[Freeipa-users] Globalsign External CA Certificate Import Failure
James Scollard
james.scollard at weather.com
Fri Jan 3 20:31:27 UTC 2014
When attempting to run the second part of the installation with an
external CA (Globalsign) using my signed certificate and CA certificate
chain I get the following;
[root at ldapm6x00 ~]# ipa-server-install
--external_cert_file=/root/ldapm6x00.sun.weather.com.crt
--external_ca_file=/root/sun.weather.com.crt
The log file for this installation can be found in
/var/log/ipaserver-install.log
Directory Manager password:
Subject of the external certificate is not correct (got
CN=*.sun.weather.com,O=The Weather Channel Interactive\,
Inc,L=Atlanta,ST=Georgia,C=US, expected CN=Certificate
Authority,O=SUN.WEATHER.COM).
CN= and O= are correct, so why is IPA refusing to use the certificate?
It appears to be expecting bogus data instead of using the provided
identity. This doesnt appear to be an issue with the certificate,
although I have never installed FreeIPA with a Globalsign certificate.
I did nto see this problem with Network Solutions wildcard certificates
though. Any suggestions would be appreciated.
Thanks.
--
James E. Scollard III
Senior Cloud Systems Architect
c: 615.730.4387
www.weather.com
View my profile on LinkedIn
More information about the Freeipa-users
mailing list