On 27/02/23 07:29, Alexander Bokovoy via FreeIPA-users wrote:
On la, 25 helmi 2023, Carlos Mogas da Silva via FreeIPA-users wrote:
Thanks for the pointer Alexander. I actually did search the list, but searched for
"vhost" :P
Anyway, I did as in the thread you mentioned, the only difference being that I used ipa-getcert and used the HOST key
instead of the HTTP key for the principal name, but certmonger can't seem to find the "webapp1" ?
ca-error: Server at https://ipa01.int.example.com/ipa/json failed request, will retry: 4001 (The service principal for
subject alt name webapp1.int.example.com in certificate request does not exist).
both HTTP/webapp1.int.example.com and HOST/host1.int.example.com exist and the
host object itself for both also exist.
I feel like I'm missing something obvious...
Please show exact sequence of what you did.
$ ipa host-add webapp1.int.example.com
$ ipa service-add HTTP/webapp1.int.example.com
$ ipa service-add-host HTTP/webapp1.int.example.com --host host1.int.example.com
$ ipa-getcert request -f webapp1.int.example.com.cert -k webapp1.int.example.com.key -D webapp1.int.example.com -K
HOST/host1.int.r3pek.org # ran this on host1 itself.
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
