[Freeipa-devel] [freeipa PR#526][comment] server install: properly handle PKINIT-related options
HonzaCholasta
freeipa-github-notification at redhat.com
Wed Mar 1 12:20:32 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/526
Title: #526: server install: properly handle PKINIT-related options
HonzaCholasta commented:
"""
This is what you currently get in CA-less install:
```
# getcert list
Number of certificates and requests being tracked: 1.
Request ID '20170301121440':
status: CA_UNREACHABLE
ca-error: Server at https://vm-226.abc.idm.lab.eng.brq.redhat.com/ipa/xml failed request, will retry: -504 (libcurl failed to execute the HTTP POST transaction, explaining: Failed to connect to vm-226.abc.idm.lab.eng.brq.redhat.com port 443: Connection refused).
stuck: no
key pair storage: type=FILE,location='/var/kerberos/krb5kdc/kdc.key'
certificate: type=FILE,location='/var/kerberos/krb5kdc/kdc.crt'
CA: IPA
issuer:
subject:
expires: unknown
pre-save command:
post-save command:
track: yes
auto-renew: yes
# ls /var/kerberos/krb5kdc/kdc.crt
ls: cannot access '/var/kerberos/krb5kdc/kdc.crt': No such file or directory
```
"""
See the full comment at https://github.com/freeipa/freeipa/pull/526#issuecomment-283325910
More information about the Freeipa-devel
mailing list