Hi, Let me know how I can assist. In the meantime could I setup a replica using a different certificate? Self signed or anything like that?
Regards, D 2015-04-17 15:27 GMT+02:00 Jan Cholasta <jchol...@redhat.com>: > Hi, > > I don't have any new information. I'm trying to reproduce the problem but > had no luck so far. > > Honza > > Dne 17.4.2015 v 15:23 David Dejaeghere napsal(a): > >> Hi, >> >> Any more things I can try out? How do we proceed? >> >> Kind Regards, >> >> D >> >> 2015-04-15 11:48 GMT+02:00 David Dejaeghere <david.dejaegh...@gmail.com >> <mailto:david.dejaegh...@gmail.com>>: >> >> Hi Honza, >> >> That gave me the exact same output. Any ideas? >> >> Regards, >> >> D >> >> 2015-04-15 7:33 GMT+02:00 Jan Cholasta <jchol...@redhat.com >> <mailto:jchol...@redhat.com>>: >> >> Hi, >> >> Dne 14.4.2015 v 19:47 Rob Crittenden napsal(a): >> >> David Dejaeghere wrote: >> >> Hi Rob, >> >> So you want to output of the command using pk12 with >> server cert and >> key? or with the ca chain in there too? >> >> >> Oddly enough it is failing in exactly the same place. Those >> GoDaddy CA >> certs are still being loaded from somewhere, I'm not sure >> where, and I >> suspect that is the source of the problem. >> >> >> They are in the default CA certificate bundle (in the >> ca-certificate package). I guess NSS loads it automatically. >> >> >> I'm going to forward the log to a colleague who has worked >> on this code >> more recently than I have. Maybe he will have an idea. >> >> >> Could you try if the following works? >> >> # mv /usr/share/pki/ca-trust-__source/ca-bundle.trust.crt >> /root/ca-bundle.trust.crt >> >> # update-ca-trust >> >> # ipa-replica-prepare ... >> >> # mv /root/ca-bundle.trust.crt >> /usr/share/pki/ca-trust-__source/ca-bundle.trust.crt >> >> # update-ca-trust >> >> >> rob >> >> >> Honza >> >> -- >> Jan Cholasta >> >> >> >> > > -- > Jan Cholasta >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project