Thanks for the suggestion Rob! I posted to the sssd-users mailing list and they responded. Turns out this is a known issue with an existing PR to fix it: * https://github.com/SSSD/sssd/issues/5135 * https://github.com/SSSD/sssd/pull/1036
I will have to configure FreeIPA to match against full certificates for now, and revert to using certmap data once that PR is merged. Posting here just to close the loop, in case anyone else gets bitten by this bug and stumbles upon this exchange. Thanks again to everyone for all the assistance! Shane _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
