Satish Patel via FreeIPA-users wrote: > Few days ago my Master CA was messed up and getcert list was showing > empty list (no cert to track) > > So i run following command to add certs manually: > > getcert start-tracking -d /etc/pki/pki-tomcat/alias -n > 'ocspSigningCert cert-pki-ca' -P XXXXXXX > getcert start-tracking -d /etc/pki/pki-tomcat/alias -n > 'auditSigningCert cert-pki-ca' -P XXXXXXX > getcert start-tracking -d /etc/pki/pki-tomcat/alias -n 'subsystemCert > cert-pki-ca' -P XXXXXXX > getcert start-tracking -d /etc/pki/pki-tomcat/alias -n 'Godaddy' -P XXXXXXX > getcert start-tracking -d /etc/pki/pki-tomcat/alias -n 'Godaddy > Intermediate' -P XXXXXXX > > And after that i am seeing this status (status: NEED_CA ) it should > be MONITORING right? > > # getcert list > Number of certificates and requests being tracked: 12.
You setup the tracking wrong. Your output only shows 3 certs and yet certmonger thinks it has 12. Where are the other 9? rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
