John Williams wrote:
> I've inhereted an IPA infrastructure for a group in my organization.  So
> I've got a RHEL instance with a IPA 3.0.0 server with expired certs.
> 
> [root@ipa ~]# rpm -qa | grep ipa-server
> ipa-server-selinux-3.0.0-26.el6_4.2.x86_64
> ipa-server-3.0.0-26.el6_4.2.x86_64
> [root@ipa ~]# 
> 
> 
> [root@ipa ~]# getcert list

[ snip ]

> 
> [root@ipa ~]# date
> Thu Apr 10 00:13:51 EDT 2014
> [root@ipa ~]# /etc/init.d/certmonger restart
> Stopping certmonger:                                       [  OK  ]
> Starting certmonger:                                       [  OK  ]
> [root@ipa ~]# 

You are going way to far back in time AFAICT. The certs expired on April
5 of this year so you don't need to go back to 2014. Just go back to
April 3 or 4.

You'll also need to restart IPA before kicking certmonger ipactl restart

rob

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to