[Freeipa-users] Installing a new Cert
Jan Cholasta
jcholast at redhat.com
Mon Aug 25 08:52:06 UTC 2014
Hi,
Dne 25.8.2014 v 03:04 Chris Whittle napsal(a):
> Trying to do this
> http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
>
> And I keep getting "Error unable to get local issuer certificate getting
> chain."
Where are you getting this error? ipa-server-certinstall, or httpd, or
somewhere else?
What version of ipa do you have installed?
>
> I'm wondering if it's because of this from the doc
> "The certificate in mysite.crt must be signed by the CA used when
> installing FreeIPA."
> but it might not either...
In this case you should get a "file.p12 is not signed by
/etc/ipa/ca.crt, or the full certificate chain is not present in the
PKCS#12 file" error in ipa-server-certinstall.
>
> Any ideas?
>
>
Honza
--
Jan Cholasta
More information about the Freeipa-users
mailing list