JR Aquino wrote:
On Jun 5, 2012, at 11:18 AM, Paul Tader wrote:
A couple days ago my (apache) certificates expired. Users are able to kinit
but tools such as sudo fail because of the expired certificates. Lots of
reading/Google'ing later I found this script (steps) to renew these certs:
I'm just curious, but, isn't certmonger supposed to automatically renew these?
Is certmonger failing in this case?
Yes, the first thing to do is figure out why certmonger didn't
automatically renew the certificates. Then it should be as simple as
setting the date back, letting certmonger do its thing, then setting it
forward again.
That is very strange certmonger output. You might try setting the date
back a couple of days and trying something like:
ipa-getcert resubmit -i 20110706215145
And see what the status goes to.
rob
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
