[Freeipa-users] certmonger + dogtag, bad parsing of returned certificate
Martin Kosek
mkosek at redhat.com
Tue May 19 13:27:08 UTC 2015
On 05/19/2015 12:34 PM, marcin kowalski wrote:
> Hi, all. I am trying to integrate certmonger with dogtag instance, and so
> far i've stumbled on one odd problem. Hopefully this is the right list.
>
>
> I've generated some random cert with getcert request, it has communicated
> with dogtag, and i approved it there.
>
> However, when certmonger retrieves it, it cannot save it to disk (
> NEED_TO_NOTIFY_ISSUED_SAVE_FAILED )
>
> Upon inspection of certmonger's request file (in
> /var/lib/certmonger/requests ), it turns out that there is an extra empty
> line before end certificate marker line. There is no such line when
> looking at the cert in dogtag web interface.
>
> Is there some method/hook i could use to post process such request files to
> fix them up?
>
> Currently i have to stop certmonger, remove the unnecessary blank line and
> restart it. Then it manages to save the cert to disk and starts tracking it
> correctly.
CCing Nalin here. What is the your environment and versions of the
FreeIPA/Dogtag packages you are using?
Seeing your description, it looks you are following some own way - Certmonger
for FreeIPA clients do not need any confirmation on Dogtag side, it is approved
automatically. It looks like you are using Dogtag UI directly and not the
FreeIPA integration.
More information about the Freeipa-users
mailing list