Hi All
I installed a custom signed certificate from quovadis, the install on the ipa
server wen’t fine but when I try to add a client (centos 6) it gives error:
LDAP Error: Connect error: TLS error -8172:Peer's certificate issuer has been
marked as not trusted by the user.
The standard google s
we are affected by the CSN time skew bug discussed in this
wikihttp://directory.fedoraproject.org/docs/389ds/howto/howto-fix-and-reset-time-skew.html#so-how-does-the-time-skew-grow-at-all
andhttps://bugzilla.redhat.com/show_bug.cgi?id=1009122
We are on CentOS Linux release 7.3.1611 (Core)ipa-
One option is to manually update your root certs on cent6.
Install the ca-certificates package: yum install ca-certificates
Enable the dynamic CA configuration feature: update-ca-trust force-enable
Add it as a new file to /etc/pki/ca-trust/source/anchors/: cp foo.crt
/etc/pki/ca-trust/source/anc