subject:"\[Freeipa\-users\] Re\: IPA CA renewal and duplicate CA certs"

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-05-15 Thread Sigbjorn Lie via FreeIPA-users

> On 11 Mar 2020, at 14:29, Rob Crittenden via FreeIPA-users > > wrote: > > Alexander Bokovoy via FreeIPA-users wrote: >> On ke, 11 maalis 2020, Rob Crittenden wrote: >>> Alexander Bokovoy wrote: On ke, 11 maalis 2020, Fraser Tweedale via FreeI

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-11 Thread Rob Crittenden via FreeIPA-users

Alexander Bokovoy via FreeIPA-users wrote: > On ke, 11 maalis 2020, Rob Crittenden wrote: >> Alexander Bokovoy wrote: >>> On ke, 11 maalis 2020, Fraser Tweedale via FreeIPA-users wrote: > Makes me look at this a different way. Perhaps change the certstore to > only return valid CA certs. Th

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-11 Thread Alexander Bokovoy via FreeIPA-users

On ke, 11 maalis 2020, Rob Crittenden wrote: Alexander Bokovoy wrote: On ke, 11 maalis 2020, Fraser Tweedale via FreeIPA-users wrote: Makes me look at this a different way. Perhaps change the certstore to only return valid CA certs. That way they are stored if anyone ever wants them but they wo

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-11 Thread Rob Crittenden via FreeIPA-users

Alexander Bokovoy wrote: > On ke, 11 maalis 2020, Fraser Tweedale via FreeIPA-users wrote: >>> Makes me look at this a different way. Perhaps change the certstore to >>> only return valid CA certs. That way they are stored if anyone ever >>> wants them but they won't get pulled down for ipa-certupd

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-11 Thread François Cami via FreeIPA-users

On Wed, Mar 11, 2020 at 9:12 AM Fraser Tweedale via FreeIPA-users wrote: > > On Wed, Mar 11, 2020 at 09:26:54AM +0200, Alexander Bokovoy wrote: > > On ke, 11 maalis 2020, Fraser Tweedale via FreeIPA-users wrote: > > > > Makes me look at this a different way. Perhaps change the certstore to > > > >

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-11 Thread Fraser Tweedale via FreeIPA-users

On Wed, Mar 11, 2020 at 09:26:54AM +0200, Alexander Bokovoy wrote: > On ke, 11 maalis 2020, Fraser Tweedale via FreeIPA-users wrote: > > > Makes me look at this a different way. Perhaps change the certstore to > > > only return valid CA certs. That way they are stored if anyone ever > > > wants the

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-11 Thread Alexander Bokovoy via FreeIPA-users

On ke, 11 maalis 2020, Fraser Tweedale via FreeIPA-users wrote: Makes me look at this a different way. Perhaps change the certstore to only return valid CA certs. That way they are stored if anyone ever wants them but they won't get pulled down for ipa-certupdate or ipaclilent-install. Or to try

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-10 Thread Fraser Tweedale via FreeIPA-users

On Tue, Mar 10, 2020 at 08:39:39PM -0400, Rob Crittenden wrote: > Fraser Tweedale wrote: > > On Tue, Mar 10, 2020 at 10:25:01AM -0400, Rob Crittenden wrote: > >> Fraser Tweedale via FreeIPA-users wrote: > >>> On Fri, Mar 06, 2020 at 12:48:50PM +0200, Alexander Bokovoy via > >>> FreeIPA-users wrote

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-10 Thread Rob Crittenden via FreeIPA-users

Fraser Tweedale wrote: > On Tue, Mar 10, 2020 at 10:25:01AM -0400, Rob Crittenden wrote: >> Fraser Tweedale via FreeIPA-users wrote: >>> On Fri, Mar 06, 2020 at 12:48:50PM +0200, Alexander Bokovoy via >>> FreeIPA-users wrote: On pe, 06 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: >>

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-10 Thread Fraser Tweedale via FreeIPA-users

On Tue, Mar 10, 2020 at 10:25:01AM -0400, Rob Crittenden wrote: > Fraser Tweedale via FreeIPA-users wrote: > > On Fri, Mar 06, 2020 at 12:48:50PM +0200, Alexander Bokovoy via > > FreeIPA-users wrote: > >> On pe, 06 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: > On 4 Mar 2020, at 14:27,

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-10 Thread Rob Crittenden via FreeIPA-users

Fraser Tweedale via FreeIPA-users wrote: > On Fri, Mar 06, 2020 at 12:48:50PM +0200, Alexander Bokovoy via FreeIPA-users > wrote: >> On pe, 06 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: On 4 Mar 2020, at 14:27, Alexander Bokovoy via FreeIPA-users wrote: On ke, 04 maal

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-08 Thread Fraser Tweedale via FreeIPA-users

On Fri, Mar 06, 2020 at 12:48:50PM +0200, Alexander Bokovoy via FreeIPA-users wrote: > On pe, 06 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: > > > On 4 Mar 2020, at 14:27, Alexander Bokovoy via FreeIPA-users > > > wrote: > > > > > > On ke, 04 maalis 2020, Sigbjorn Lie via FreeIPA-users w

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-06 Thread Alexander Bokovoy via FreeIPA-users

On pe, 06 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: On 4 Mar 2020, at 14:27, Alexander Bokovoy via FreeIPA-users wrote: On ke, 04 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: Hi Alex, Thanks for your prompt response. There are no Debian/Ubuntu systems in our environment. Fro

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-06 Thread Sigbjorn Lie via FreeIPA-users

> On 4 Mar 2020, at 14:27, Alexander Bokovoy via FreeIPA-users > wrote: > > On ke, 04 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: >> Hi Alex, >> >> Thanks for your prompt response. >> >> There are no Debian/Ubuntu systems in our environment. >> >> From your response, is the dual C

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-04 Thread Alexander Bokovoy via FreeIPA-users

On ke, 04 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: Hi Alex, Thanks for your prompt response. There are no Debian/Ubuntu systems in our environment. From your response, is the dual CA cert to be expected / by design? Yes, actually, it is to be expected for any setup with external CA

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-04 Thread Sigbjorn Lie via FreeIPA-users

Hi Alex, Thanks for your prompt response. There are no Debian/Ubuntu systems in our environment. From your response, is the dual CA cert to be expected / by design? I have not verified what certificate every application in our environment ends up utilizing yet, as serving both the old and the

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

2020-03-04 Thread Alexander Bokovoy via FreeIPA-users

On ke, 04 maalis 2020, Sigbjorn Lie via FreeIPA-users wrote: Hi, We recently renewed our IPA CA cert using the "ipa-cacert-manage renew” command. The renewal was successful, and our CA cert no longer expires in 2020, but in 2040. Running “ipa-certupdate” on existing IPA clients and ipa-client-i

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

[Freeipa-users] Re: IPA CA renewal and duplicate CA certs

17 matches

Site Navigation

Mail list logo

Footer information