[Freeipa-users] Installing a new Cert
Chris Whittle
cwhittl at gmail.com
Mon Aug 25 11:24:30 UTC 2014
I have 4 installed and I get it when I try to generate the pk12
On Aug 25, 2014 3:50 AM, "Jan Cholasta" <jcholast at redhat.com> wrote:
> Hi,
>
> Dne 25.8.2014 v 03:04 Chris Whittle napsal(a):
>
>> Trying to do this
>> http://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
>>
>> And I keep getting "Error unable to get local issuer certificate getting
>> chain."
>>
>
> Where are you getting this error? ipa-server-certinstall, or httpd, or
> somewhere else?
>
> What version of ipa do you have installed?
>
>
>> I'm wondering if it's because of this from the doc
>> "The certificate in mysite.crt must be signed by the CA used when
>> installing FreeIPA."
>> but it might not either...
>>
>
> In this case you should get a "file.p12 is not signed by /etc/ipa/ca.crt,
> or the full certificate chain is not present in the PKCS#12 file" error in
> ipa-server-certinstall.
>
>
>> Any ideas?
>>
>>
>>
> Honza
>
> --
> Jan Cholasta
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140825/154ff3a2/attachment.htm>
More information about the Freeipa-users
mailing list