One option is to manually update your root certs on cent6.
Install the ca-certificates package: yum install ca-certificates Enable the dynamic CA configuration feature: update-ca-trust force-enable Add it as a new file to /etc/pki/ca-trust/source/anchors/: cp foo.crt /etc/pki/ca-trust/source/anchors/ Use command: update-ca-trust extract Get the root certs here: https://www.quovadisglobal.com/QVRepository/DownloadRootsAndCRL.aspx - Jake ----- Original Message ----- From: "freeipa-users" <freeipa-users@lists.fedorahosted.org> To: "freeipa-users" <freeipa-users@lists.fedorahosted.org> Cc: "Per Qvindesland" <p...@me.com> Sent: Saturday, July 29, 2017 6:10:09 AM Subject: [Freeipa-users]Custom certificate Hi All I installed a custom signed certificate from quovadis, the install on the ipa server wen’t fine but when I try to add a client (centos 6) it gives error: LDAP Error: Connect error: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user. The standard google searching doesn’t give any answers from what I can see. Is there any workaround for this? Regards Per _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org