Hi, 

I have an issue with my freeipa server. 

The certificates expired and I can't resubmit. 

I put the date before the expiration of the certs. 

The result of ipa-getcert list : 


Number of certificates and requests being tracked: 8. 
Request ID '20150805183502': 
status: MONITORING 
ca-error: Error setting up ccache for "host" service on client using default 
keytab: Clients credentials have been revoked. 
stuck: no 
key pair storage: 
type=NSSDB,location='/etc/dirsrv/slapd-VIT-LAN',nickname='Server-Cert',token='NSS
 Certificate DB',pinfile='/etc/dirsrv/slapd-VIT-LAN/pwdfile.txt' 
certificate: 
type=NSSDB,location='/etc/dirsrv/slapd-VIT-LAN',nickname='Server-Cert',token='NSS
 Certificate DB' 
CA: IPA 
issuer: CN=Certificate Authority,O=VIT.LAN 
subject: CN=auth0.vit.lan,O=VIT.LAN 
expires: 2017-08-05 18 :35:02 UTC 
key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment 
eku: id-kp-serverAuth,id-kp-clientAuth 
pre-save command: 
post-save command: 
track: yes 
auto-renew: yes 
Request ID '20150805183539': 
status: MONITORING 
ca-error: Error setting up ccache for "host" service on client using default 
keytab: Clients credentials have been revoked. 
stuck: no 
key pair storage: 
type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS
 Certificate DB',pinfile='/etc/dirsrv/slapd-PKI-IPA/pwdfile.txt' 
certificate: 
type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS
 Certificate DB' 
CA: IPA 
issuer: CN=Certificate Authority,O=VIT.LAN 
subject: CN=auth0.vit.lan,O=VIT.LAN 
expires: 2017-08-05 18 :35:39 UTC 
key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment 
eku: id-kp-serverAuth,id-kp-clientAuth 
pre-save command: 
post-save command: 
track: yes 
auto-renew: yes 
Request ID '20150805183647': 
status: MONITORING 
ca-error: Error setting up ccache for "host" service on client using default 
keytab: Clients credentials have been revoked. 
stuck: no 
key pair storage: 
type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS 
Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt' 
certificate: 
type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS 
Certificate DB' 
CA: IPA 
issuer: CN=Certificate Authority,O=VIT.LAN 
subject: CN=auth0.vit.lan,O=VIT.LAN 
expires: 2017-08-05 18 :36:47 UTC 
key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment 
eku: id-kp-serverAuth,id-kp-clientAuth 
pre-save command: 
post-save command: 
track: yes 
auto-renew: yes 

If someone can help me with this issue ? It will be very helpful 

Directory Service: RUNNING 
KDC Service: RUNNING 
KPASSWD Service: RUNNING 
MEMCACHE Service: RUNNING 
HTTP Service: RUNNING 
CA Service: RUNNING 
ADTRUST Service: RUNNING 
EXTID Service: RUNNING 

FreeIpa V3. 

Thank you 

Julien Honore 
        


_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to