[Freeipa-devel] [freeipa PR#526][comment] server install: properly handle PKINIT-related options

HonzaCholasta Wed, 01 Mar 2017 04:22:00 -0800

  URL: https://github.com/freeipa/freeipa/pull/526
Title: #526: server install: properly handle PKINIT-related options


HonzaCholasta commented:
"""
This is what you currently get in CA-less install:
```
# getcert list
Number of certificates and requests being tracked: 1.
Request ID '20170301121440':
        status: CA_UNREACHABLE
        ca-error: Server at 
https://vm-226.abc.idm.lab.eng.brq.redhat.com/ipa/xml failed request, will 
retry: -504 (libcurl failed to execute the HTTP POST transaction, explaining:  
Failed to connect to vm-226.abc.idm.lab.eng.brq.redhat.com port 443: Connection 
refused).
        stuck: no
        key pair storage: type=FILE,location='/var/kerberos/krb5kdc/kdc.key'
        certificate: type=FILE,location='/var/kerberos/krb5kdc/kdc.crt'
        CA: IPA
        issuer: 
        subject: 
        expires: unknown
        pre-save command: 
        post-save command: 
        track: yes
        auto-renew: yes
# ls /var/kerberos/krb5kdc/kdc.crt
ls: cannot access '/var/kerberos/krb5kdc/kdc.crt': No such file or directory
```
"""

See the full comment at 
https://github.com/freeipa/freeipa/pull/526#issuecomment-283325910

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#526][comment] server install: properly handle PKINIT-related options

Reply via email to