[Freeipa-users] mastercrl.bin very old
Natxo Asenjo
natxo.asenjo at gmail.com
Wed Nov 5 20:20:55 UTC 2014
On Wed, Nov 5, 2014 at 7:45 PM, Natxo Asenjo <natxo.asenjo at gmail.com> wrote:
> And I think I found it:
> https://fedorahosted.org/freeipa/ticket/3727
>
>
> permissions of that folder:
>
> $ ls -ld publish/
> drwxr-xr-x. 2 root root 73728 Jun 13 2013 publish/
>
> I just changed them to pkiuser:pkiuser, let's see what the next run does.
and it's fixed (after undoing the change in CS.cfg and re-setting
ca.crl.MasterCRL.enableCRLCache=false
ca.crl.MasterCRL.enableCRLUpdates=false
both to true and reloading pki-cad):
-rw-rw-r--. 1 pkiuser pkiuser 1807 Jun 28 2013 MasterCRL-20130628-210000.der
-rw-rw-r--. 1 pkiuser pkiuser 5278 Nov 5 21:00 MasterCRL-20141105-210000.der
lrwxrwxrwx. 1 pkiuser pkiuser 57 Nov 5 21:00 MasterCRL.bin ->
/var/lib/ipa/pki-ca/publish/MasterCRL-20141105-210000.der
phew
--
Groeten,
natxo
More information about the Freeipa-users
mailing list