Re: [Freeipa-users] can't register new clients

Ok, Thank you for the information. During the restore i ran into https://fedorahosted.org/freeipa/ticket/4726 and sudo -u apache kdestroy fixed it. I think there was also something else minor that i was able to fix by running a command differently. I had two clients that I HAD to get online due

Re: [Freeipa-users] can't register new clients

On 12/09/2014 03:57 PM, Megan . wrote: > This is happening with all new clients. I had to rebuild the LDAP > server onto new hardware and the network team put us on a new VLAN. > so my physical server and IP changed. I was previously able to > register clients, but after all of the changes, i can

Re: [Freeipa-users] can't register new clients

This is happening with all new clients. I had to rebuild the LDAP server onto new hardware and the network team put us on a new VLAN. so my physical server and IP changed. I was previously able to register clients, but after all of the changes, i can no longer register them. At this point i'm no

Re: [Freeipa-users] can't register new clients

Megan . wrote: > Everything looks ok. > > Our Networks team only opened 443 from the client to the server. is > 80 required to be open too for registration? 80 is a lot harder for > me to request on our network. > > I think I might have found the issue. Maybe it can't verify the CA > because i

Re: [Freeipa-users] can't register new clients

Everything looks ok. Our Networks team only opened 443 from the client to the server. is 80 required to be open too for registration? 80 is a lot harder for me to request on our network. I think I might have found the issue. Maybe it can't verify the CA because its pointing to port 80, and 80

Re: [Freeipa-users] can't register new clients

On 12/08/2014 08:00 PM, Megan . wrote: > I looked through the logs on the server and i see the below error in > the apache error log when i try to register a client: > > [Mon Dec 08 12:20:38 2014] [error] SSL Library Error: -12195 Peer does > not recognize and trust the CA that issued your certifi

Re: [Freeipa-users] can't register new clients

I looked through the logs on the server and i see the below error in the apache error log when i try to register a client: [Mon Dec 08 12:20:38 2014] [error] SSL Library Error: -12195 Peer does not recognize and trust the CA that issued your certificate I ran ipa-getcert list and everything seem

Re: [Freeipa-users] can't register new clients

It failed again. [root@cache2-uat ~]# certutil -L -d sql:/etc/pki/nssdb Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI [root@cache2-uat ~]# Not sure if its related, but on the director

Re: [Freeipa-users] can't register new clients

Megan . wrote: > Sorry for being unclear. It still fails. Same error. Hmm, strange. Try being explicit about sql: # certutil -L -d sql:/etc/pki/nssdb And if there is a CA cert there, delete it. rob > > On Dec 5, 2014 4:39 PM, "Rob Crittenden" > wrote: > > Me

Re: [Freeipa-users] can't register new clients

Rob Crittenden wrote: > Megan . wrote: >> Good Day! >> >> I am getting an error when i register new clients. >> >> libcurl failed to execute the HTTP POST transaction. SSL connect error >> >> I can't find anything useful not the internet about the error. Can >> someone help me troubleshoot? >> >>

Re: [Freeipa-users] can't register new clients

Megan . wrote: > Good Day! > > I am getting an error when i register new clients. > > libcurl failed to execute the HTTP POST transaction. SSL connect error > > I can't find anything useful not the internet about the error. Can > someone help me troubleshoot? > > CentOS 6.6 x64 > ipa-client-