Ipa server: rhel7.2,  ipa ping ="IPA server version 4.2.0. API version 2.156"

In order to use ldap through load balancer, I added an alternative dns name to 
ipa server certificate.
ipa-getcert resubmit -i <id>  -D newname.differentdomaine.net

It all seemed well, the extra name was entered into the certificate, expiration 
day 2018-04-27 12:20:55 UTC.
and I can access ldaps through the load balancer.

But in /var/log/dirsrv/slapd-*/acces I see a lot of  "SSL peer cannot verify 
your certificate"  and cert operations
are gone:

idm1:~$ ipa cert-find
ipa: ERROR: Certificate operation cannot be completed: Unable to communicate 
with CMS (Internal Server Error)

Anybody have an idea of what I missed?





Venlig hilsen


Bjarne Blichfeldt


Infrastructure Services



Direkte +4563636119


Mobile +4521593270


b...@jndata.dk

[cid:image002.png@01D19FD4.9D73F340]

JN Data A/S

*

Havsteensvej 4

*

4000 Roskilde


Telefon 63 63 63 63/ Fax 63 63 63 64


www.jndata.dk


[cid:image004.png@01D19FD4.9D73F340]
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to