[Freeipa-users] cannot access keys in /var/lib/pki-ca/alias
Rob Crittenden
rcritten at redhat.com
Wed Mar 16 19:38:47 UTC 2016
Stephen Ingram wrote:
> I've run into a problem on a v3 IPA where several certificates did not
> renew automatically with certmonger. I'm now, of course stuck and trying
> to renew the certificates manually. I've managed to renew the WebUI
> cert, and now onto the pki-ca certificate in the /var/lib/pki-ca/alias
> NSS store. I'm trying to renew the Server-Cert there but can't because I
> don't seem to have the correct password. I'm trying to use the same
> password as in /etc/httpd/alias/pwdfile.txt, but it's not working. Does
> this store for the CA use a different password?
I think it's best to step back and find out what you've already done.
What does getcert list show (and be sure to remove any embedded PIN info)?
rob
More information about the Freeipa-users
mailing list