On 07/22/2016 05:08 AM, Devin Acosta wrote:
I have just installed a newly created FreeIPA server running CentOS 7.2.
I have a (wildcard) SSL Certificate that I want to use for the FreeIPA
Web Management GUI. I tried to follow the directions listed here at the
URL
of https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
however when I run those steps I get the error message:
ipa-server-certinstall -w -d star.linuxstack.cloud.key
star.linuxstack.cloud.crt
Directory Manager password:
Enter private key unlock password:
org.fedorahosted.certmonger.duplicate: Certificate at same location is
already used by request with nickname "20160722021526".
Any ideas? It seems like I need to somehow just get the one installed by
default replaced. I don't see any information on how to just replace it?
Hi Devin,
you may be hitting issue 4785 [1]. When ipa-server-certinstall is run,
it does not stop tracking the previous server certificate and fails to
start tracking the new cert.
As a side note, with -w -d you are replacing both the directory server
certificate and the Web Management GUI certificate. If you only want to
replace the web cert, you can drop the -d option.
Flo.
[1] https://fedorahosted.org/freeipa/ticket/4785
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
