Hi,
No-one has any idea here ? My Root Cert is installed OK.
# certutil -d /etc/pki/pki-tomcat/alias/ -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
ocspSigningCert cert-pki-ca u,u,u
subsystemCert cert-pki-ca u,u,u
COMODOExternalCARoot C,C,C
COMODORSADomainValidationSecureServerCA C,C,C
Server-Cert cert-pki-ca u,u,u
auditSigningCert cert-pki-ca u,u,Pu
caSigningCert cert-pki-ca CTu,Cu,Cu
COMODORSAAddTrustCA C,C,C
I hope this helps.
Cheers,
Matt
2016-10-01 17:04 GMT+02:00 Matt . <yamakasi....@gmail.com>:
> Hi guys,
>
> I have installed successfully an external CA Certificate for
> https/LDAP but now I get this on my ipa-commands:
>
> ipa domainlevel-get
>
> ipa: ERROR: cert validation failed for
> "CN=*.mysubdomain.ipa.mydomain.tld,OU=PositiveSSL Wildcard,OU=Domain
> Control Validated" ((SEC_ERROR_UNTRUSTED_ISSUER) Peer's certificate
> issuer has been marked as not trusted by the user.)
>
> What can cause this ?
>
> I'm on FreeIPA, version: 4.4.1
>
> I hope we can sort this out.
>
> Thanks,
>
> Matt
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
