Hi Team,
I have a vulnerability on port 8443 reported by Nessus scanner
I have third-party certificate already installed at LDAP and Apache services
I have root and intermediate certificate also installed on pki-tomcat service
as shown below
The certificate "caSigningCert cert-pki-ca" which
est failed: Invalid certificate Server-Cert cert-pki-ca:
NotBefore: Mon Apr 01 03:41:49 CST 2024
CAUTION. This email originated from outside the organization. Please exercise
caution before clicking on links or attachments in case of suspicion or unknown
senders.
Polavarapu Manideep Sai v
Hi Team,
Any one faced this issue during replica installation
I have third party SSL certificate installed on master server
IPA Version:
[root@dir02-mex ~]# ipa --version
VERSION: 4.10.2, API_VERSION: 2.252
Certificate Expiry:
[root@dir02-mex ~]# certutil -L -d /etc/pki/pki-tomcat/alias/
Hi Team,
Seeking an advice on migrating freeipa environment from centos 7 to Almalinux 9
Consider there are 4 servers 1 as IPA master and rest are replicas
1. master.ipa.example.com [centos 7.9 IPA 4.6.8]
2. Replica1.ipa.example.com [centos 7.9 IPA 4.6.8]
3. Replica2.ipa.example.com
Hi All,
Can ipa client installation/integration possible with below IPA versions ?
IPA Server:
Redhat7.X and IPA 4.6.8
IPA Client:
Redhat6.X and IPA 3.0.0
Regards
Sai
DISCLAIMER: The information in this message is confidential and may be legally
without using
80 port instead only using 443 port
CAUTION. This email originated from outside the organization. Please exercise
caution before clicking on links or attachments in case of suspicion or unknown
senders.
Polavarapu Manideep Sai via FreeIPA-users wrote:
> Hi Team,
>
>
&
Hi Team,
Can we install IPA replica without using 80 port instead only using 443 port?
Is it possible ?
If it is possible how can we achieve this ? [using port forwarding ? or any
configuration changes?]
If it is not possible, why ?
Regards
Sai
DISCLAIMER:
Hi Team,
Krb5kdc and kadmin services not getting started
PFB error logs
As you can see we are getting "Kerberos User Principal not found. Do you have a
valid Credential Cache?" upon getting new keytab
[root@dir ~]# tail -f /var/log/krb5kdc.log
krb5kdc: Server error - while fetching master
or unknown
senders.
Polavarapu Manideep Sai via FreeIPA-users wrote:
> Hi Florence
>
>
>
> I have multiple ipa servers, actually the master server should be a CA
> renewal master, but when I checked now it is not, now CA renewal
> master showing as replica server, the same repl
certificate during
ipa-certupdate.
What version of IPA do you have? If it's reasonably up-to-date you can see what
you have installed using: ipa-cacert-manage list.
rob
>
>
>
>
>
> Regards
>
> Sai
>
>
>
>
>
> *From:*Florence Blanc-Renaud
> *Sent:* 07
complete that should resolve the
ipa-server-certinstall issue.
rob
>
> NO
>
> Regards
> Sai
>
>
>
> -Original Message-
> From: Polavarapu Manideep Sai via FreeIPA-users
> mailto:freeipa-users@lists.fedorahosted.org>>
> Sent: 06 July 2023 22:28
>
you have a single IPA server or
multiple servers? Which one is the CA renewal master?
flo
On Fri, Jul 7, 2023 at 10:02 AM Polavarapu Manideep Sai via FreeIPA-users
mailto:freeipa-users@lists.fedorahosted.org>>
wrote:
Hi Team,
As we checked pki-tomcatd service was stopped, couldn’t po
Hi Team,
As we checked pki-tomcatd service was stopped, couldn't possible to set the
clock back as other certificates will not valid
PFB details, please let us know if more details required on this
As you can see Unable to communicate with CMS (404) when performed ipa
cert-show for the serial
ming the chain they provided is complete that should resolve the
ipa-server-certinstall issue.
rob
>
> NO
>
> Regards
> Sai
>
>
>
> -Original Message-
> From: Polavarapu Manideep Sai via FreeIPA-users
>
> Sent: 06 July 2023 22:28
> To: Rob Crittenden ; Free
└── gdig2.crt.pem
3. Do you intend on replacing the server certificate for the CA as well? If so,
why?
NO
Regards
Sai
-Original Message-----
From: Polavarapu Manideep Sai via FreeIPA-users
Sent: 06 July 2023 22:28
To: Rob Crittenden ; FreeIPA users list
Cc: Polavarapu Manideep Sa
the organization. Please exercise
caution before clicking on links or attachments in case of suspicion or unknown
senders.
Polavarapu Manideep Sai via FreeIPA-users wrote:
> Hi Team,
>
>
>
> I have generated central.csr and central.key in my ipa server and
> shared this central.
Hi Team,
I have generated central.csr and central.key in my ipa server and shared this
central.csr to third-party certificate authority and i got certificates from
certificate authority with two directories one as apache directory and it's
certificates are 1f1f7ab616938168.crt,
HI Team,
I have a query
I have two replica servers which are replicating with master server
Replica1[Old]-hostname1.com --- 10 client nodes integrated at Replica1
Replica2[New]-hostname2.com --- No client nodes integrated at Replica2
Now I want to remove Replica1, which is having issues
in case of suspicion or unknown
senders.
Hi,
On Sat, Oct 29, 2022 at 3:53 PM Polavarapu Manideep Sai via FreeIPA-users
mailto:freeipa-users@lists.fedorahosted.org>>
wrote:
Hi Team,
We need your help or support
I have a master IPA server and 2 Replica IPA Servers, i want to install third
part
gt;
Subject: Re: [Freeipa-users] Installing Third-Party Certificates-Help
CAUTION. This email originated from outside the organization. Please exercise
caution before clicking on links or attachments in case of suspicion or unknown
senders.
Hi,
On Sat, Oct 29, 2022 at 3:53 PM Polavarapu Manidee
ertificates-Help
CAUTION. This email originated from outside the organization. Please exercise
caution before clicking on links or attachments in case of suspicion or unknown
senders.
Hi,
On Sat, Oct 29, 2022 at 3:53 PM Polavarapu Manideep Sai via FreeIPA-users
mailto:freeipa-users@lists
Can you please anyone suggest on this
From: Polavarapu Manideep Sai via FreeIPA-users
Sent: 29 October 2022 19:23
To: FreeIPA users list
Cc: Polavarapu Manideep Sai
Subject: [Freeipa-users] Installing Third-Party Certificates-Help
CAUTION. This email originated from outside
Hi Team,
We need your help or support
I have a master IPA server and 2 Replica IPA Servers, i want to install third
party certificates in my setup
a. master.ipa.example.com
b. replica1.ipa.example.com
c. replica2.ipa.example.com
1. Generated new CSR/wildcard certificate on master IPA server
page and run the tool on the replica.
HTH,
flo
On Mon, Oct 3, 2022 at 4:59 PM Polavarapu Manideep Sai via FreeIPA-users
mailto:freeipa-users@lists.fedorahosted.org>>
wrote:
Hi Rob,
As I rechecked one of the certificate i.e. "Server-Cert cert-pki-ca" found and
it was expir
eeipa-users] Help ipa-server-upgrade command failed,
>> exception: NetworkError: cannot connect to
>> https://hostname.ipa.example.com:8443/ca/rest/account/login [SSL:
>> CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)
>>
>>
>> CAUTION. Thi
from outside the organization. Please exercise
> caution before clicking on links or attachments in case of suspicion or
> unknown senders.
>
>
>
>
> Polavarapu Manideep Sai via FreeIPA-users wrote:
>> Hi Team,
>>
>>
>>
>> Facing below error while upgradi
before clicking on links or attachments in case of suspicion or unknown
senders.
Polavarapu Manideep Sai via FreeIPA-users wrote:
> Hi Team,
>
>
>
> Facing below error while upgrading the IPA server using
> ipa-server-upgrade command
>
>
>
> Please let us know the
Hi Team,
Facing below error while upgrading the IPA server using ipa-server-upgrade
command
Please let us know the fix if any , let us know if any more details required on
the same
ipa-server-upgrade command failed, exception: NetworkError: cannot connect to
invalid certificate in IPA master server
On Tue, Aug 30, 2022 at 8:09 PM Polavarapu Manideep Sai via FreeIPA-users
mailto:freeipa-users@lists.fedorahosted.org>>
wrote:
Hi Rob,
Can you please help me on this
Regards
ManideepSai
-Original Message-
From: Rob Crittenden mailto:rcri
master server while installing IPA replica and
installation fails
CAUTION. This email originated from outside the organization. Please exercise
caution before clicking on links or attachments in case of suspicion or unknown
senders.
Polavarapu Manideep Sai via FreeIPA-users wrote:
>
Hi Team,
Need help from freeipa,
Free IPA Replica server retrieving two certificates from the IPA master server
while installing IPA replica and installation fails
please check the below issue and let us know the fix and please let us know if
any more details required
Master server: aaa01
31 matches
Mail list logo