Ipa server: rhel7.2,  ipa ping ="IPA server version 4.2.0. API version 2.156"

In order to use ldap through load balancer, I added an alternative dns name to 
ipa server certificate.
ipa-getcert resubmit -i <id>  -D newname.differentdomaine.net

It all seemed well, the extra name was entered into the certificate, expiration 
day 2018-04-27 12:20:55 UTC.
and I can access ldaps through the load balancer.

But in /var/log/dirsrv/slapd-*/acces I see a lot of  "SSL peer cannot verify 
your certificate"  and cert operations
are gone:

idm1:~$ ipa cert-find
ipa: ERROR: Certificate operation cannot be completed: Unable to communicate 
with CMS (Internal Server Error)

Anybody have an idea of what I missed?

Venlig hilsen

Bjarne Blichfeldt

Infrastructure Services

Direkte +4563636119

Mobile +4521593270



JN Data A/S


Havsteensvej 4


4000 Roskilde

Telefon 63 63 63 63/ Fax 63 63 63 64


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to