[Freeipa-users] Certificate renewal issues for dogtag GUI (9443/9444/9445 ports)
Thibaut Pouzet
thibaut.pouzet at lyra-network.com
Tue Jun 9 14:28:05 UTC 2015
Le 09/06/2015 15:50, Rob Crittenden a écrit :
> Thibaut Pouzet wrote:
>> Le 05/06/2015 22:19, Endi Sukma Dewata a écrit :
>>> Is this still a problem? Per discussion with Rob it doesn't seem to be
>>> an issue with Dogtag itself.
>>>
>>> I suppose you are following this instruction:
>>> http://www.freeipa.org/page/Howto/CA_Certificate_Renewal
>>>
>>> Could you post the full getcert list output? Also after you reset the
>>> clock back and try the renewal again could you post the error messages
>>> that you get?
>>>
>>> Hopefully the IPA team will be able to troubleshoot further. Thanks.
>>>
>>
>> Hi Endi,
>>
>> Indeed, this is still a problem for this server. I did not had any new
>> idea on how to troubleshoot this issue unfortunately... Here is what you
>> asked :
>>
>> With ntp running, date is now :
>>
>> $ sudo getcert list -c dogtag-ipa-renew-agent
>
> Thanks for including the full output. Are you restarting IPA when
> setting the date back? If not, you need to.
>
> rob
Hi,
Restarting IPA or not do not change anything : no logs, same error in
getcert list
Cheers,
--
Thibaut Pouzet
Lyra Network
Ingénieur Systèmes et Réseaux
(+33) 5 31 22 40 08
www.lyra-network.com
More information about the Freeipa-users
mailing list