[Freeipa-users] Could not find cert: Signing-Cert : File not found
Linov Suresh
linov.suresh at gmail.com
Mon Jul 25 22:17:32 UTC 2016
We were not sure that Signing-Cert required for LDAP/Apache certificates
renewal. Thank you very much for your update Rob. We are going to renew the
certificates without Signing-Cert.
On Mon, Jul 25, 2016 at 6:08 PM, Rob Crittenden <rcritten at redhat.com> wrote:
> Linov Suresh wrote:
>
>> We are using CentOS 6.4/FreeIPA 3.0.0
>>
>> LDAP/Apache certificates were expired and when we tried to renew, we
>> found Signing-Cert is missing.
>>
>> # certutil -L -d /etc/httpd/alias -n Signing-Cert certutil: Could not
>> find cert: Signing-Cert : File not found
>>
>> How do we recreate Signing-Cert certificate? We use master-master
>> replica. Please help.
>>
>>
>>
> Only the initial master got a signing cert IIRC. It was used to sign the
> Firefox configuration jar. Are you using this? Recent versions of Firefox
> don't allow this kind of signed jar anymore and it has been dropped
> upstream.
>
> Are you just trying to be thorough or is this causing some real problem?
>
> rob
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160725/84662c2c/attachment.htm>
More information about the Freeipa-users
mailing list