Hi,
No-one has any idea here ? My Root Cert is installed OK.
# certutil -d /etc/pki/pki-tomcat/alias/ -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
ocspSigningCert cert-pki-ca
Hi guys,
I have installed successfully an external CA Certificate for
https/LDAP but now I get this on my ipa-commands:
ipa domainlevel-get
ipa: ERROR: cert validation failed for
"CN=*.mysubdomain.ipa.mydomain.tld,OU=PositiveSSL Wildcard,OU=Domain
Control Validated"
Thanks for heads up. You mean by the difference between O=MW and
O=MELTWATER.COM?
Petr, is this possible? Can it be validated in the the installer if this is the
root cause?
Martin
On 11/08/2013 01:55 AM, William Leese wrote:
I was able to solve this by recreating my test CA. I believe the
You mean by the difference between O=MW and O=MELTWATER.COM?
Yes, but again I don't know for sure. I wasn't very diligent setting up my
test CA.
___
Freeipa-users mailing list
Freeipa-users@redhat.com
On 11/08/2013 09:01 AM, Martin Kosek wrote:
Thanks for heads up. You mean by the difference between O=MW and
O=MELTWATER.COM?
Petr, is this possible? Can it be validated in the the installer if this is the
root cause?
It is possible. It's hard to tell without the logs; looks like the
failure
On 11/08/2013 04:56 AM, Petr Viktorin wrote:
On 11/08/2013 09:01 AM, Martin Kosek wrote:
Thanks for heads up. You mean by the difference between O=MW and
O=MELTWATER.COM?
Petr, is this possible? Can it be validated in the the installer if this is
the
root cause?
Thats a good question.
On 11/07/2013 08:34 AM, William Leese wrote:
[root@vagrant-centos-6 CA]# cat /root/server.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha1WithRSAEncryption
I was able to solve this by recreating my test CA. I believe the problem
was with non-matching Organisation between the CSR and CA - but I dont have
the knowledge to know if this is really required.
Anyhow, things work, despite not having removed the -BEGIN
CERTIFICATE- lines this time
On 11/06/2013 06:32 AM, William Leese wrote:
Hi,
Trying to install freeIPA and have it a sub-ca of an existing one. Sadly
I'm not getting anywhere.
The version I have installed:
ipa-server-3.0.0-26.el6_4.4.x86_64
This is what I run:
ipa-server-install -U -a testtest -p testtest
Hi,
Trying to install freeIPA and have it a sub-ca of an existing one. Sadly
I'm not getting anywhere.
The version I have installed:
ipa-server-3.0.0-26.el6_4.4.x86_64
This is what I run:
ipa-server-install -U -a testtest -p testtest
--external_cert_file=/root/server.pem
On 07/25/2013 04:06 PM, Armstrong, Kenneth Lawrence wrote:
On Fri, 2013-07-19 at 17:44 -0400, Dmitri Pal wrote:
On 07/19/2013 01:11 PM, Armstrong, Kenneth Lawrence wrote:
I'm trying to install an IPA server using an external CA.
I ran the ipa-server-install --external-ca command, and got my
Armstrong, Kenneth Lawrence wrote:
On Thu, 2013-07-25 at 16:22 +0200, Martin Kosek wrote:
On 07/25/2013 04:06 PM, Armstrong, Kenneth Lawrence wrote:
On Fri, 2013-07-19 at 17:44 -0400, Dmitri Pal wrote:
On 07/19/2013 01:11 PM, Armstrong, Kenneth Lawrence wrote:
I'm trying to install an IPA
On Thu, 2013-07-25 at 11:51 -0400, Rob Crittenden wrote:
Armstrong, Kenneth Lawrence wrote:
On Thu, 2013-07-25 at 16:22 +0200, Martin Kosek wrote:
On 07/25/2013 04:06 PM, Armstrong, Kenneth Lawrence wrote:
On Fri, 2013-07-19 at 17:44 -0400, Dmitri Pal wrote:
On 07/19/2013 01:11 PM,
On 07/25/2013 06:53 PM, Armstrong, Kenneth Lawrence wrote:
On Thu, 2013-07-25 at 11:51 -0400, Rob Crittenden wrote:
Armstrong, Kenneth Lawrence wrote:
On Thu, 2013-07-25 at 16:22 +0200, Martin Kosek wrote:
On 07/25/2013 04:06 PM, Armstrong, Kenneth Lawrence wrote:
On Fri, 2013-07-19 at
On 02/20/2013 10:20 PM, Kendrick . wrote:
I am trying to get cacert to sign the csr. I have tried searching
about it and cant figure out what is what. some information i have
found suggests it wont be possible.
when I go to get the csr signed i get
The following hostnames were rejected
com
- *Subject*: Re: [Freeipa-users] --external-ca is a bit confusing.
- *Date*: Thu, 21 Feb 2013 03:30:45 -0500
--
On 02/20/2013 10:20 PM, Kendrick . wrote:
I am trying to get cacert to sign the csr. I have tried searching about it
and cant figure out what
On 02/21/2013 07:23 PM, Kendrick . wrote:
It is part of my initial setup. I copied the ipa.csr in to cacert's
signing system so that the certificates would be valid outside of my
local domain. and it errors because the host information said
certificate authority instead of the host name if I
I am trying to get cacert to sign the csr. I have tried searching about it
and cant figure out what is what. some information i have found suggests
it wont be possible.
when I go to get the csr signed i get
The following hostnames were rejected because the system couldn't link
them to your
18 matches
Mail list logo