On 6/5/20 7:50 PM, John Burns via FreeIPA-users wrote:
I have this exact same error on ipa-certupdate, after deleting certs that
expired on May 30. Were you able to find any leads in the time since this post?
ipa-certupdate is needed after "ipa-cacert-manage install" commands, prior to
ipa-server-certinstall.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Hi,
I believe this question was already answered in the thread:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org/message/FDDKNC4JXRUMSI2G4IUE6TFLS3FBRUUH/
If you forgot to run ipa-certupdate on a node, you need to add the new
CA to /etc/ipa/ca.crt and /etc/ipa/nssdb. After that, ipa-certupdate
should work.
HTH,
flo
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org