IPA Error 4301: CertificateOperationError
Certificate operation cannot be completed: EXCEPTION (You did not provide a
valid certificate for this operation)
Failed to authenticate to CA REST API
Hello!
I need create new CA cert and certs directory server, http server, KDC.
How I can do that?
pki cert-show 7
WARNING: pki cert has been deprecated. Use pki ca-cert instead.
WARNING: UNTRUSTED ISSUER encountered on 'CN=ns01.domain.com,O=DOMAIN.COM'
indicates a non-trusted CA cert 'CN=Certificate Authority,O=DOMAIN.COM'
Trust this certificate (y/N)? y
Serial Number: 0x7
Subject DN:
how recreate CA and
directory server
http server
KDC
?
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
how to fix
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List
ipa-healthcheck
DOMAIN.COM IPA CA not found, assuming 3rd party
DSTRootCAX3 not found, assuming 3rd party
letsencryptx3 not found, assuming 3rd party
USERTrustRSA.crt not found, assuming 3rd party
ra.get_certificate(): EXCEPTION (You did not provide a valid certificate for
this operation)
ldapsearch -D "cn=directory manager" -W -b o=ipaca "(uid=ipara)" dn
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base with scope subtree
# filter: (uid=ipara)
# requesting: dn
#
# ipara, people, ipaca
dn: uid=ipara,ou=people,o=ipaca
# search result
search: 2
result: 0 Success
#
only one server.
VERSION: 4.8.10
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
getcert list -f /var/lib/ipa/ra-agent.pem | grep expires
expires: 2022-06-20 19:31:51 UTC
I dont find /var/lib/ipa/ra-agent.pem in output
ldapsearch -D "cn=directory manager" -W -b o=ipaca
___
FreeIPA-users mailing list --
Hello I need to fix CA
Failed to authenticate to CA REST API
How I can reinstall/reconfigure only CA.
or export users(with hash passwords)/groups. and import on new installation.
Help me please.
___
FreeIPA-users mailing list --