[Freeipa-users] Expired Certs on 3.0.0 IPA host
John Williams
john.1209 at yahoo.com
Wed Apr 8 18:59:19 UTC 2015
I'm looking at the following link for recovering expired certificates on FreeeIPA 3.0.0:
https://www.freeipa.org/page/Howto/CA_Certificate_Renewal
Problem is when Iook inside my /etc/pki-ca/CS.cfg file for a subsystemCert I do not find one. I see the other three:
auditSigningCert cert-pki-ca => updatedocspSigningCert cert-pki-ca => updatedServer-Cert cert-pki-ca => no cert heresubsystemCert cert-pki-ca => updated
Has anyone ever run across this? Any suggestions or hints would be appreciated. If I role the clock back on my system I can login to IPA, but if the time is updated, I cannot login.
Please help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150408/7a0244f8/attachment.htm>
More information about the Freeipa-users
mailing list