I did a kinit with my admin user and enter the password. Now ipa-certupdate -v return:
# ipa-certupdate -v ipa.ipaclient.ipa_certupdate.CertUpdate: DEBUG: Not logging to a file ipa: DEBUG: Loading Index file from '/var/lib/ipa-client/sysrestore/sysrestore.index' ipa: DEBUG: Starting external process ipa: DEBUG: args=keyctl search @s user ipa_session_cookie:ad...@qc.lrtech.ca ipa: DEBUG: Process finished, return code=1 ipa: DEBUG: stdout= ipa: DEBUG: stderr=keyctl_search: Required key not available ipa.ipaclient.plugins.rpcclient.rpcclient: DEBUG: failed to find session_cookie in persistent storage for principal 'ad...@qc.lrtech.ca' ipa.ipaclient.plugins.rpcclient.rpcclient: INFO: trying https://freeipa.qc.lrtech.ca/ipa/json ipa.ipaclient.plugins.rpcclient.rpcclient: DEBUG: Created connection context.rpcclient_26500816 ipa.ipaclient.plugins.rpcclient.rpcclient: INFO: Forwarding 'schema' to json server 'https://freeipa.qc.lrtech.ca/ipa/json' ipa: DEBUG: NSSConnection init freeipa.qc.lrtech.ca ipa: DEBUG: Connecting: IP_ADDRESS:0 ipa: ERROR: cert validation failed for "CN=freeipa.qc.lrtech.ca,O=QC.LRTECH.CA" ((SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired.) ipa.ipaclient.plugins.rpcclient.rpcclient: DEBUG: Destroyed connection context.rpcclient_26500816 ipa.ipaclient.ipa_certupdate.CertUpdate: DEBUG: File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 171, in execute return_value = self.run() File "/usr/lib/python2.7/site-packages/ipaclient/ipa_certupdate.py", line 54, in run api.finalize() File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 707, in finalize self.__do_if_not_done('load_plugins') File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 422, in __do_if_not_done getattr(self, name)() File "/usr/lib/python2.7/site-packages/ipalib/plugable.py", line 585, in load_plugins for package in self.packages: File "/usr/lib/python2.7/site-packages/ipalib/__init__.py", line 919, in packages ipaclient.remote_plugins.get_package(self), File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/__init__.py", line 118, in get_package plugins = schema.get_package(server_info, client) File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/schema.py", line 543, in get_package schema = Schema(client) File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/schema.py", line 387, in __init__ fingerprint, ttl = self._fetch(client, ignore_cache=read_failed) File "/usr/lib/python2.7/site-packages/ipaclient/remote_plugins/schema.py", line 426, in _fetch schema = client.forward(u'schema', **kwargs)['result'] File "/usr/lib/python2.7/site-packages/ipalib/rpc.py", line 1000, in forward raise NetworkError(uri=server, error=str(e)) ipa.ipaclient.ipa_certupdate.CertUpdate: DEBUG: The ipa-certupdate command failed, exception: NetworkError: cannot connect to 'https://freeipa.qc.lrtech.ca/ipa/json': (SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired. ipa.ipaclient.ipa_certupdate.CertUpdate: ERROR: cannot connect to 'https://freeipa.qc.lrtech.ca/ipa/json': (SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired. ipa.ipaclient.ipa_certupdate.CertUpdate: ERROR: The ipa-certupdate command failed. Sorry for asking trivial quesions I'm new to FreeIPA. Eric _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure