I Cannot enrol and do the ipa-client-install on Ubuntu 14.04 to IPA Server (4.4). My IPA Server is having third party certificates for HTTP/LDAP. I have installed it using the suggestions in

https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP

Other version of Ubuntu like 16.04 is enrolled fine.

Here is the error message that I get during the installation

cert validation failed for "CN=..,O=.*,((SEC_ERROR_UNTRUSTED_ISSUER) Peer's certificate issuer has been marked as not trusted by the user.)
Cannot connect to the server due to generic error: cannot connect to 'https://*.*.*.*/ipa/xml': [Errno -8172] (SEC_ERROR_UNTRUSTED_ISSUER) Peer's certificate issuer has been marked as not trusted by the user.
Installation failed. Rolling back changes.
certmonger failed to start: [Errno 2] No such file or directory: '/var/run/ipa/services.list'
certmonger failed to stop: [Errno 2] No such file or directory: '/var/run/ipa/services.list'
Unenrolling client from IPA server
Unenrolling host failed: Error getting default Kerberos realm: Configuration file does not specify default realm.

Removing Kerberos service principals from /etc/krb5.keytab
Disabling client Kerberos and LDAP configurations
Redundant SSSD configuration file /etc/sssd/sssd.conf was moved to /etc/sssd/sssd.conf.deleted
SSSD service could not be stopped
Restoring client configuration files
nscd daemon is not installed, skip configuration
nslcd daemon is not installed, skip configuration
Client uninstall complete.

Is it due to my third part cert? If so, please provide a suggestion so that I can enrol my Ubuntu Client to my IPA Server.