-----BEGIN PGP SIGNED MESSAGE-----
On 11/25/2013 11:09 AM, Rob Crittenden wrote:
> Erinn Looney-Triggs wrote:
>> Folks just wanted to touch base again before the American holiday
>> season starts. My CA, which is subordinate to AD CS will be
>> expiring on December 9th, I submitted a bug, y'all drew up docs
>> etc for a plan (thanks). Now I just wanted to see how it was
>> going and if need be what manual steps I will need to take to
>> renew the certificate.
>> Thanks again for the great work,
> We're working on an a set of tools to make this easier. For now
> I've appended some manual instructions onto a page still in
> Some parts may be still be a little rough or hard to understand.
> Let me know if you have any problems or corrections.
Thanks for the instructions, a few questions.
What sort of interruption in service could this create?
Can you expand on this section a little bit:
Replace the value of ca.signing.cert in /etc/pki-ca/CS.cfg. This is
the base64 value of the certificate. You can obtain this by removing
the BEGIN/END blocks from ipa.crt and compressing it into a single line.
Thanks and happy Thanksgiving,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
-----END PGP SIGNATURE-----
Freeipa-users mailing list