Hello!,
Anybody knows if there are any issues with freeipa-client with versions
higher than 4.9.8?.
I'm currently having issues with Ubuntu 22.04 due to a python library that
needed to be updated for an application requirements and breaks FreeIPA
python scripts.
I see tar files for 4.9.12 and
Jeremy Tourville via FreeIPA-users wrote:
Is this an externally-signed CA?
> Yes
What version of healthcheck do you have?
> 0.12-1
>
> I *think* from what I am seeing this cert is valid. Can you confirm?
>
> # getcert list -i "20230901185953"
> Number of certificates and requests
Jochen Kellner via FreeIPA-users wrote:
> Alex Corcoles via FreeIPA-users
> writes:
>
>> Hi all,
>>
>> Sorry I didn't keep track of this more accurately. Some time ago, the
>> ipa-healthcheck service started failing (September 23rd, I think). I
>> took a look, and IIRC, it said something like
Alex Corcoles via FreeIPA-users wrote:
> Hi all,
>
> Sorry I didn't keep track of this more accurately. Some time ago, the
> ipa-healthcheck service started failing (September 23rd, I think). I took a
> look, and IIRC, it said something like some certs were about to expire. I
> ignored that
Oh, thanks for the playbook- I appreciate it.
It's surprising that some of the bugs you posted mention SELinux- the replica
that doesn't have issues is running SELinux, while the replica that has issues
doesn't (it's an LXC container).
___
Alex Corcoles via FreeIPA-users
writes:
> Hi all,
>
> Sorry I didn't keep track of this more accurately. Some time ago, the
> ipa-healthcheck service started failing (September 23rd, I think). I
> took a look, and IIRC, it said something like some certs were about to
> expire. I ignored that
I forgot to add; I'm running two replicas, both are CAs and provisioned
identically, and only one of them shows this issue.
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to
Hi all,
Sorry I didn't keep track of this more accurately. Some time ago, the
ipa-healthcheck service started failing (September 23rd, I think). I took a
look, and IIRC, it said something like some certs were about to expire. I
ignored that (because they renew automatically?). But then I
Kevin:
Could you share the ACL of the dataset you share via nfs4?
Best,
Francis
> On Oct 3, 2023, at 16:10, Kevin Vasko via FreeIPA-users
> wrote:
>
> I actually did this recently.
>
> Full working settings configuration in TrueNAS Scale. You will need to create
> a BIND account which I
Hi Kevin,
Thanks for sharing this.
My configuration is virtually identical.
The differences:
- I set LDAP encryption to «on»
- I don’t validate certificates here. I do use one on the idmap configuration
- I also add `map passwd loginShell loginShell` to the Auxiliary Parameters of
the LDAP
>>>Is this an externally-signed CA?
Yes
>>>What version of healthcheck do you have?
0.12-1
I *think* from what I am seeing this cert is valid. Can you confirm?
# getcert list -i "20230901185953"
Number of certificates and requests being tracked: 10.
Request ID '20230901185953':
status:
Jeremy Tourville via FreeIPA-users wrote:
> I recently updated my system. I am now at version 4.9.11. After the update
> I noticed the following output from healthcheck.
>
> # ipa-healthcheck
> ra.get_certificate(): Request failed with status 404: Non-2xx response from
> CA REST API: 404.
I recently updated my system. I am now at version 4.9.11. After the update I
noticed the following output from healthcheck.
# ipa-healthcheck
ra.get_certificate(): Request failed with status 404: Non-2xx response from CA
REST API: 404. Certificate ID 0x6f001f2421fafd67223225001f
13 matches
Mail list logo
