https://admin.fedoraproject.org/accounts/user/gencert
the "Generate a certificate" link produces "Your certificate could not be generated." message.
trying to use fedora-packager-setup produces a traceback.
please try now thanks
This stopped working again. Looking at /var/log/messages I see that puppet ran and re-labeled some files in fedora-ca and also that selinux was in enforcing mode. Perhaps puppet re-enabled SELinux? I relabeled the entire /var/lib/fedora-ca directory with::
chcon -R system_u:object_r:httpd_sys_content_t:s0 .
and now fas works. This is almost certainly overly permissive so we need to figure out what needs to be relabeled and just add that to puppet (everything else can be reverted to system_u:object_r:var_lib_t:s0).
i ran a "restorecon -rv /var/lib/fedora-ca" and reneabled selinux but got pulled away before testing.
when we create builder certs and website certs etc which is not an often task im sure that will either not work or mess up the labels.
Still getting the same message.
Finally got the new cert.
Hi, looks like this was fixed a while ago, so closing :-)
Login to comment on this ticket.