barry...@gmail.com wrote:
Dear all:
I added *.abc.net http://abc.net cet to certutil -d /etc/httpd/alias
and /etc/dirsrv/slapd-ABC-COM
But error comes out after when i login the UI of service and cick in entry .
cannot connect to
'https://cert1.abc.com:443/ca/agent/ca/displayBySerial':
No worries then. The IPA CA (dogtag) uses NSS for crypto so there is no way
the CA private key could have been exposed.
If you've issued SSL certs from the IPA CA for services running OpenSSL you
could re-issue those to be on the safe side, but IPA itself uses only NSS on
its servers.
On Fri, 11 Apr 2014, rashard.ke...@sita.aero wrote:
futex(0x7f0e2e1462c0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
open(/tmp/krb5cc_159910_CUkupo, O_RDONLY) = -1 EACCES (Permission
denied)
Are you sure you don't have SELinux really running and enabled?
Because the following output makes me
[root@replicahostname ~]# sestatus
SELinux status: disabled
[root@replicahostname ~]# audit2why -b -w -t avc
[root@replicahostname ~]#
Nothing in the audit log after audit2why came back either.
Thank You,
Rashard Kelly
From: Alexander Bokovoy aboko...@redhat.com
To:
On Fri, Apr 11, 2014 at 09:42:41AM -0400, rashard.ke...@sita.aero wrote:
[root@replicahostname ~]# sestatus
SELinux status: disabled
[root@replicahostname ~]# audit2why -b -w -t avc
[root@replicahostname ~]#
Nothing in the audit log after audit2why came back either.
I changed the permissions to world readable to test, afterward I changed
it back to be readable only by the owner. The problem then reappeared.
[rkelly@replicahostname ~]$ ls -lZa| grep krb
-r rootroot?krb5cc_0
-r xs05144 xs05144 ?
On (11/04/14 11:22), rashard.ke...@sita.aero wrote:
I changed the permissions to world readable to test, afterward I changed
it back to be readable only by the owner. The problem then reappeared.
[rkelly@replicahostname ~]$ ls -lZa| grep krb
-r rootroot?
On Fri, Apr 11, 2014 at 11:22:55AM -0400, rashard.ke...@sita.aero wrote:
I changed the permissions to world readable to test, afterward I changed
it back to be readable only by the owner. The problem then reappeared.
[rkelly@replicahostname ~]$ ls -lZa| grep krb
-r rootroot
Greg Harris wrote:
No worries then. The IPA CA (dogtag) uses NSS for crypto so there is no way the
CA private key could have been exposed.
If you've issued SSL certs from the IPA CA for services running OpenSSL you
could re-issue those to be on the safe side, but IPA itself uses only NSS on
Thank you so much, it was the user id. There was an account with the same
user name leftover from a previous effort.
Thanks to everyone for the time.
Thank You,
Rashard Kelly
From: Sumit Bose sb...@redhat.com
To: rashard.ke...@sita.aero
Cc: Alexander Bokovoy aboko...@redhat.com,
On 04/11/2014 04:22 PM, Nordgren, Bryce L -FS wrote:
I guess we just do not see this scenario in practice yet.
What I've found in the last decade is that scientists and CIO types cannot talk
for lack of a common language. CIO types believe in closed systems over which
they have complete
On Fri, 2014-04-11 at 17:58 -0400, Dmitri Pal wrote:
C] If I am trying to ssh into one of our collaboration resources
when I'm visiting a collaborator, I'm forced to use my SAML
credentials because I can't reach AD. Because we will not be
synchronizing all users against our SAML IdPs, my SAML
There is a groups pf people that belong to different organizations, for
example universities that launch a project together. They have the identities
in their own home organization (domains). There is a hosting organization
that some of the members of the group might belong to. Jointly all
13 matches
Mail list logo