEBUG removed '/var/lib/sss/mc/passwd' transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['systemctl', 'start', 'sssd'] transport.py 513 DEBUG RUN ['systemctl', 'start', 'sssd'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['kinit', 'admin'] transport.py 513 DEBUG RUN ['kinit', 'admin'] transport.py 558 DEBUG Password for admin@IPA.TEST: transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ipa', 'dnszone-mod', 'ipa.test', '--default-ttl', '1', '--ttl', '1'] transport.py 513 DEBUG RUN ['ipa', 'dnszone-mod', 'ipa.test', '--default-ttl', '1', '--ttl', '1'] transport.py 558 DEBUG ipa: WARNING: Service named-pkcs11.service requires restart on IPA server <all IPA DNS servers> to apply configuration changes. transport.py 558 DEBUG Zone name: ipa.test. transport.py 558 DEBUG Active zone: TRUE transport.py 558 DEBUG Authoritative nameserver: master.ipa.test. transport.py 558 DEBUG Administrator e-mail address: hostmaster.ipa.test. transport.py 558 DEBUG SOA serial: 1562080587 transport.py 558 DEBUG SOA refresh: 3600 transport.py 558 DEBUG SOA retry: 900 transport.py 558 DEBUG SOA expire: 1209600 transport.py 558 DEBUG SOA minimum: 3600 transport.py 558 DEBUG Time to live: 1 transport.py 558 DEBUG Default time to live: 1 transport.py 558 DEBUG Allow query: any; transport.py 558 DEBUG Allow transfer: none; transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['kinit', 'admin'] transport.py 513 DEBUG RUN ['kinit', 'admin'] transport.py 558 DEBUG Password for admin@IPA.TEST: transport.py 217 DEBUG Exit code: 0------------------------------ Captured log call -------------------------------
transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'does_not_exist', '--pin', 'none'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'does_not_exist', '--pin', 'none'] transport.py 558 DEBUG Failed to open does_not_exist: No such file or directory transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_nonexistent_ds_pkcs12_file 3.28
------------------------------ Captured log call -------------------------------
transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'does_not_exist', '--pin', 'none'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'does_not_exist', '--pin', 'none'] transport.py 558 DEBUG Failed to open does_not_exist: No such file or directory transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_incorect_http_pin 3.26
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'bad<pin>'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'bad<pin>'] transport.py 558 DEBUG Failed to load server.p12: incorrect password for pkcs#12 file server.p12 transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_incorect_dirsrv_pin 3.50
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'bad<pin>'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'bad<pin>'] transport.py 558 DEBUG Failed to load server.p12: incorrect password for pkcs#12 file server.p12 transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_invalid_http_cn 3.84
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The server certificate in server.p12 is not valid: invalid for server master.ipa.test transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_invalid_ds_cn 3.99
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The server certificate in server.p12 is not valid: invalid for server master.ipa.test transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_expired_http 3.83
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The server certificate in server.p12 is not valid: certutil: certificate is invalid: Peer's Certificate has expired. transport.py 558 DEBUG transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_expired_ds 4.06
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The server certificate in server.p12 is not valid: certutil: certificate is invalid: Peer's Certificate has expired. transport.py 558 DEBUG transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_http_bad_usage 3.61
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The server certificate in server.p12 is not valid: certutil: certificate is invalid: Certificate key usage inadequate for attempted operation. transport.py 558 DEBUG transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_ds_bad_usage 3.90
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The server certificate in server.p12 is not valid: certutil: certificate is invalid: Certificate key usage inadequate for attempted operation. transport.py 558 DEBUG transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_http_intermediate_ca 6.58
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_self_signed 3.39
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The full certificate chain is not present in server.p12 transport.py 558 DEBUG The ipa-server-certinstall command failed. transport.py 217 DEBUG Exit code: 1
Passed test_caless.py::TestCertInstall::()::test_valid_http 6.67
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_valid_ds 8.89
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_wildcard_http 6.34
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_wildcard_ds 9.22
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_http_san 6.13
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_ds_san 9.67
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', 'Secret.123'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_interactive_missing_http_pkcs_password 6.77
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12'] transport.py 558 DEBUG Enter private key unlock password: transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_interactive_missing_ds_pkcs_password 8.94
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12'] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Enter private key unlock password: transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_no_http_password 6.59
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', ''] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-w', 'server.p12', '--pin', ''] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_no_ds_password 8.97
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', ''] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-d', 'server.p12', '--pin', ''] transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 217 DEBUG Exit code: 0
Passed test_caless.py::TestCertInstall::()::test_http_old_options 0.76
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-w', 'server.p12', '--http-pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-w', 'server.p12', '--http-pin', 'Secret.123'] transport.py 558 DEBUG Usage: ipa-server-certinstall <-d|-w|-k> [options] <file> ... transport.py 558 DEBUG transport.py 558 DEBUG ipa-server-certinstall: error: no such option: --http-pin transport.py 217 DEBUG Exit code: 2
Passed test_caless.py::TestCertInstall::()::test_ds_old_options 0.76
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/server.p12 transport.py 318 INFO RUN ['ipa-server-certinstall', '-d', 'server.p12', '--dirsrv-pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-d', 'server.p12', '--dirsrv-pin', 'Secret.123'] transport.py 558 DEBUG Usage: ipa-server-certinstall <-d|-w|-k> [options] <file> ... transport.py 558 DEBUG transport.py 558 DEBUG ipa-server-certinstall: error: no such option: --dirsrv-pin transport.py 217 DEBUG Exit code: 2
Passed test_caless.py::TestCertInstall::()::test_anon_pkinit_with_external_CA 56.44
------------------------------ Captured log call -------------------------------
transport.py 329 INFO PUT /ipatests/ca2_crt.pem transport.py 318 INFO RUN ['ipa-cacert-manage', 'install', '/ipatests/ca2_crt.pem'] transport.py 513 DEBUG RUN ['ipa-cacert-manage', 'install', '/ipatests/ca2_crt.pem'] transport.py 558 DEBUG The ipa-cacert-manage command was successful transport.py 558 DEBUG Installing CA certificate, please wait transport.py 558 DEBUG Verified CN=CA,O=Other Example Organization transport.py 558 DEBUG CA certificate successfully installed transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['ipa-certupdate'] transport.py 513 DEBUG RUN ['ipa-certupdate'] transport.py 558 DEBUG Systemwide CA database updated. transport.py 558 DEBUG Systemwide CA database updated. transport.py 558 DEBUG The ipa-certupdate command was successful transport.py 217 DEBUG Exit code: 0 transport.py 329 INFO PUT /ipatests/ca2_kdc_crt.pem transport.py 318 INFO RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-k', 'ca2_kdc_crt.pem', '--pin', 'Secret.123'] transport.py 513 DEBUG RUN ['ipa-server-certinstall', '-p', 'Secret.123', '-k', 'ca2_kdc_crt.pem', '--pin', 'Secret.123'] transport.py 558 DEBUG Please restart ipa services after installing certificate (ipactl restart) transport.py 558 DEBUG The ipa-server-certinstall command was successful transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['systemctl', 'restart', 'krb5kdc'] transport.py 513 DEBUG RUN ['systemctl', 'restart', 'krb5kdc'] transport.py 217 DEBUG Exit code: 0 transport.py 318 INFO RUN ['kinit', '-n'] transport.py 513 DEBUG RUN ['kinit', '-n'] transport.py 217 DEBUG Exit code: 0