Hi Timo, Georgijs,
In our setup we use Let's Encrypt certificates for HTTPS/LDAPS and the
solution was to add the "DST Root CA X3" to NSS database at
"/etc/pki/nssdb". I used the following command to do it:
$ certutil -A -n "DST Root CA X3" -t "C,," -i
/etc/ssl/certs/DST_Root_CA_X3.pem -d sql:/et
Hello, Timo!
Sorry, forgot to mention in "What is expected" tested Ubuntu version.
"What is expected" ipa-client-install was tested on Ubuntu 16.04
clients, and it worked.
The problem is, that 3/4 of our server infrastructure is running Ubuntu
14.04.
We're planning to gradually move to 16.04, b
if you have /etc/ipa/ca.crt, try removing it and ipa-client-install
again
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1635568
Title:
freeipa-client - Can't enroll a client if server has ext
So, what version should work, or what provides the output in "what is
expected"? Tried xenial or newer?
** Changed in: freeipa (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
http
I have the same issue with FreeIPA deployment on Ubuntu 14.04.5 LTS. I
have FreeIPA 4.3.x on the server side with Let's Encrypt certificates
installed for HTTPS and LDAPS services.
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: freeipa (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1635568
Titl
6 matches
Mail list logo
