[Freeipa-users] ipa-cert-agent, Object Signing Cert certificate renewal
realstarhealer
realstarhealer at hotmail.com
Wed Aug 17 15:10:47 UTC 2016
Hi,
I am in charge for a freeipa 4.1.0.18.el7 server with ldap backend and noticed some expired certificates recently. Most of them but 2 are auto-renewing by certmonger as I checked. All of them are self signed.
"CN=ipa-ca-agent" and "CN=Object Signing Cert" are not subscribed by certmonger, ipa-ca-agent expired some days ago and has not been renewed. Second one expires soon. No consequences noticed so far.
Can you tell me what they both are for and - if needed - how I should renew that separately? Preferable with certmonger. An Output how the tracking config should look like would be nice.
Thanks a lot. Vitali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160817/dbb28b23/attachment.htm>
More information about the Freeipa-users
mailing list