Hi, We have two replicated ipa-server-4.9.11-5.0.2.module+el8 with a wildcard cert from Sectigo for httpd and dirsrv Now I installed the third one ipa-server-4.10.2-4.0.1.el9 and it works, users can log in, replication works, etc. But while installing certificates for httpd and dirsrv ( ipa-server-certinstall -w -d mysite.key mysite.crt ) I've got an error:
ipapython.admintool: DEBUG: The ipa-server-certinstall command failed, exception: ScriptError: CA certificate CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB in mysite.key, mysite.crt is not valid: certutil: certificate is invalid: The certificate was signed using a signature algorithm that is disabled because it is not secure. As I understand this is because AAA Certificate has a Signature Algorithm: sha1WithRSAEncryption Someone know how can I fix this? -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
