On Tue, 13 Nov 2018, Fraser Tweedale wrote:
On Mon, Nov 12, 2018 at 07:55:33PM -0500, Rob Foehl wrote:
Incidentally, this is partly the result of not being able to upgrade in place: an attempted 4.6.3 to 4.6.4 upgrade on F27 currently fails when verifying the CA audit signing cert lifetime, as in this particular environment the IPA CA is signed by an external CA cert that expires in 2020. Is this bug-worthy?
It's investiation-worthy. Please provide the output of:
- certutil -d /etc/pki/pki-tomcat/alias -L
- certutil -d /etc/pki/pki-tomcat/alias -L -n 'auditSigningCert cert-pki-ca'
- getcert list
Hey Fraser,
Ever find any time to dig into the info I'd sent for this one?
-Rob