Julian Gethmann via FreeIPA-users wrote:
> Unfortunately I don't know when this problem occurred first, but it may
> have occurred after an update.
> The httpd does not start and aborts with the error
> [:info] [pid 15383] Using nickname Server-Cert.
> [...] [:error] [pid 15383] Certificate not found: 'Server-Cert'
> when I want to start FreeIPA via "systemctl start ipa" or "ipactl start"
> or "systemctl start httpd"
> If I turn the NSSEngine off it starts of cause.
> In contrast to this message "ipa-getcert list -d /etc/httpd/alias/ -n
> Server-Cert" does find a certificate, if I get the output  right.
ipa-getcert shows certs that are tracked by certmonger but doesn't
guarantee that those certificates actually exist in the filesystem (they
did at the time tracking was started).
You need to look at the Apache NSS database:
# certutil -L -d /etc/httpd/alias
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org