Re: [Freeipa-users] ocsp server not respondig after migrating from centos 6.7 to 7.1

On Sat, Sep 12, 2015 at 9:43 AM, Natxo Asenjo wrote: > hi, > > In a test network I followed the procedure especified in >

[Freeipa-users] ocsp server not respondig after migrating from centos 6.7 to 7.1

hi, In a test network I followed the procedure especified in https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/migrating-ipa-proc.html to migrate from a centos 6.7 ipa server to a new centos 7 ipa server.

[Freeipa-users] ipa-client-install --request-cert fails

hi, on a a centos 7.1 host when enrolling it with (among other) the switch --request-cert it does not create a host certificate for it. The host is properly joined but not certificate is present. In the ipaclient-install.log file I see this: 2015-09-12T09:34:02Z ERROR certmonger request for

[Freeipa-users] add SubjectAltName (SAN) to IPA certificate

Due to the bug in mod_nss that prevents SNI from functioning (i.e. limits a port to a single certificate) I need to add SANs (SubjectAltName) to the certificate that freeipa created for the webserver (Server-Cert) so that I can add more virtual hosts to the same Apache instance (yes, I know this

Re: [Freeipa-users] ipa-client-install --request-cert fails

On Sat, Sep 12, 2015 at 12:18 PM, Natxo Asenjo wrote: > hi, > > on a a centos 7.1 host when enrolling it with (among other) the switch > --request-cert it does not create a host certificate for it. The host is > properly joined but not certificate is present. > > In the