Hide Forgot
Unable to generate certificate using `ipa cert-request` command. Marking this BZ as failed QA. [root@master1 ~]# openssl req -new -sha256 -key testuser1.key -out testuser1.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:IN State or Province Name (full name) []:MH Locality Name (eg, city) [Default City]:PUNE Organization Name (eg, company) [Default Company Ltd]:RED HAT Organizational Unit Name (eg, section) []:QE Common Name (eg, your name or your server's hostname) []:testuser1 Email Address []:testuser1 Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: [root@master1 ~]# ipa cert-request testuser1.csr --principal=testuser1 ipa: ERROR: invalid 'csr': DN emailAddress does not match any of user's email addresses IPA version:: ipa-server-4.5.0-11.el7.x86_64
Moving back to ON_QA. This depends on #1451576
Verified using mod_nss version :: mod_nss-1.0.14-10.el7.x86_64 Marking BZ as verified. See attachment for console.log.
Created attachment 1281534 [details] console.log
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2009