[Freeipa-users] Certificate operation cannot be completed: Unable to communicate with CMS (Not Found)
Rob Crittenden
rcritten at redhat.com
Thu May 21 13:33:01 UTC 2015
Sanju A wrote:
> Dear Rob,
>
> Please find the result of getcert list.
>
> Request ID '20140430124456':
> status: MONITORING
> stuck: no
> key pair storage:
> type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS
> Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt'
> certificate:
> type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS
> Certificate DB'
> CA: IPA
> issuer: CN=Certificate Authority,O=EXAMPLE.COM
> subject: CN=ipa.tcs-mobility.com,O=EXAMPLE.COM
> expires: 2016-04-30 12:44:55 UTC
> key usage:
> digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
> eku: id-kp-serverAuth,id-kp-clientAuth
> pre-save command:
> post-save command:
> track: yes
> auto-renew: yes
You need to run getcert list on the IPA master running the CA that can't
be contacted, not the host you're trying to delete.
rob
>
>
> Regards
> Sanju Abraham
>
>
>
>
> From: Rob Crittenden <rcritten at redhat.com>
> To: Sanju A <sanju.a at tcs.com>, freeipa-users at redhat.com
> Date: 20-05-2015 19:04
> Subject: Re: [Freeipa-users] Certificate operation cannot be completed:
> Unable to communicate with CMS (Not Found)
> ------------------------------------------------------------------------
>
>
>
> Sanju A wrote:
> > Hi,
> >
> > I am getting the following error while removing a host.
> >
> > ---------------------------------------
> > Certificate operation cannot be completed: Unable to communicate with
> > CMS (Not Found)
> > ---------------------------------------
>
> This usually means that the CA is not serving requestss. It may be up
> and running but that doesn't mean the webapp is working.
>
> This is often due to expired CA subsystem certificates. Run getcert list
> to check.
>
> rob
>
>
> =====-----=====-----=====
> Notice: The information contained in this e-mail
> message and/or attachments to it may contain
> confidential or privileged information. If you are
> not the intended recipient, any dissemination, use,
> review, distribution, printing or copying of the
> information contained in this e-mail message
> and/or attachments to it are strictly prohibited. If
> you have received this communication in error,
> please notify us by reply e-mail or telephone and
> immediately and permanently delete the message
> and any attachments. Thank you
>
More information about the Freeipa-users
mailing list