Jim Richard wrote:
> Honestly Im not even sure if something is not working correctly :)
> All I know is that my httpd, access and krb5 logs are filling up all my
> disk space extremely quickly and I have no idea why.
> Centos 6.8 + IPA 3.0
> One master and one replica.
> Are these things related?
> How do I fix, where do I even start?
> Thanks !
> On the replica the httpd log is constantly getting spammed with:
> [Thu Nov 24 05:55:18 2016] [error] ipa: INFO:
> cert_request(uactual cert removed
.. , add=True): ACIError
> and on the master the access log is filling up quickly with:
> 10.1.41.110 - - [24/Nov/2016:06:09:54 +0000] "POST
> /ca/agent/ca/displayBySerial HTTP/1.1" 200 10106
Looks like certmonger trying to renew the per-client SSL certificate.
You can confirm by pulling out the CSR and poking at it with openssl req.
On the client you can try running: ipa-getcert list
This may show more details on why the request was rejected.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project