hi, yet another certificate authority question.
We have a centos 6.5 ipa environment with two domain controllers (kdc01, kdc02). The first one is the first replica and maintains the crl (or so it should). Recently our monitoring warned us that the web host certificate for kdc01 was about to expire. And it auto-renewed this weeked, with was great. But if I go to the crl url (http://kdc01.domain.tld/ipa.crl ) all the files I see are very old (the MasterCRL.bin file is dated 28 june 2013), and on the kdc02 it is newer (July 2 2013). Am I looking at the wrong urls? How can I check that the crl is ok? Thanks in advance for your tips. -- Groeten, natxo -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project