Hi, the attached patch fixes <https://fedorahosted.org/freeipa/ticket/4820>.
Honza -- Jan Cholasta
>From 22fa93d3a35321860c8a380b4ae57c7bbd8c8111 Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Thu, 8 Jan 2015 16:01:42 +0000 Subject: [PATCH] Fix CA certificate renewal syslog alert https://fedorahosted.org/freeipa/ticket/4820 --- install/certmonger/dogtag-ipa-ca-renew-agent-submit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/certmonger/dogtag-ipa-ca-renew-agent-submit b/install/certmonger/dogtag-ipa-ca-renew-agent-submit index c63c0c2..3c6e817 100755 --- a/install/certmonger/dogtag-ipa-ca-renew-agent-submit +++ b/install/certmonger/dogtag-ipa-ca-renew-agent-submit @@ -403,7 +403,7 @@ def renew_ca_cert(): if state == 'retrieve': result = call_handler(retrieve_cert) - if result[0] == WAIT_WITH_DELAY and not is_self_signed: + if result[0] == REJECTED and not is_self_signed: syslog.syslog(syslog.LOG_ALERT, "IPA CA certificate is about to expire, " "use ipa-cacert-manage to renew it") -- 2.1.0
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel