the error is The KDC certificate in cert.pem, privkey.pem is not valid: invalid for a KDC
________________________________ From: Charles Hedrick via FreeIPA-users <[email protected]> Sent: Wednesday, June 15, 2022 3:39 PM To: [email protected] <[email protected]> Cc: Charles Hedrick <[email protected]> Subject: [Freeipa-users] ipa-server-certinstall -k ipa-server-certinstall works fine for http and ldap. But I can't get the -k option to work. I've tried cert.pem and privkey.pem with and without chain.pem, as well as fullchain.pem and privkey.pem (fullchain has both the cert and the chain). The certs were issued by Internet2, which chains up to addtrust. kinit -n works fine if I install the pem files manually, so presumably my files are valid.
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
