Rob Crittenden wrote: > Megan . wrote: >> Good Day! >> >> I am getting an error when i register new clients. >> >> libcurl failed to execute the HTTP POST transaction. SSL connect error >> >> I can't find anything useful not the internet about the error. Can >> someone help me troubleshoot? >> >> CentOS 6.6 x64 >> ipa-client-3.0.0-42.el6.centos.x86_64 >> ipa-server-3.0.0-42.el6.centos.x86_64 >> curl-7.19.7-40.el6_6.1.x86_64 > > Do you have NSS_DEFAULT_DB_TYPE set to sql? I don't know that we've done > any testing on the client with this set.
Never mind, that's not it. The problem is: * NSS error -8054 Which is SEC_ERROR_REUSED_ISSUER_AND_SERIAL So I'd do this: # rm /etc/ipa/ca.crt You may also want to ensure that the IPA CA certificate isn't in /etc/pki/nssdb: # certutil -L -d /etc/pki/nssdb And then perhaps # certutil -D -n 'IPA CA' -d /etc/pki/nssdb rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project