Sinh Lam via FreeIPA-users wrote:
> I haven’t had the chance to try this out. My plan was to spin up a
> backup of the current server and try these settings there and go from
> there. The less chance that I’ll need to re-do everything going that route.
A user made some nice enhancements to
I haven’t had the chance to try this out. My plan was to spin up a backup
of the current server and try these settings there and go from there. The
less chance that I’ll need to re-do everything going that route.
On January 28, 2021 at 10:59:15 AM, Rob Crittenden (rcrit...@redhat.com)
wrote:
Sinh Lam via FreeIPA-users wrote:
> Hi Rob -
>
> The chain should be the same. I’m using a LetsEncrypt certificate and
> have previously had it added but I lapsed in renewing it and now when I
> attempt to update the cert for LDAP it just complains about the peer
> certificate expired. Instead
Hi Rob -
The chain should be the same. I’m using a LetsEncrypt certificate and have
previously had it added but I lapsed in renewing it and now when I attempt
to update the cert for LDAP it just complains about the peer certificate
expired. Instead of renewing - I end up regenerating a new
Sinh Lam via FreeIPA-users wrote:
> Hi Rob -
>
> Do you have any instructions on manually doing this? I asked a similar
> question a while ago (and excuses aside) but I haven’t responded back
> with the requested info. The http cert was updated but I can’t seem to
> get the 389-ds certificate
Hi Rob -
Do you have any instructions on manually doing this? I asked a similar
question a while ago (and excuses aside) but I haven’t responded back with
the requested info. The http cert was updated but I can’t seem to get the
389-ds certificate to update as well.
Thanks.
sinh
On January
Florence
Thank you so much I really appreciated your help.
I already did that creating a new ticket using "kinit admin" and it accepts the
password, But when I apply ipa-certupdate it returns
"ipa: ERROR: Insufficient access: Invalid credentials"
Even the DM password is correct.
Second, The
On 1/25/21 11:36 PM, Ahmed ElShafaie via FreeIPA-users wrote:
Also when I run ipa-certupdate
trying https://identity.ashlex.com/ipa/session/json
[try 1]: Forwarding 'schema' to json server
'https://identity.ashlex.com/ipa/session/json'
Major (851968): Unspecified GSS failure. Minor code may
Also when I run ipa-certupdate
trying https://identity.ashlex.com/ipa/session/json
[try 1]: Forwarding 'schema' to json server
'https://identity.ashlex.com/ipa/session/json'
Major (851968): Unspecified GSS failure. Minor code may provide more
information, Minor (2529638945): Ticket not yet
Rob,
thank you for your reply. I did that, I return the date before the SSL expired
and run the same ipa-server-certinstall it gives me
The server certificate in key.txt,combined.crt is not valid: certutil:
certificate is invalid: Peer's Certificate has expired.
where the combined.crt contains
Ahmed ElShafaie via FreeIPA-users wrote:
> As following up, Any cmd I try to use returns
> ipa: ERROR: cannot connect to 'https://server_name/ipa/json': [SSL:
> CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)
>
You need to use date to move your server back in time to when the
As following up, Any cmd I try to use returns
ipa: ERROR: cannot connect to 'https://server_name/ipa/json': [SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
12 matches
Mail list logo