On Mon, Dec 11, 2017 at 10:47:44PM +0200, Alexander Bokovoy wrote:
> On ma, 11 joulu 2017, Henrik Johansson via FreeIPA-users wrote:
> >
> >
> > > On 11 Dec 2017, at 16:04, Alexander Bokovoy via FreeIPA-users
> > > wrote:
> > >
> > > On ma, 11 joulu 2017, Henrik Johansson via FreeIPA-users wro
Hi Flo,
On 12/12/17 3:59 PM, Harald Dunkel via FreeIPA-users wrote:
My concern is, it looks much more restricted than the old root CA
cerificate:
# certutil -L -d /var/lib/pki/pki-tomcat/ca/alias
Certificate Nickname Trust Attributes
On 28.11.2017 22:58, Peter Fern via FreeIPA-users wrote:
> On 23/11/17 05:34, David Harvey via FreeIPA-users wrote:
>> Not sure why tomcat is more resilient when launched as root, but the
>> pki seems to work ok at issuing certs after the above and a reboot for
>> good measure.
>
> This sounds lik
I have it working in the meantime, but I'm not sure why: I had a
suspicion this was perhaps related to
https://bugzilla.redhat.com/show_bug.cgi?id=1488629 and decided to
downgrade gssproxy to 0.4.1, hoping this would resolve the issue. But it
didn't. So I upgraded both ends to gssproxy-0.7.0-4