Hello Rob,
I checked the latest Tomcat version available in the CentOS 9 repositories is
9.0.87-2.el9. So I had to download tomcat package from official Tomcat
downloads page.
I backup old folder tomcat. I untar it and replace old folder tomcat.
After that I replace /usr/share/tomcat/lib by /root/apache-tomcat-9.0.98/lib
I change time system for test renewal, I set time to 7 days before certificates
expire.
Example (I set time to 2026-04-22)
Request ID '20240627032920':
status: MONITORING ==> SUBMITTING
stuck: no
key pair storage:
type=NSSDB,location='/etc/pki/pki-tomcat/alias',nickname='subsystemCert
cert-pki-ca',token='NSS Certificate DB',pin set
certificate:
type=NSSDB,location='/etc/pki/pki-tomcat/alias',nickname='subsystemCert
cert-pki-ca',token='NSS Certificate DB'
CA: dogtag-ipa-ca-renew-agent
issued: 2024-05-09 18:56:38 UTC
expires: 2026-04-29 18:56:38 UTC
===============>
Request ID '20240627032920':
status: MONITORING
stuck: no
key pair storage:
type=NSSDB,location='/etc/pki/pki-tomcat/alias',nickname='subsystemCert
cert-pki-ca',token='NSS Certificate DB',pin set
certificate:
type=NSSDB,location='/etc/pki/pki-tomcat/alias',nickname='subsystemCert
cert-pki-ca',token='NSS Certificate DB'
CA: dogtag-ipa-ca-renew-agent
issued: 2025-01-10 09:23:55 UTC
expires: 2026-12-31 09:23:55 UTC
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
