Got an issue with an IPA replica in that the certs in /etc/httpd/alias &
/etc/dirsrv/slapd-IPA-REALM have expired.
Have tried setting date back before expiry on the replica and doing an
'ipa-getcert resubmit -i <id>' but that hasn't worked it looks like the
CA master is actually rejecting it since the havent set the date back on
Error am getting on replica is ...
Request ID '20120719044839':
ca-error: Server failed request, will retry: -504 (libcurl failed
to execute the HTTP POST transaction. Peer certificate cannot be
authenticated with known CA certificates).
is there any way of forcing a re-newel or manual process for updating
these certs .. ???
thx & rgds
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project