John Williams wrote: > I've inhereted an IPA infrastructure for a group in my organization. So > I've got a RHEL instance with a IPA 3.0.0 server with expired certs. > > [root@ipa ~]# rpm -qa | grep ipa-server > ipa-server-selinux-3.0.0-26.el6_4.2.x86_64 > ipa-server-3.0.0-26.el6_4.2.x86_64 > [root@ipa ~]# > > > [root@ipa ~]# getcert list
[ snip ] > > [root@ipa ~]# date > Thu Apr 10 00:13:51 EDT 2014 > [root@ipa ~]# /etc/init.d/certmonger restart > Stopping certmonger: [ OK ] > Starting certmonger: [ OK ] > [root@ipa ~]# You are going way to far back in time AFAICT. The certs expired on April 5 of this year so you don't need to go back to 2014. Just go back to April 3 or 4. You'll also need to restart IPA before kicking certmonger ipactl restart rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
