On Thu, 6 Aug 2020 19:16:58 +0200 Florence Blanc-Renaud via FreeIPA-users <[email protected]> wrote:
> On 8/6/20 6:35 PM, Khurrum Maqb via FreeIPA-users wrote: > > However, `/etc/ipa/ca.crt` changed in file size AND the filesystem > > modified data changed to the time where ipa-certupdate was ran > > today. but the output of `openssl x509 -inform pem -enddate -noout > > -in /etc/ipa/ca.crt` is still "notAfter=Aug 10 21:29:31 2020 GMT" > `openssl x509` has a limitation when used with a PEM file that > contains multiple certificates: it displays the information for the > first cert only. If you want to see all the certs, you can use > instead: openssl crl2pkcs7 -nocrl -certfile /etc/ipa/ca.crt | openssl > pkcs7 -print_certs -text -noout It is also possible to use certtool [1] to get all the information `certtool -i --infile /etc/ipa/ca.crt` [1] certtool is provided by the gnutls-utils package. -- Stefan Ubbink DNS & Systems Engineer Present: Mon, Tue, Wed, Fri SIDN | Meander 501 | 6825 MD | ARNHEM | The Netherlands T +31 (0)26 352 55 00 https://www.sidn.nl
pgpXtgYGaGGnu.pgp
Description: OpenPGP digital signature
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
