Jeff Goddard wrote:
> Flo,
> 
> I'm not able to access the link you posted. I did find this thread
> though
> https://www.redhat.com/archives/freeipa-users/2015-June/msg00144.html
> <https://www.redhat.com/archives/freeipa-users/2015-June/msg00144.html>
> and have set the time back and resubmitted a request. Still no success.
> Any further hints?

You need to stop ntpd, go back in time to when the certs are valid and
restart the certmonger service.

Then use getcert list to monitor things. You really only care about the
CA subsystem certs are this point.

You may need to restart certmonger more than once to get all the certs
updated (you can manually call getcert resubmit -i <id> if you'd prefer).

Once that is done return to present day, restart ntpd then ipactl restart.

rob

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to