Hello, I have a host with 2 names: * servername.example.com * alias.example.com
But the command: ======================================= ipa-getcert request \ -K HTTP/servername.example.com \ -D alias.example.com \ -f /etc/pki/tls/certs/httpd.crt \ -k /etc/pki/tls/private/httpd.key ======================================= says that I cannot do it: ======================================= ca-error: Server at https://ipa.example.com/ipa/xml denied our request, giving up: 2100 (RPC failed at server. Insufficient access: Insufficient privilege to create a certificate with subject alt name 'alias.example.com'.). ======================================= The alias.example.com is managed from the host: ======================================= ipa host-show alias.example.com Host name: alias.example.com Principal name: host/alias.example....@example.com Principal alias: host/alias.example....@example.com Password: False Keytab: False Managed by: alias.example.com, servername.example.com Any idea why??? _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
