Thank you Rob and Martin,
the correct place on Ubuntu seems to be:
/etc/pki/nssdb/
This directory does not seem to be initialised by the *ipa-client-install*
tool.
Now my script still doesn't work, but offer brand new errors :)
Thank you
On 8 November 2016 at 14:55, Rob Crittenden
Alessandro De Maria wrote:
> Hello Martin,
>
> still no luck unfortunately.
>
> The client is an ubuntu 14.04 server, and I believe it is enrolled already.
>
> The /etc/ipa/ca.pem is correct and already installed, and I even added
> it to the /etc/ssl/certs directory (which is why my curl
Hello Martin,
still no luck unfortunately.
The client is an ubuntu 14.04 server, and I believe it is enrolled already.
The /etc/ipa/ca.pem is correct and already installed, and I even added it
to the /etc/ssl/certs directory (which is why my curl command in the first
email does not complain)
On 11/07/2016 04:45 PM, Alessandro De Maria wrote:
Hi Martin,
I tried from the host I am executing the script from, and I get:
certutil -L -d /etc/httpd/alias/
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The
certificate/key database is in an old, unsupported format.
From the FreeIPA
Hi Martin,
I tried from the host I am executing the script from, and I get:
certutil -L -d /etc/httpd/alias/
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key
database is in an old, unsupported format.
>From the FreeIPA server, as I said previously, I get:
certutil -L
Hi Martin, this is the output from the id1 host:
certutil -L -d /etc/httpd/alias/
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
Signing-Cert u,u,u
ipaCert
On 11/04/2016 04:52 PM, Alessandro De Maria wrote:
Hello,
I have a FreeIPA installation that is working very nicely, we already
have configured many hosts and so far we are quite happy with it.
I was trying to connect Ansible to fetch hosts from FreeIPA using the
freeipa.py script
