Hello,
_This command is executed at IPA Client_:
# date;ipa-getcert request -vvv -T SubjectAlternateNamesCert -R -K TEST/$(hostname) -E
<>@<> <mailto:fabian.seelbach@ble.de> -f opt/certs/test3.crt -k
/opt/certs/test3.key -X BLE-IDM-SUB1
Wed Feb 14 07:54:49 CET 2018
Certificate at same location is already used by request with nickname "201802070
95750".
Error org.fedorahosted.certmonger.duplicate: Certificate at same location is already used
by request with nickname "20180207095750".
# ipa-getcert stop-tracking --id "20180207095750"
Request "20180207095750" removed.
# date;ipa-getcert request -vvv -T SubjectAlternateNamesCert -R -K TEST/$(hostname) -E
<>@<> <mailto:fabian.seelbach@ble.de> -f /opt/certs/test3.crt -k
/opt/certs/test3.key -X BLE-IDM-SUB1
Wed Feb 14 07:55:19 CET 2018
New signing request "20180214065519" added.
# getcert list -i "20180214065519"
Number of certificates and requests being tracked: 1.
Request ID '20180214065519':
status: CA_REJECTED
ca-error: Server at https://<>/ipa/xml
<
https://dpgrridm0577.idm.ble.de/ipa/xml> denied our request, giving up: 3009 (RPC
failed at server. invalid 'csr': subject alt name type RFC822Name is forbidden
for non-user principals).
stuck: yes
key pair storage: type=FILE,location='/opt/certs/test3.key'
certificate: type=FILE,location='/opt/certs/test3.crt'
CA: IPA
issuer:
subject:
expires: unknown
pre-save command:
post-save command:
track: yes
auto-renew: no
Thanks
Amit