Hi
I am trying to remove old host certificates.
I generated a list using:
ipa cert-find --sizelimit 0
One of the certs are:
Issuing CA: ipa
Subject: CN=server.example.com,O=COMPANY.COM
Issuer: CN=Certificate Authority,O=COMPANY.COM
Not Before: Fri May 20 15:56:37 2016 UTC
Not After: Mon May 21 15:56:37 2018 UTC
Serial number: 268238888
Serial number (hex): 0xFFD002D
Status: REVOKED_EXPIRED
Revoked: True
I also did:
ipa cert-show 268238888
I then tried to remove the cert by using:
ipa host-remove-cert server.example.com
which then prompts me for the certificate, I enter the certificate as I got it
from ipa cert-show command, using the "Certificate: " part.
But I get the error:
ipa: ERROR: server.examle.com: host not found
I also tried to remove the certificate from the UI, which shows quite a lot
more expired certificates for the host, but does not give me any option to
delete/remove the certificates
Am I missing something obvious with regards to the steps required to remove old
certificates? Am I not supposed to remove them?
FreeIPA, version: 4.5.4
Regards
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
