Hi,
it looks like the NSS db for slapd-ABX-com does not contain the full
cert chain. You can run certutil -L -d /etc/dirsv/slapd-ABX-com and
check if there is a certificate for your issuer, and if it has the C,,
flags at least.
For instance, in my setup I am using ca2/server certificate for
Hi
Disclaimer: I'm new on this mailing list but willing to share experience :)
Did you use "ipa-cacert-manage install -t C,," to install your external
CA certificate? This command copies the certificate in
cn=certificates,cn=ipa,cn=etc,dc=xxx
After this, you can use ipa-certupdate which will
Hi :
I renew External CA cert below ...seem server-cert ok.
But ca CERT FAIL..
I ALREADY PASTE ON
/etc/httpd/alias
/etc/dirsrv/slapd-PKI-IPA
/etc/dirsv/slapd-ABX-com
/var/lib/pki-ca/alias 's CA conf
any idea?
ABX-COM...[23/Jun/2016:10:42:32 +0800] - SSL alert:
CERT_VerifyCertificateNow: verify
