Hi Daniel,
Oh wow, you might be right!
I just checked the CA cert and the signed IPA cert, and openssl shows:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha1WithRSAEncryption
Now that we know what the problem most likely is, we'll
Hi Martin,
I think I ran into the same problem. Do you know which signing algorithm
your external CA used? In my case the external CA is on Server 2003 which
only allowed SHA1 but IPA 3.3.3 seems to require SHA256.
I was not able to get my CA to use SHA256 so I applied the diff from the
commit
