So did I give you the wrong host to add or was the wrong host
reported in the
healthcheck output?
Not sure--- this again is the error: I saw it and thought, "why not try the
HOSTNAME reported and not the SAN name " ?
(misleading: the actual name of the server/host is indeed
voq.rgd.mcw.edu). ipa-ca is
an alias required by IPA somewhere)
[
{
"source": "ipahealthcheck.ipa.certs",
"check": "IPACertDNSSAN",
"result": "ERROR",
"uuid": "5576f96d-cee4-475e-b5ee-0466fe6bfa58",
"when": "20221007165940Z",
"duration": "0.422118",
"kw": {
"key": "20221006190547",
"hostname": "ipa-ca.rgd.mcw.edu",
"san": [
"voq.rgd.mcw.edu"
],
"ca": "IPA",
"profile": "caIPAserviceCert",
"msg": "Certificate request id {key} with profile {profile} for CA
{ca} does not have a DNS SAN {san} matching name {hostname}"
}
}
]