On 12/21/20 11:31 AM, Evg Hertz via FreeIPA-users wrote:
getcert list -f /var/lib/ipa/ra-agent.pem | grep expires
expires: 2022-06-20 19:31:51 UTC
I dont find /var/lib/ipa/ra-agent.pem in output
ldapsearch -D "cn=directory manager" -W -b o=ipaca
Hi,
please type the whole command with the search filter and the list of
requested attributes:
# ldapsearch -D "cn=directory manager" -W -b o=ipaca "(uid=ipara)" dn
usercertificate description
and compare with the output of:
# openssl x509 -text -in /var/lib/ipa/ra-agent.pem
(please keep in mind that openssl command will display subject and
issuer with the most specific rdn on the right, for instance
"O=DOMAIN.COM,CN=IPA RA", while the description attribute displays
serial and issuer with the most-specific rdn on the left like
"description: 2;7;CN=Certificate Authority,O=DOMAIN.COM;CN=IPA
RA,O=DOMAIN.COM").
flo
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...