Please keep freeipa-users in CC, there si no sensitive information in getcert list output (you sanitized it)



Folowing certificates are expired, please try to to resubmit them. I'm also worried about this error message: ca-error: Error setting up ccache for local "host" service using default keytab: Cannot contact any KDC for realm '<MYREALM>'.

is KDC running?


Request ID '20140528063919':
        status: MONITORING
ca-error: Error setting up ccache for local "host" service using default keytab: Cannot contact any KDC for realm '<MYREALM>'.
        stuck: no
key pair storage: type=NSSDB,location='/etc/dirsrv/slapd-<MYREALM>',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/dirsrv/slapd-<MYREALM>/pwdfile.txt' certificate: type=NSSDB,location='/etc/dirsrv/slapd-<MYREALM>',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=<MYREALM>
        subject: CN=<IPA SERVER HOST>,O=<MYREALM>
        expires: 2016-05-28 06:39:18 UTC
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command:
post-save command: /usr/lib64/ipa/certmonger/restart_dirsrv <MYREALM>
        track: yes
        auto-renew: yes
Request ID '20140528063953':
        status: MONITORING
ca-error: Error setting up ccache for local "host" service using default keytab: Cannot contact any KDC for realm '<MYREALM>'.
        stuck: no
key pair storage: type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/dirsrv/slapd-PKI-IPA/pwdfile.txt' certificate: type=NSSDB,location='/etc/dirsrv/slapd-PKI-IPA',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=<MYREALM>
        subject: CN=<IPA SERVER HOST>,O=<MYREALM>
        expires: 2016-05-28 06:39:52 UTC
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command:
post-save command: /usr/lib64/ipa/certmonger/restart_dirsrv PKI-IPA
        track: yes
        auto-renew: yes
Request ID '20140528064145':
        status: MONITORING
ca-error: Error setting up ccache for local "host" service using default keytab: Cannot contact any KDC for realm '<MYREALM>'.
        stuck: no
key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt' certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB'
        CA: IPA
        issuer: CN=Certificate Authority,O=<MYREALM>
        subject: CN=<IPA SERVER HOST>,O=<MYREALM>
        expires: 2016-05-28 06:41:44 UTC
        eku: id-kp-serverAuth,id-kp-clientAuth
        pre-save command:
        post-save command: /usr/lib64/ipa/certmonger/restart_httpd
        track: yes
        auto-renew: yes

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to