Hello,

_This command is executed at IPA Client_:
# date;ipa-getcert request -vvv -T SubjectAlternateNamesCert -R -K 
TEST/$(hostname) -E <>@<> <mailto:fabian.seelb...@ble.de> -f 
opt/certs/test3.crt -k /opt/certs/test3.key -X BLE-IDM-SUB1
Wed Feb 14 07:54:49 CET 2018
Certificate at same location is already used by request with nickname 
"201802070                                                                      
                                                         95750".
Error org.fedorahosted.certmonger.duplicate: Certificate at same location is 
already used by request with nickname "20180207095750".

# ipa-getcert stop-tracking --id "20180207095750"
Request "20180207095750" removed.

# date;ipa-getcert request -vvv -T SubjectAlternateNamesCert -R -K 
TEST/$(hostname) -E <>@<> <mailto:fabian.seelb...@ble.de> -f 
/opt/certs/test3.crt -k /opt/certs/test3.key -X BLE-IDM-SUB1
Wed Feb 14 07:55:19 CET 2018
New signing request "20180214065519" added.

# getcert list -i "20180214065519"
Number of certificates and requests being tracked: 1.
Request ID '20180214065519':
        status: CA_REJECTED
        ca-error: Server at https://<>/ipa/xml 
<https://dpgrridm0577.idm.ble.de/ipa/xml> denied our request, giving up: 3009 
(RPC failed at server.  invalid 'csr': subject alt name type RFC822Name is 
forbidden for non-user principals).
        stuck: yes
        key pair storage: type=FILE,location='/opt/certs/test3.key'
        certificate: type=FILE,location='/opt/certs/test3.crt'
        CA: IPA
        issuer:
        subject:
        expires: unknown
        pre-save command:
        post-save command:
        track: yes
        auto-renew: no




Thanks
Amit
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to