Re: [Freeipa-users] Ipa replica cannot gen as cert expire which folder I should replace new cert???

2016-05-26 Thread Rob Crittenden
barry...@gmail.com wrote: externaly signed CA - Godaddy Exppired. Already add new to db /etc/https/alias / -L and config nickname map in /etc/http/config.d/nss.conf Already Import to /etc/slapd/PKI-IPA ...where nickname I should point to? Alreasy change /etc/dirsrv/slapd-ABC-COM and nickname

Re: [Freeipa-users] Ipa replica cannot gen as cert expire which folder I should replace new cert???

2016-05-25 Thread barrykfl
externaly signed CA - Godaddy Exppired. Already add new to db /etc/https/alias / -L and config nickname map in /etc/http/config.d/nss.conf Already Import to /etc/slapd/PKI-IPA ...where nickname I should point to? Alreasy change /etc/dirsrv/slapd-ABC-COM and nickname map in dse.ldif Start stop

Re: [Freeipa-users] Ipa replica cannot gen as cert expire which folder I should replace new cert???

2016-05-25 Thread Martin Basti
On 25.05.2016 04:36, Barry wrote: Hi: Which location i should renew cert? Http/alias Etc/dirsrv/slapd* Enough? We need to know if you have IPA configured with * externaly signed CA * or selfsigned CA * or if you have any other certificates from different CAs If I remember correctly you

Re: [Freeipa-users] Ipa replica cannot gen as cert expire which folder I should replace new cert???

2016-05-24 Thread Barry
Hi: Which location i should renew cert? Http/alias Etc/dirsrv/slapd* Enough? 2016年5月24日 下午10:01 於 "Rob Crittenden" 寫道: > barry...@gmail.com wrote: > >> hi all: >> >> >> Thx ad title >> >> ipa : ERRORcert validation failed for "CN=server.abc.com >>

Re: [Freeipa-users] Ipa replica cannot gen as cert expire which folder I should replace new cert???

2016-05-24 Thread Rob Crittenden
barry...@gmail.com wrote: hi all: Thx ad title ipa : ERRORcert validation failed for "CN=server.abc.com ,O=WISER S.COM " ((SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired.) preparation of replica failed: cannot connect to

[Freeipa-users] Ipa replica cannot gen as cert expire which folder I should replace new cert???

2016-05-24 Thread barrykfl
hi all: Thx ad title ipa : ERRORcert validation failed for "CN=server.abc.com,O=WISER S.COM" ((SEC_ERROR_EXPIRED_CERTIFICATE) Peer's Certificate has expired.) preparation of replica failed: cannot connect to 'https://server.ABC.com:944 4/ca/ee/ca/profileSubmitSSLClient':