Rob you are awesome and I don't know what I would do without you. So I have two
things going on obviously. Following your instructions it looks like the DM
password has correctly been set. I cannot change the admin password as a test
because I get the cert errors. I am going to retry setting
Unfortunately this issue suddenly go much worse. I get this error in the UI
when trying to view hosts on one of my servers
cannot connect to 'https:/ipa1.example.com:443/ca/agent/ca/displayBySerial':
(SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired.
and this on others:Some
sipazzo wrote:
I have seen many threads on this so sorry to bring it up again but I
have a freeipa domain, with 4 ipa servers running on redhat 6 version
3.0.0-50. The certificates are expired/expiring and will not renew and
it is causing many issues for us. I have tried the many suggestions I
Clark,
Thank you.
> I personally haven't done this, but from https://www.freeipa.org/page/PKI
>
> "when --external-ca option is used, ipa-server-install produces a
certificate certificate request for it's CA certificate so that it can be
properly chained in existing PKI infrastructure."
>
Is
Rakesh Rajasekharan wrote:
Hi,
I would like to restore IPA from a backup taken on another host.
My use case is to create a new QA environment and dont want to go over
the process of recreating all the users.
I tried to restore IPA from the backup taken in my first environment .
But, that
I have seen many threads on this so sorry to bring it up again but I have a
freeipa domain, with 4 ipa servers running on redhat 6 version 3.0.0-50. The
certificates are expired/expiring and will not renew and it is causing many
issues for us. I have tried the many suggestions I have see in the
Hi,
I would like to restore IPA from a backup taken on another host.
My use case is to create a new QA environment and dont want to go over the
process of recreating all the users.
I tried to restore IPA from the backup taken in my first environment . But,
that failed with hostname difference
Hi,
is it simply possible to move from ca to a ca-less environment in ipa ?
Because its ok for me to only use certificates in web and ldap
components. I use freeipa 4.2 , fedora 23.
regards,
Andreas
--
Manage your subscription for the Freeipa-users mailing list:
On Fri, Jul 22, 2016 at 06:17:32PM +0530, Rakesh Rajasekharan wrote:
> My specific requirement for having "enumerate=TRUE" was , we have a build
> server with the jenkins set up.
> And for authentication jenkins tries to get the localusers on the system.
>
> I should be able to get through that
Hi, all!
I run FreeIPA 4.2 bundled with RHEL7.2 with all latest errata installed
I tried to use kdcproxy in DMZ environment so I enabled KDCproxy on
server and explicitly set AD server records in server`s [realm] section
of krb5.conf.
After that I disabled KDC DNS autodiscovery on client
On Tue, Jul 26, 2016 at 06:07:10PM +0530, Rakesh Rajasekharan wrote:
> > Any change that it's running on a VM? If so, check your entropy:
>
> > cat /proc/sys/kernel/random/entropy_avail
>
> > If it's low (like < 1k), install haveged.
>
> this indeed is vm , am running it on azure . However, I
11 matches
Mail list logo