rit...@redhat.com> wrote:
> Alessandro De Maria wrote:
> > Hello Martin,
> >
> > still no luck unfortunately.
> >
> > The client is an ubuntu 14.04 server, and I believe it is enrolled
> already.
> >
> > The /etc/ipa/ca.pem is correct and already in
o I need to restart some components?
Any log I could look into?
Thank you
On 8 November 2016 at 07:56, Martin Babinsky <mbabi...@redhat.com> wrote:
> On 11/07/2016 04:45 PM, Alessandro De Maria wrote:
>
>> Hi Martin,
>>
>> I tried from the host I am executing the scrip
? can I copy
it, or is there a way to regenerate it?
Regards
Alessandro
On 7 November 2016 at 15:36, Alessandro De Maria <
alessandro.dema...@gmail.com> wrote:
> Hi Martin, this is the output from the id1 host:
>
> certutil -L -d /etc/httpd/alias/
>
> Certificate Nickname
On 11/04/2016 04:52 PM, Alessandro De Maria wrote:
>
>> Hello,
>>
>> I have a FreeIPA installation that is working very nicely, we already
>> have configured many hosts and so far we are quite happy with it.
>>
>> I was trying to connect Ansible to fetch h
>.****.com/ipa/json*
If I curl the URL, it works just fine ( I imported the CA Certificate in
the system directory /etc/ssl/certs).
I have run `openssl s_client` connect and downloaded the remote certificate
locally, then I run:
# openssl verify cert.pem
# *id1.prod.**xxxx**.com
ss: Subject alt
> name type IP Address is forbidden).
I believe FreeIPA does not currently support IPs as the SAN of a
certificate.
Is this still the case? is there a workaroud?
Regards
Alessandro
--
Alessandro De Maria
alessandro.dema...@gmail.com
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
The workaround worked thank you!
On 6 Oct 2016 5:09 pm, "Sumit Bose" <sb...@redhat.com> wrote:
> On Thu, Oct 06, 2016 at 03:48:10PM +0100, Alessandro De Maria wrote:
> > Hello,
> >
> > We are moving some of our servers to use 16.04 and for all new install
/org/freedesktop/sssd/service
(Thu Oct 6 15:42:20 2016) [sssd[ssh]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
Could you help me understand what is the issue with it?
Regards
Alessandro
--
Alessandro De Maria
alessandro.dema...@gmail.com
--
Manage your subscription for the
Fantastic thank you!
On 16 Mar 2016 12:21 a.m., "Fraser Tweedale" <ftwee...@redhat.com> wrote:
> On Tue, Mar 15, 2016 at 09:39:12AM +0000, Alessandro De Maria wrote:
> > Thank you Martin that's very helpful.
> >
> > The annoying thing about c
at 08:50, Martin Babinsky <mbabi...@redhat.com> wrote:
> On 03/15/2016 08:39 AM, Alessandro De Maria wrote:
>
>> Hello,
>>
>> I would like to have authenticated users to upload a csr request and
>> have their certificate automatically signed. Their certificate wo
Solved.
This turned out to be the ipa-otp process stuck on one of the 2 servers.
The VPN requests where being sent to the other server which was working fine
a simple restart of ipa fixed it.
Regards
On 28 February 2016 at 23:17, Alessandro De Maria <
alessandro.dema...@gmail.com>
creating a new one.
Strangely enough I can connect OK with the VPN supplying password + OTP,
but OTP is not working on both freeipa gui and when issuing sudo.
Could someone help me understand what is going on?
Regards
Alessandro
--
Alessandro De Maria
alessandro.dema...@gmail.com
--
Manage your
I re-run the upgrade script and that fixed it. Thank you very much
Alexander!
On 27 February 2016 at 21:46, Alessandro De Maria <
alessandro.dema...@gmail.com> wrote:
> Yes that looks exactly like it, thank you.
> Are you aware of a workaround available? Like changing manuall
Yes that looks exactly like it, thank you.
Are you aware of a workaround available? Like changing manually the CS.cfg?
On 27 February 2016 at 21:40, Alexander Bokovoy <aboko...@redhat.com> wrote:
> On Sat, 27 Feb 2016, Alessandro De Maria wrote:
>
>> great that explain
e I know)
But thank you this is already very helpful.
I hope I can find some other pointed to understand my issue then.
Regards
Alessandro
On 27 February 2016 at 21:25, Alexander Bokovoy <aboko...@redhat.com> wrote:
> On Sat, 27 Feb 2016, Alessandro De Maria wrote:
>
>>
etry: 4001 (RPC failed at server. caIPAserviceCert:
Certificate Profile not found*
Could someone help me out please? I noticed that 4.2.3 is out with
important bug fixes, is there a repository out there with Centos rmps?
Regards
Alessandro
--
Alessandro De Maria
alessandro.dema...@gmail.com
--
M
16 matches
Mail list logo