[Freeipa-users] ipa-getcert Problem ?
Günther J. Niederwimmer
gjn at gjn.priv.at
Tue Apr 14 18:18:38 UTC 2015
Hello
I mean I have a Problem with the ipa-getcert script.
system CentOS 7 (1503) and IPA 4.1.x
can any help or declare my mistake or is this a IPA Problem
I do a
kinit admin
ipa-getcert request -d /etc/pki/nssdb -n Server-Cert -K HOST/xxx.4gjn.prv -N
'CN=xxx.4gjn.prv,O=$4GJN.PRV'
and have afterward with
ipa-getcert list
Number of certificates and requests being tracked: 1.
Request ID '20150414172251':
status: CA_REJECTED
ca-error: Server at https://ipa.4gjn.prv/ipa/xml denied our request,
giving up: 2100 (RPC failed at server. Insufficient access: Insufficient 'add'
privilege to add the entry
'krbprincipalname=HOST/xxx.4gjn.prv at 4GJN.PRV,cn=services,cn=accounts,dc=4gjn,dc=prv'.).
stuck: yes
key pair storage:
type=NSSDB,location='/etc/pki/nssdb',nickname='Server-Cert',token='NSS
Certificate DB'
certificate: type=NSSDB,location='/etc/pki/nssdb',nickname='Server-
Cert'
CA: IPA
issuer:
subject:
expires: unknown
pre-save command:
post-save command:
track: yes
auto-renew: yes
ipa-getcert status
process 4731: arguments to dbus_message_new_method_call() were incorrect,
assertion "path != NULL" failed in file dbus-message.c line 1262.
This is normally a bug in some application using the D-Bus library.
D-Bus not built with -rdynamic so unable to print a backtrace
Abgebrochen (Speicherabzug geschrieben)
what is wrong ?
--
mit freundlichen Grüßen / best regards,
Günther J. Niederwimmer
More information about the Freeipa-users
mailing list