Yes the cert is correct. The userCertificate field matches the output of
"certutil -L -d /etc/httpd/alias/ -n ipaCert -a" with the header and footer
removed, and the serial number matches as well albeit in decimal instead of
hex.
# ipara, people, ipaca
dn: uid=ipara,ou=people,o=ipaca
description:
On 03/23/2016 03:50 PM, Sam James wrote:
Hello everyone,
I've been banging my head against the wall for a few days now trying to resolve
an issue with PKI and I'm hoping I might get some help. First some context.
About a week ago I was alerted that all of our replicas were offline due to
pki-t