Jeremy Tourville via FreeIPA-users wrote: > 0.7-14 So RHEL (based) 8.7.0.
This is fixed in the 0.12 upstream release. The only workaround, untested, is to change the trust to CT,C,C of the subCA in your NSS database. You'd likely have to reset it every time ipa-certupdate is executed. I can't think of any side-effects from doing this but it is completely untested. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
