Eric Boisvert via FreeIPA-users wrote: > Good morning, > > That did the trick! > > The root certificate and the IPA certificate were missing from > /etc/httpd/nssdb. > > > Here are few questions that is still have: > > From what I can understand /etc/httpd/nssdb isn't a default database. Does > /etc/httpd/alias would have been updated with ipa-certupdate?
/etc/httpd/alias is only updated by ipa-certupdate on an IPA server. > > I can't see any valid certificates from the web interface of FreeIPA > (freeipa.qc.lrtech.ca/ipa/ui/#/e/cert/search) even if they are valid with > certmonger (getcert list). Before I was able to see them. Are they visible from the command-line, ipa cert-find ? > The documentation of ipa-certupdate say "Update local IPA certificate > databases with certificates from the server". From where on the server? Is it > in LDAP server? In LDAP under cn=certificates,cn=ipa,cn=etc,dc=example,dc=test > Firefox still showing me SEC_ERROR_REUSED_ISSUER_AND_SERIAL. Any idea other > then looking at the certificate serial? This is simply annoying, but not the > end of the world since Chrome is working just fine. All Firefox or just one instance? rob > > Thanks again for your time. > Eric > > > > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
