On Wed, Aug 09, 2017 at 01:32:43PM +0200, Michael Gusek via FreeIPA-users wrote:
> Hello Rob,
> i can understand why CA won't start with expired certs. Actually my
> system date is a day before expiring (expiring date is 30 Jul 2017,
> system date now 29 Jul 2017), but CA won't start. How to "ensure that
> the CA comes up" ?
There are couple of certificate selftests run at startup, you can see
the logs at
If any of them fails, CA won't start. You will have to fix the situation
test to fail or disabled them alltogether (/etc/pki/pki-tomcat/ca/CS.cfg, look
Tomasz Torcz ,,(...) today's high-end is tomorrow's embedded processor.''
xmpp: zdzich...@chrome.pl -- Mitchell Blank on LKML
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org