hi im getting duplicate certificate error
ipa: DEBUG: stderr=
ipa: DEBUG: Starting external process
ipa: DEBUG: args=/usr/bin/certutil -d /etc/dirsrv/slapd-MPGPSDC-COM/ -L
ipa: DEBUG: Process finished, return code=0
ipa: DEBUG: stdout=
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
MPGPSDC.COM <
http://mpgpsdc.com/> IPA CA
CT,C,C
CN=DST Root CA X3,O=Digital Signature Trust Co. C,,
CN=freeipa.do-blr.mpgpsdc.com <
http://ut-nagios01.do-blr.mpgpsdc.com/>
u,u,u
CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US ,,
ipa: DEBUG: stderr=
ipa.ipaserver.install.ipa_server_certinstall.ServerCertInstall: DEBUG:
File "/usr/lib/python2.7/dist-packages/ipapython/admintool.py", line
171, in execute
return_value = self.run()
File
"/usr/lib/python2.7/dist-packages/ipaserver/install/ipa_server_certinstall.py",
line 110, in run
self.install_dirsrv_cert()
File
"/usr/lib/python2.7/dist-packages/ipaserver/install/ipa_server_certinstall.py",
line 129, in install_dirsrv_cert
'restart_dirsrv %s' % serverid)
File
"/usr/lib/python2.7/dist-packages/ipaserver/install/ipa_server_certinstall.py",
line 180, in import_cert
command)
File "/usr/lib/python2.7/dist-packages/ipaserver/install/certs.py",
line 302, in track_server_cert
request_id = certmonger.start_tracking(nickname, self.secdir,
password_file, command)
File "/usr/lib/python2.7/dist-packages/ipapython/certmonger.py", line
357, in start_tracking
result = cm.obj_if.add_request(params)
File "/usr/lib/python2.7/dist-packages/dbus/proxies.py", line 145, in
__call__
**keywords)
File "/usr/lib/python2.7/dist-packages/dbus/connection.py", line 651,
in call_blocking
message, timeout)
ipa.ipaserver.install.ipa_server_certinstall.ServerCertInstall: DEBUG:
The ipa-server-certinstall command failed, exception: DBusException:
org.fedorahosted.certmonger.duplicate: Certificate at same location is
already used by request with nickname "20181011115500".
ipa.ipaserver.install.ipa_server_certinstall.ServerCertInstall: ERROR:
org.fedorahosted.certmonger.duplicate: Certificate at same location is
already used by request with nickname "20181011115500".
ipa.ipaserver.install.ipa_server_certinstall.ServerCertInstall: ERROR:
The ipa-server-certinstall command failed.
You just need to tell certmonger to stop tracking the old one:
# getcert stop-tracking -i 20181011115500
rob
On Thu, Sep 27, 2018, 7:10 PM Rob Crittenden <rcritten(a)redhat.com
<mailto:rcritten@redhat.com>> wrote:
Anush Jayan via FreeIPA-users wrote:
> im currently using freeipa 4.3.1 on ubuntu 16.04 im having trouble
installing letsencrypt ssl key for https can anyone help me fix this
>
It would help if you said what you tried and what you are seeing.
rob