Sean McLennan via FreeIPA-users wrote: > Went onto my IPA server today to discover the certificate had not been > automatically renewed. It's a self-signed cert. > > I set the date back before the expiry and tried: > ipa-cacert-manage renew > > which results in: > > 'NoneType' object has no attribute 'is_self_signed' > The ipa-cacert-manage command failed. > > adding '--self-signed' just punts the same error to another attribute: > Renewing CA certificate, please wait > 'NoneType' object has no attribute 'issuer' > The ipa-cacert-manage command failed. > > I assume the same thing caused the autorenewal to not happen. Any > recommendations? IPA version is 4.6.90.pre1+git20180411, API_VERSION: 2.229 > which I know is old. It's on an old Ubuntu distro that I can't upgrade > without destroying and I've have tried many times to replicate the thing to a > different VM but have yet to successfully do so.
What certificate had not been renewed? This command renews the CA certificate itself which by default is good for 20 years. This is likely not the command you need. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
