We are not clustered. Our version is PacketFence 8.1.0. I copied the files in question into the pertinent locations, using the documented instructions. It appears that they are being used (at least as far as I can tell), but we are still getting those notifications.
I had to modify your commands - specifically, "-nout" had to be changed to "-noout" Here is the series of commands and their outputs in context: [root@cuvnac1 ssl]# #v+ [root@cuvnac1 ssl]# openssl x509 -in /usr/local/pf/raddb/certs/server.crt -noout -subject -issuer -dates -serial subject= /C=XX/ST=XXXXXXXX/L=XXXXXXXXXXXXXX/O=XXXXXXXXXXXXXXXXXXXXXX/CN=XXX.campbellsville.edu issuer= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018 notBefore=May 25 00:00:00 2021 GMT notAfter=Jun 25 23:59:59 2022 GMT serial=0FC92F151136A3507F148A6D1E2C7208 [root@cuvnac1 ssl]# openssl x509 -in /usr/local/pf/conf/ssl/server.pem -noout -subject -issuer -dates -serial subject= /C=XX/ST=XXXXXXXX/L=XXXXXXXXXXXXXX/O=XXXXXXXXXXXXXXXXXXXXXX/CN=XXX.campbellsville.edu issuer= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018 notBefore=May 25 00:00:00 2021 GMT notAfter=Jun 25 23:59:59 2022 GMT serial=0FC92F151136A3507F148A6D1E2C7208 [root@cuvnac1 ssl]# #v- I've obscured some details I don't want to publish with XXX's. It appears to me that the certs are updated according to the output. Thanks for your help on this so far, I appreciate it! From: Quiniou-Briand, Nicolas <nquin...@akamai.com> Sent: Thursday, June 3, 2021 4:36 AM To: packetfence-users@lists.sourceforge.net Cc: Gibbs, Christopher <cmgi...@campbellsville.edu> Subject: RE: Error Notifications even after SSL certifiate update Hello Christopher, 1. Are you in a cluster ? On which PacketFence version ? 2. How did you update your certificates ? Error message reported is coming from pfcron or pfmon daemon (depending on PacketFence version) I think that if you received such messages, your new certs are *not* in place. You can check with following commands: #v+ openssl x509 -in /usr/local/pf/raddb/certs/server.crt -nout -subject -issuer -dates -serial openssl x509 -in /usr/local/pf/conf/ssl/server.pem -nout -subject -issuer -dates -serial #v- Nicolas Quiniou-Briand Product Support Engineer [cid:image001.png@01D7584F.5E0EAE00] Office: +33156696210 Akamai Technologies 145 Broadway Cambridge, MA 02142 Connect with Us: [cid:image002.jpg@01D7584F.5E0EAE00]<https://community.akamai.com/> [cid:image003.png@01D7584F.5E0EAE00] <http://blogs.akamai.com/> [cid:image004.png@01D7584F.5E0EAE00] <https://twitter.com/akamai> [cid:image005.png@01D7584F.5E0EAE00] <http://www.facebook.com/AkamaiTechnologies> [cid:image006.png@01D7584F.5E0EAE00] <http://www.linkedin.com/company/akamai-technologies> [cid:image007.png@01D7584F.5E0EAE00] <http://www.youtube.com/user/akamaitechnologies?feature=results_main>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
