Red Hat Bugzilla – Bug 986459
renew_ca_cert fails on upgraded system with separate CA dirsrv instancce
Last modified: 2013-07-23 10:40:14 EDT
This bug is created as a clone of upstream ticket: https://fedorahosted.org/freeipa/ticket/3805 I update to F18 my old ipa server that has been upgraded since F15. It has stil a separate directory instance for the CA. When certmonger decided to renrew the CA certificate renew_ca_cert failed to update the CA instance users with the renewd certs. the reason is that renew_ca_cert tried to perform all its operations against the main IPA instance and not the CA instanace on port 7389 where these objects actually are. all renew_ca_cert operation terminated with 'no such entry' until certmonger failed to update certs as the RA certificate didn't match the cA user anymore.
*** Bug 986461 has been marked as a duplicate of this bug. ***
I have just verified that this bug in fact does *not* affect RHEL 6.4. It only affects installs updated from Dogtag 9 to Dogtag 10.
Thank you, I will close the bug then.