Blanc-Renaud :
> On 11/29/2016 03:19 PM, David Dejaeghere wrote:
>
>> Can you give me a couple of test commands?
>> I am not familiar with Dogtag.
>>
>> Hi,
>
> To reproduce the issue:
> 1. install IPA server
> 2. On the replica, run ipa-client-in
Can you give me a couple of test commands?
I am not familiar with Dogtag.
Groeten,
David
2016-11-29 14:57 GMT+01:00 David Kupka :
> On 29/11/16 13:55, David Dejaeghere wrote:
>
>> Correct. Same symptoms.
>>
>> 2016-11-29T10:29:42Z DEBUG certmonger request is
64
grub2-1:2.02-0.34.fc24.x86_64
kernel-4.5.5-300.fc24.x86_64
kernel-4.8.8-200.fc24.x86_64
lvm2-2.02.150-2.fc24.x86_64
xfsprogs-4.5.0-2.fc24.x86_64
2016-11-29 13:41 GMT+01:00 Petr Vobornik :
> On 11/29/2016 12:43 PM, David Kupka wrote:
> > On 29/11/16 12:15, David Dejaeghere wrote:
> &
/XPI
CN=something-PAPRIKA-CA,DC=something,DC=localCT,C,C
SOMETHING.BE IPA CA CT,C,C
[root@ns02 ~]# ausearch -m avc -i
2016-11-29 12:09 GMT+01:00 David Kupka :
> On 29/11/16 11:51, David Dejaeghere wrote:
>
>> Hi,
&g
Hi,
I have a setup where i want to add a replica. The first master setup has
an externally signed cert for dirsrv and httpd. The replica is prepapred
succesfully with ipa-client-install but the replica install then keeps
failing. It seems that during install dirserv is not configured correctly
Can somebody help us how to move ahead with this issue?
It seems like nobody is picking this up?
Kind Regards,
David
2016-10-26 13:43 GMT+02:00 David Dejaeghere :
> Does anybody have a clue on how to continue with this?
>
> Kind Regards,
>
> David
>
> 2016-10-24
Does anybody have a clue on how to continue with this?
Kind Regards,
David
2016-10-24 10:10 GMT+02:00 David Dejaeghere :
> These are both the subjects for the old and new root ca cert.
>
> Subject: "CN=tokio-PAPRIKA-CA,DC=tokio,DC=local"
> S
a:2d:25:d5:43:b6:a7:75:a1:ef:58:f9:c9:11:e8:
09:1d
Exponent: 65537 (0x10001)
2016-10-24 5:49 GMT+02:00 Fil Di Noto :
> Hi,
>
> Can you give an example of what's different between the two subjects?
>
> On Sun, Oct 23, 2016 at 9:03 AM, Davi
Does somebody have an idea how to replace our certificates when the new
ROOT ca certificate has a different subject?
The UI is down because of this.
2016-10-19 11:42 GMT+02:00 David Dejaeghere :
> Hello,
>
> When installing FreeIPA we used the CA from our Windows servers.
> This
Hello,
When installing FreeIPA we used the CA from our Windows servers.
This one recently expired and we created a new one. It seems that the new
root CA has another subject name and this seems to be an issue when we want
to install new certs on our FreeIPA hosts.
ipa-cacert-manage install certn
increment is comming from. It is indeed
logrotate.
Kind Regards,
David
2015-09-08 13:16 GMT+02:00 Petr Spacek :
> On 8.9.2015 13:06, Martin Basti wrote:
> >
> >
> > On 09/07/2015 03:00 PM, David Dejaeghere wrote:
> >> Hello,
> >>
> >> I noticed on
Hello,
I noticed on the couple of installs that I am running that my zones have
different soa serial values on both master and replica. I also noticed
that this value is changing without adding or removing a record some time
during the night.
What exactly is changing this and how come these valu
majority of users.
There already is a warning in the UI and IPA CLI. It might be good to add
an extra line to this warning regarding the fake_mname, altought this might
also cause confusion.
Regards,
David
2015-08-20 15:09 GMT+02:00 Martin Basti :
>
>
> On 08/20/2015 02:46 PM, David D
*
mail addr = hostmaster.test.be
serial = 1440071001
refresh = 3600
retry = 900
expire = 1209600
minimum = 3600
As you can see the SOA record still shows the original default value.
Kind Regards,
David Dejaeghere
--
Manage your subscription f
gt;
>> D
>>
>> 2015-04-17 15:27 GMT+02:00 Jan Cholasta > <mailto:jchol...@redhat.com>>:
>>
>> Hi,
>>
>> I don't have any new information. I'm trying to reproduce the
>> problem but had no luck so far.
>>
>&
Running FreeIPA 4.1 on Fedora 21 on Xenserver 6.2 in HVM mode. No issues.
Kind Regards,
David
2015-05-06 11:15 GMT+02:00 Alexander Frolushkin <
alexander.frolush...@megafon.ru>:
> Hello.
>
> We have periodically hanging and crashing dirsrv in our ipa servers.
>
> All of them running in VM on V
ut
> had no luck so far.
>
> Honza
>
> Dne 17.4.2015 v 15:23 David Dejaeghere napsal(a):
>
>> Hi,
>>
>> Any more things I can try out? How do we proceed?
>>
>> Kind Regards,
>>
>> D
>>
>> 2015-04-15 11:48 GMT+02:00 David Dejaeg
Hi,
Any more things I can try out? How do we proceed?
Kind Regards,
D
2015-04-15 11:48 GMT+02:00 David Dejaeghere :
> Hi Honza,
>
> That gave me the exact same output. Any ideas?
>
> Regards,
>
> D
>
> 2015-04-15 7:33 GMT+02:00 Jan Cholasta :
>
>>
Hi Honza,
That gave me the exact same output. Any ideas?
Regards,
D
2015-04-15 7:33 GMT+02:00 Jan Cholasta :
> Hi,
>
> Dne 14.4.2015 v 19:47 Rob Crittenden napsal(a):
>
>> David Dejaeghere wrote:
>>
>>> Hi Rob,
>>>
>>> So you want to ou
Hi Rob,
So you want to output of the command using pk12 with server cert and key?
or with the ca chain in there too?
Regards,
David
2015-04-13 16:28 GMT+02:00 Rob Crittenden :
> David Dejaeghere wrote:
> > Hi,
> >
> > I get the same error when I use a pk12 with only t
Hi,
I get the same error when I use a pk12 with only the server certificate
(and key) in it.
Not sure what else I can try.
Regards,
D
2015-04-11 0:23 GMT+02:00 Rob Crittenden :
> David Dejaeghere wrote:
> > Hi,
> >
> > I even tried the command using an export from th
2015-04-09 16:16 GMT+02:00 Rob Crittenden :
> David Dejaeghere wrote:
> > Hi,
> >
> > Does somebody have any pointers for me regarding this issue?
>
> It would help very much if you'd include the version you're working
> with. Based on line numbers I'll a
Hi,
Does somebody have any pointers for me regarding this issue?
Regards,
D
2015-04-07 13:34 GMT+02:00 David Dejaeghere :
> Hello,
>
> I am trying to setup a replica for my master which has been setup with an
> external CA to use our godaddy wildcard certificate.
> The ipa-rep
Hello,
I am trying to setup a replica for my master which has been setup with an
external CA to use our godaddy wildcard certificate.
The ipa-replica-prepare is failing with the following debug information.
I am using --http-cert and --dirsrv-cert with my pk12 server certificate.
What can I verif
Hi,
I recently deployed FreeIPA but I stumbled upon a problem with migrating my
groups. The groups in our old system are mixed case. Such as MyGroup. The
application that syncs these groups is case sensitive. The problem is that
when i create these groups using the webgui or the ipa admin tool it
25 matches
Mail list logo