[Freeipa-users] External CA: Peer's certificate issuer has been marked as not trusted by the user
Matt .
yamakasi.014 at gmail.com
Sun Oct 2 08:16:37 UTC 2016
Hi,
No-one has any idea here ? My Root Cert is installed OK.
# certutil -d /etc/pki/pki-tomcat/alias/ -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
ocspSigningCert cert-pki-ca u,u,u
subsystemCert cert-pki-ca u,u,u
COMODOExternalCARoot C,C,C
COMODORSADomainValidationSecureServerCA C,C,C
Server-Cert cert-pki-ca u,u,u
auditSigningCert cert-pki-ca u,u,Pu
caSigningCert cert-pki-ca CTu,Cu,Cu
COMODORSAAddTrustCA C,C,C
I hope this helps.
Cheers,
Matt
2016-10-01 17:04 GMT+02:00 Matt . <yamakasi.014 at gmail.com>:
> Hi guys,
>
> I have installed successfully an external CA Certificate for
> https/LDAP but now I get this on my ipa-commands:
>
> ipa domainlevel-get
>
> ipa: ERROR: cert validation failed for
> "CN=*.mysubdomain.ipa.mydomain.tld,OU=PositiveSSL Wildcard,OU=Domain
> Control Validated" ((SEC_ERROR_UNTRUSTED_ISSUER) Peer's certificate
> issuer has been marked as not trusted by the user.)
>
> What can cause this ?
>
> I'm on FreeIPA, version: 4.4.1
>
> I hope we can sort this out.
>
> Thanks,
>
> Matt
More information about the Freeipa-users
mailing list