Louis Lagendijk via FreeIPA-users wrote: > On Thu, 2018-10-04 at 09:21 -0400, Rob Crittenden via FreeIPA-users > wrote: >> As part of a larger IPA "health" checker and driven largely by >> necessity >> I have the beginning of a certificate checking tool available at >> https://github.com/rcritten/checkcerts >> >> It works for me in IPA 4.5.4, IPA 4.6.0 and IPA master (basically >> 4.7+ >> patches). YMMV. >> >> There is not much of a user-friendly interface to it. There are only >> two >> options, debug and verbose, which increase the amount of debug output >> (and it is immense). >> >> The UI is limited because I expect it to be rolled up into some >> larger >> tool at some point and don't want to have to throw away a ton of >> framework code. >> >> It needs to be run on an IPA master and checks the things I thought >> of >> to check. I've only done limited testing on mostly brand new installs >> so >> I'd appreciate feedback. Don't freak out of it spits out errors as it >> could just be bugs on my part :-) >> >> It is read-only so it shouldn't blow up anything. >> >> So if you want to run it against your system and send me the any >> output >> I can try to figure out if it is my tool that is the issue or your >> system (it is supposed to help pro-actively diagnose issues after >> all). >> >> To use just clone it from git (or download ipa-checkcerts.py from the >> repo) >> >> Run it as root: > here is a tar file with the output with no options and with --verbose > from my system. Please let me know when you need more information. > The free-ipa was setup a number of years ago (on Centos 7.1?) and > upgraded since with every new release. > I already fixed some permission issues. The > > Kind regards, Louis
Thanks! I'll take a look at this and get back to you next week, perhaps privately, we'll see (mostly based on whether I think it is of general interest to work through the issues). rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
