Anthony Cheng wrote:
More updates; it turns out that there were some duplicate and expired
certificates as well as incorrect trust attributes; (e.g. seeing 2
instances of Server-Cert from certutil -L -d /etc/httpd/alias). So I
deleted the duplicate cert and re-add certificate w/ valid date and
More updates; it turns out that there were some duplicate and expired
certificates as well as incorrect trust attributes; (e.g. seeing 2
instances of Server-Cert from certutil -L -d /etc/httpd/alias). So I
deleted the duplicate cert and re-add certificate w/ valid date and
fix cert trust
On Wed, May 4, 2016 at 9:07 AM, Rob Crittenden wrote:
> Anthony Cheng wrote:
>>
>> Small update, I found an article on the RH solution library
>> (https://access.redhat.com/solutions/2020223) that has the same error
>> code that I am getting and I followed the steps with
Anthony Cheng wrote:
Small update, I found an article on the RH solution library
(https://access.redhat.com/solutions/2020223) that has the same error
code that I am getting and I followed the steps with certutil to update
the cert attributes but it is still not working. The article is listed
Anthony Cheng wrote:
On Sat, Apr 30, 2016 at 10:08 AM Rob Crittenden > wrote:
Anthony Cheng wrote:
> OK so I made process on my cert renew issue; I was able to get kinit
> working so I can follow the rest of the steps here
>
On Sat, Apr 30, 2016 at 10:08 AM Rob Crittenden wrote:
> Anthony Cheng wrote:
> > OK so I made process on my cert renew issue; I was able to get kinit
> > working so I can follow the rest of the steps here
> > (http://www.freeipa.org/page/IPA_2x_Certificate_Renewal)
> >
> >
Anthony Cheng wrote:
OK so I made process on my cert renew issue; I was able to get kinit
working so I can follow the rest of the steps here
(http://www.freeipa.org/page/IPA_2x_Certificate_Renewal)
However, after using
ldapmodify -x -h localhost -p 7389 -D 'cn=directory manager' -w password
I make further progress, I managed to get it to be in NEED_TO_SUBMIT state
again after a reboot and this time klist and clock looks good. However
getting this error while restarting IPA,
Starting dirsrv:
PKI-IPA...[29/Apr/2016:21:41:48 +] - SSL alert:
CERT_VerifyCertificateNow: verify
OK so I made process on my cert renew issue; I was able to get kinit
working so I can follow the rest of the steps here (
http://www.freeipa.org/page/IPA_2x_Certificate_Renewal)
However, after using
ldapmodify -x -h localhost -p 7389 -D 'cn=directory manager' -w password
and restarting apache
klist is actually empty; kinit admin fails. Sounds like then getcert
resubmit has a dependency on kerberoes. I can get a backup image that has
a valid ticket but it is only good for 1 day (and dated pasted the cert
expire).
Also I had asked awhile back about whether there is dependency on
On Wed, Apr 27, 2016 at 07:54:57PM +, Anthony Cheng wrote:
> Hi list,
>
> I am trying to renew expired certificates following the manual renewal
> procedure here (http://www.freeipa.org/page/IPA_2x_Certificate_Renewal) but
> even with resetting the system/hardware clock to a time before
On 27/04/16 21:54, Anthony Cheng wrote:
Hi list,
I am trying to renew expired certificates following the manual renewal procedure
here (http://www.freeipa.org/page/IPA_2x_Certificate_Renewal) but even with
resetting the system/hardware clock to a time before expires, I am getting the
error
Hi list,
I am trying to renew expired certificates following the manual renewal
procedure here (http://www.freeipa.org/page/IPA_2x_Certificate_Renewal) but
even with resetting the system/hardware clock to a time before expires, I
am getting the error "ca-error: Error setting up ccache for local
13 matches
Mail list logo