Morning Rob
What's the process for either removing or making it known?
I'll add something to the program about this too but for now you can run:
# getcert list -i 20170919231606
That will tell us what it is. It is perfectly fine to have certmonger track other certs on the system. I display unexpected once as a just-in-case.
It's supposed to display as just a warning. I'll fix that too since it is a little alarming.
This is the result I got on my end.:
Failures:
Unable to find request for serial 268304424 Unable to find request for serial 268304426 Unable to find request for serial 268304425 Unable to find request for serial 268304423 Subject O=ENG.EXAMPLE.COM,CN=zinc.eng.example.com and template subject CN=lithium.eng.example.com,O=ENG.EXAMPLE.COM do not match for serial 77 Permissions of /etc/dirsrv/slapd-ENG-EXAMPLE-COM/key3.db are 0600 and should be 0640 Permissions of /etc/dirsrv/slapd-ENG-EXAMPLE-COM/cert8.db are 0600 and should be 0640 Permissions of /etc/dirsrv/slapd-ENG-EXAMPLE-COM/secmod.db are 0600 and should be 0640 Warnings: Unknown certmonger ids: 20170812234301 [root@lithium bin]#
The system so far seem healthy. Did these file permission had a stricter access that was relaxed later? I have never attempted to change them, at least impicitly
Regards, William