>>>Is this an externally-signed CA?
Yes
>>>What version of healthcheck do you have?
0.12-1
I *think* from what I am seeing this cert is valid. Can you confirm?
# getcert list -i "20230901185953"
Number of certificates and requests being tracked: 10.
Request ID '20230901185953':
status: MONITORING
stuck: no
key pair storage:
type=NSSDB,location='/etc/pki/pki-tomcat/alias',nickname='caSigningCert
cert-pki-ca cf8380c3-8e91-4bbb-9d29-924cea7134eb',token='NSS FIPS 140-2
Certificate DB',pin set
certificate:
type=NSSDB,location='/etc/pki/pki-tomcat/alias',nickname='caSigningCert
cert-pki-ca cf8380c3-8e91-4bbb-9d29-924cea7134eb',token='NSS FIPS 140-2
Certificate DB'
CA: dogtag-ipa-ca-renew-agent
issuer: CN=Certificate Authority,O=IDM.EXAMPLE.ORG
subject: CN=EXAMPLE-CA,DC=example,DC=org
issued: 2023-04-05 12:54:46 CDT
expires: 2038-01-06 09:20:42 CST
key usage: digitalSignature,nonRepudiation,keyCertSign,cRLSign
profile: caCACert
pre-save command: /usr/libexec/ipa/certmonger/stop_pkicad
post-save command: /usr/libexec/ipa/certmonger/renew_ca_cert
"caSigningCert cert-pki-ca cf8380c3-8e91-4bbb-9d29-924cea7134eb"
track: yes
auto-renew: yes
If we both agree this cert is valid, how to I clear the warning message from
healthcheck?
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
