Good morning, That did the trick!
The root certificate and the IPA certificate were missing from /etc/httpd/nssdb. Here are few questions that is still have: From what I can understand /etc/httpd/nssdb isn't a default database. Does /etc/httpd/alias would have been updated with ipa-certupdate? I can't see any valid certificates from the web interface of FreeIPA (freeipa.qc.lrtech.ca/ipa/ui/#/e/cert/search) even if they are valid with certmonger (getcert list). Before I was able to see them. The documentation of ipa-certupdate say "Update local IPA certificate databases with certificates from the server". From where on the server? Is it in LDAP server? Firefox still showing me SEC_ERROR_REUSED_ISSUER_AND_SERIAL. Any idea other then looking at the certificate serial? This is simply annoying, but not the end of the world since Chrome is working just fine. Thanks again for your time. Eric _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
