Hi Fraser, Thanks for the quick reply. We had tried the --ca-subject before with no success.. It turns out the problem was with the order of the components in the DN. Your comment helped to go through the contents of the files once more. :)
The csr had: Subject: CN = XXxXxxX YYyY,O = XXxX XxX,C = XX Whereas the certificate returned by the root-ca had: Subject: C = XX,O = XXxX XxX,CN = XXxXxxX YYyY FreeIPA was giving a clear enough message.. ipapython.admintool: ERROR IPA CA certificate with subject 'CN=XXxXXX,O=XXxXX,C=XX' was not found in /root/server.crt,/root/ca.crt. Regards, Anestis _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
