On Thu, Jan 08, 2015 at 01:27:26PM -0500, John Desantis wrote:
> > Would file corruption within the file of the "Request ID" in
> > /var/lib/certmonger/request have anything to do with this?
> > autorenew=1
> > monitor=1
> > ca_name=dogtag-ipa-retrieve-agent-submit
> > ca_profile=ipaCert
> > submitted=20141228050011
> > cert=ESC[?1034h-----BEGIN CERTIFICATE-----
> > I checked a few other random client nodes (and the master) and none of
> > them are showing this corruption in their requests.
> > I attempted to fix the corruption (editing the file) and subsequently
> > restart certmonger with no luck.
Yes, that'd do it. The file is saved when the daemon exits, so you'd
need to shut it down before editing it, as Rob suggested.
Alternately, you could update certmonger to at least 0.69 and use
getcert resubmit -d /etc/httpd/alias -d ipaCert
to force it to re-fetch the data in a way that should avoid triggering
the bug in the ticket Rob linked (which was also #1032760 in Red Hat
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project