[Freeipa-users] 3rd party Certificate install
Florence Blanc-Renaud
flo at redhat.com
Tue Sep 13 14:03:06 UTC 2016
Hi,
ipa-cacert-manage must be run as root but does not require any Kerberos
ticket.
You can run the following command to check your directory manager password:
/usr/bin/ldapsearch -h localhost -p 389 -D "cn=directory manager" -w
'#-!???<<<<<<' -b "" -s base
If the password is wrong, you will get an output like this one:
ldap_bind: Invalid credentials (49)
Otherwise it means that your DM password is OK.
HTH,
Flo.
On 09/13/2016 01:57 PM, Günther J. Niederwimmer wrote:
> Hello,
>
> FreeIPA 4.3.1
>
> I like to install my new Startcom Cert and have a Problem with the access ?
>
> I search and found this
>
> ipa-cacert-manage -p '#-!???<<<<<<' -n STARTCOM-ROOT -t C,, install
> 1_root_bundle.crt
>
> but I become this
> Insufficient access: Invalid credentials
> The ipa-cacert-manage command failed.
>
> Can I test the "DM" Password with a other command or is this a Problem with
> ipa-cacert-manage?
>
> I test it with "kinit admin" and without ?
>
> or is this a Problem with the Password when I write this
> ipa-cacert-manage -p #-!???<<<<<< -n STARTCOM-ROOT -t C,, install
> 1_root_bundle.crt
>
> I have this answer
>
> ipa-cacert-manage: error: -p option requires an argument
>
> Thanks for a answer,
>
More information about the Freeipa-users
mailing list