I already done input new cert but ipa-replica-prepare central03.ABC.com (ipa
3.0) it fail with the error as below:
which "location" I should check the old cert still inside some where
Below I already input CA / server cert ..and nssdb poting is right
..already spent serveral days to check where is it I also try direct use
pfx for the cert directly but same error comesout...seem it still use old
cert to compare.
Any idea ? many thanks
I use similar commands as below: and follow steps here: https web side
already using new and dirsvr no error on starting only I cannot do replicas
certutil -A -d /var/lib/pki-ca/alias/ -n 'EXT-CA' -t CT,C,C -a -i
ipa : ERROR cert validation failed for "CN=central.ABC.com,O=
ABC.COM" ((SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired.)
preparation of replica failed: cannot connect to '
(SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project