No-one has any idea here ? My Root Cert is installed OK.

# certutil -d /etc/pki/pki-tomcat/alias/ -L

Certificate Nickname                                         Trust Attributes

ocspSigningCert cert-pki-ca                                  u,u,u
subsystemCert cert-pki-ca                                    u,u,u
COMODOExternalCARoot                                         C,C,C
COMODORSADomainValidationSecureServerCA                      C,C,C
Server-Cert cert-pki-ca                                      u,u,u
auditSigningCert cert-pki-ca                                 u,u,Pu
caSigningCert cert-pki-ca                                    CTu,Cu,Cu
COMODORSAAddTrustCA                                          C,C,C

I hope this helps.



2016-10-01 17:04 GMT+02:00 Matt . <yamakasi....@gmail.com>:
> Hi guys,
> I have installed successfully an external CA Certificate for
> https/LDAP but now I get this on my ipa-commands:
> ipa domainlevel-get
> ipa: ERROR: cert validation failed for
> "CN=*.mysubdomain.ipa.mydomain.tld,OU=PositiveSSL Wildcard,OU=Domain
> Control Validated" ((SEC_ERROR_UNTRUSTED_ISSUER) Peer's certificate
> issuer has been marked as not trusted by the user.)
> What can cause this ?
> I'm on FreeIPA, version: 4.4.1
> I hope we can sort this out.
> Thanks,
> Matt

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to