Is this your external CA? I assume that its subject conflicts with the default subject name that IPA installer would pick. If that's the case, you can force ipa-ca-install to use a different subject name with the --ca-subject option.
flo
Done configuring certificate server (pki-tomcatd).
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.
Unexpected error - see /var/log/ipareplica-ca-install.log for details:
DuplicateEntry: This entry already exists
2023-10-09T14:55:53Z DEBUG stderr=
2023-10-09T14:55:53Z DEBUG Starting external process
2023-10-09T14:55:53Z DEBUG args=/usr/bin/certutil -d dbm:/etc/dirsrv/slapd-LIX-POLYTECHNIQUE-FR/ -A -n LIX.POLYTECHNIQUE.FR IPA CA -t CT,C,C -a -f /etc/dirsrv/slapd-LIX-POLYTECHNIQUE-FR/pwdfile.txt
2023-10-09T14:55:53Z DEBUG Process finished, return code=0
2023-10-09T14:55:53Z DEBUG stdout=
2023-10-09T14:55:53Z DEBUG stderr=
2023-10-09T14:55:53Z DEBUG File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 1015, in run_script
return_value = main_function()
File "/usr/sbin/ipa-ca-install", line 343, in main
install(safe_options, options, filename)
File "/usr/sbin/ipa-ca-install", line 279, in install
install_master(safe_options, options)
File "/usr/sbin/ipa-ca-install", line 266, in install_master
ca.install(True, None, options, custodia=custodia)
File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 255, in install
install_step_1(standalone, replica_config, options, custodia=custodia)
File "/usr/lib/python2.7/site-packages/ipaserver/install/ca.py", line 379, in install_step_1
config_ipa=True, config_compat=True)
File "/usr/lib/python2.7/site-packages/ipalib/install/certstore.py", line 372, in put_ca_cert_nss
config_ipa, config_compat)
File "/usr/lib/python2.7/site-packages/ipalib/install/certstore.py", line 239, in put_ca_cert
config_ipa=config_ipa, config_compat=config_compat)
File "/usr/lib/python2.7/site-packages/ipalib/install/certstore.py", line 152, in add_ca_cert
ldap.add_entry(entry)
File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1580, in add_entry
self.conn.add_s(str(entry.dn), list(attrs.items()))
File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1029, in error_handler
raise errors.DuplicateEntry()
2023-10-09T14:55:53Z DEBUG The ipa-ca-install command failed, exception: DuplicateEntry: This entry already exists
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
CNRS2-Standard - CNRS C,,
CA 3 CT,C,C
LIX.POLYTECHNIQUE.FR IPA CA CT,C,C
IPA3 u,u,u
CNRS2 - CNRS ,,
CA 3 CT,C,C
CA 3 CT,C,C