#25 certmonger does not save certs from Dogtag
Closed: Fixed None Opened 5 years ago by admiyo.

To reproduce:

Stop dogtag

Create ca file in /var/lib/certmonger/cas/dogtag-ipa with the contents:

ca_external_helper=/usr/libexec/certmonger/dogtag-ipa-renew-agent-submit -E http://ipa.cloudlab.freeipa.org:8080/ca/ee/ca -A https://ipa.cloudlab.freeipa.org:8443/ca/agent/ca/ -i /etc/ipa/ca.crt -T caSimpleCMCUserCert

restart dogtag

request a cert

getcert request -c dogtag-ipa -s -f /etc/pki/ayoung-traced.cert.pem -k /etc/.pki/ayoung-traced.key.pem -N "uid=ayoung"

Manually approve the cert on dogtag

Re-request the cert from dogtag with
getcert resubmit -i (id from getcert request)

Result: Keys is created in /etc/pki but cert is not.

Restart certmonger and certfile will be saved.

Metadata Update from @admiyo:
- Issue assigned to nalin
- Issue set to the milestone: 0.74

3 years ago

Login to comment on this ticket.