[Freeipa-users] certmonger question
Martin Kosek
mkosek at redhat.com
Tue Nov 11 15:24:11 UTC 2014
On 11/11/2014 02:47 PM, Natxo Asenjo wrote:
> hi,
>
> On Tue, Nov 11, 2014 at 2:13 PM, Martin Kosek <mkosek at redhat.com> wrote:
>
>> I meant IPA server running on RHEL/CentOS 6.5 or older... This is the one that
>> can regenerate CAcert entry without double encoding.
>
> ok.
>
> So I removed the cacert object and ran
>
> ipa-ldap-updater --upgrade --ldapi
>
> (it does not know the --quiet switch in this version). And now in he
> apache directory studio I see the value of the attribue is X509v3:
> CN=Certificate Authority, O=DOMAIN.TLD
Ah, looks good.
> So that's fixed. But certmonger on the client still gives me the same errror
>
> Could I send you the full log of certmonger privately (1.1M)?
Sure. Though Nalin (CCed) would be better candidate as he is knowledgeable
about certmonger internals.
Martin
More information about the Freeipa-users
mailing list