u
compare the content of the certificate field in
uid=pkidbuser,ou=people,o=ipaca and the blob that can be seen with:
certutil -L -d /etc/pki/pki-tomcat/alias -n 'subsystemCert cert-pki-ca' -a
This one is often the culprit, linked to SElinux issues. By the way, did
you check if t
m]
Gesendet: Dienstag, 30. Januar 2018 14:05
An: FreeIPA users list
Cc: Husemann, Harald
Betreff: Re: [Freeipa-users] Re: Howto renew certificates with external CA?
On 01/24/2018 07:35 PM, Harald.Husemann--- via FreeIPA-users wrote:
> Hello Flo,
>
> thanks for your answer, and for the expl
Hello Flo,
thanks for your answer, and for the explanation of the certutil output. I have
tried your suggestion, first with sudo:
hhuseman@mat-ipa-master-1:~$ sudo kinit -kt /etc/krb5.keytab
[sudo] password for hhuseman:
Sorry, try again.
[sudo] password for hhuseman:
Sorry, try again.
[sudo] pa