[root @ ldap01] /home/rocky $ ipactl status Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING httpd Service: RUNNING ipa-custodia Service: RUNNING pki-tomcatd Service: STOPPED ipa-otpd Service: RUNNING 1 service(s) are not running
starting ipa is failing for the pki-tomcatd, here are the errors I'm seeing: Mar 12 02:10:02 ldap01.app.uaap.maxar.com ipa-pki-wait-running[8783]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat%3E Mar 12 02:10:03 ldap01.app.uaap.maxar.com ipa-pki-wait-running[8783]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat%3E Mar 12 02:10:04 ldap01.app.uaap.maxar.com ipa-pki-wait-running[8783]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat%3E Mar 12 02:10:05 ldap01.app.uaap.maxar.com ipa-pki-wait-running[8783]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat%3E Mar 12 02:10:06 ldap01.app.uaap.maxar.com ipa-pki-wait-running[8783]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat%3E Mar 12 02:10:07 ldap01.app.uaap.maxar.com ipa-pki-wait-running[8783]: ipa-pki-wait-running: Request failed unexpectedly, 404 Client Error: for url: http://ldap01.app.uaap.maxar.com:8080/ca/admin/ca/getStat%3E Mar 12 02:10:08 ldap01.app.uaap.maxar.com systemd[1]: pki-tomcatd@pki-tomcat.service: Start-post operation timed out. Stopping. Mar 12 02:10:08 ldap01.app.uaap.maxar.com systemd[1]: pki-tomcatd@pki-tomcat.service: Failed with result 'timeout'. Mar 12 02:10:08 ldap01.app.uaap.maxar.com systemd[1]: Failed to start PKI Tomcat Server pki-tomcat.
$ ipa cert-find --sizelimit 10 ipa: ERROR: Certificate operation cannot be completed: Unable to communicate with CMS (503)
The catalina logs are empty, but when I run the 'ipactl start' I see port 8080 running, not sure why it can't connect. Thoughts?