On 11/14/2014 08:02 AM, pki tech wrote:
Dear All,
In our Issuing CA, all the subsystem certificates are expired except the
caSigningCert.
I can generate the new certificate requests via certutil, but how can i get
them signed?
your swift response is appreciated.
Regards,
Kamal
What IPA version did you use? We have a related howto article on FreeIPA.org
wiki with instructions what to do when PKI subsystem certificate expire:
http://www.freeipa.org/page/IPA_2x_Certificate_Renewal
Also CCing Jan who owns the PKI knowledge.
Martin
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project