[Freeipa] [Bug 1772450] Re: freeipa server -- problems with certificates

2019-03-18 Thread Giovanni Vecchi 
Hi guys,

I can confirm bug is still present on a fresh bionic installation: any
ETA about cosmic backports?

Thanks a lot

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1772450

Title:
  freeipa server -- problems with certificates

Status in freeipa package in Ubuntu:
  Fix Released

Bug description:
  After having installed FreeIPA server on Ubuntu 18.04 and having
  sorted out all the other bugs, I still have problems with
  certificates.

  In the web interface, every attempt to select the "Authentication ->
  Certificates" tab ends with the following error

  IPA Error 4301: CertificateOperationError
  Certificate operation cannot be completed: Unable to communicate with CMS 
(Start tag expected, '<' not found, line 1, column 1)

  The problem also occur with command line utilities. For example, 'ipa
  cert-show 1' returns the error: 'ipa: ERROR: Certificate operation
  cannot be completed: Unable to communicate with CMS (500)'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1772450/+subscriptions

___
Mailing list: https://launchpad.net/~freeipa
Post to : freeipa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~freeipa
More help   : https://help.launchpad.net/ListHelp

[Freeipa] [Bug 1772447] Re: freeipa installation - directory /var/lib/krb5kdc is not accessible by Apache

2019-03-18 Thread Giovanni Vecchi 
Hi everybody,

I can confirmi bug is still present: any ETA for cosmic backports?

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1772447

Title:
  freeipa installation - directory /var/lib/krb5kdc is not accessible by
  Apache

Status in freeipa package in Ubuntu:
  Fix Released

Bug description:
  After having installed FreeIPA on Ubuntu 18.04, I cannot login by the
  web interface. I think the problem is that Apache uses the certificate
  in /var/lib/krb5kdc/kdc.crt to get Kerberos credentials. Although this
  file is readable by everyone, the directory /var/lib/krb5kdc is only
  accessible by root. After a 'chmod 0755 /var/lib/krb5kdc' it is
  possible to login trough the web interface.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1772447/+subscriptions

___
Mailing list: https://launchpad.net/~freeipa
Post to : freeipa@lists.launchpad.net
Unsubscribe : https://launchpad.net/~freeipa
More help   : https://help.launchpad.net/ListHelp