As we're enforcing encryption, here is via ldaps:
$ ldapsearch -H ldaps://`hostname` -D "cn=Directory Manager"  -W -s
sub -b ou=authorities,ou=ca,o=ipaca                   Enter LDAP
# extended LDIF
# LDAPv3
# base <ou=authorities,ou=ca,o=ipaca> with scope subtree
# filter: (objectclass=*)
# requesting: ALL

# authorities, ca, ipaca
dn: ou=authorities,ou=ca,o=ipaca
objectClass: top
objectClass: organizationalUnit
ou: authorities

# 0af769bd-a7ed-4f3a-8859-a877724ea8f2, authorities, ca, ipaca
dn: cn=0af769bd-a7ed-4f3a-8859-a877724ea8f2,ou=authorities,ou=ca,o=ipaca
objectClass: authority
objectClass: top
cn: 0af769bd-a7ed-4f3a-8859-a877724ea8f2
authorityID: 0af769bd-a7ed-4f3a-8859-a877724ea8f2
authorityKeyNickname: caSigningCert cert-pki-ca
authorityEnabled: TRUE
authorityDN: CN=Certificate Authority,O=EXAMPLE.COM
description: Host authority

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2

I'll attach the log files soon.

Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to