FerranAgulloLopez
commented
3 years ago Hello! Usually the password is inside a file in the directory /var/lib/ipa/passwds/. Hope it helps!
Closed amohideen closed 3 years ago
FerranAgulloLopez
commented
3 years ago Hello! Usually the password is inside a file in the directory /var/lib/ipa/passwds/. Hope it helps!
amohideen
commented
3 years ago Thanks. I am on Fedora 31... maybe the directory structure needs changing.. will check it over the weekend.
amohideen
commented
3 years ago The solution was (on Fedora 31): Imanually installed the certificates.
1: ipa-cacert-manage install "$WORKDIR/ca/DSTRootCAX3.pem" -n DSTRootCAX3 2: ipa-certupdate -v 3: ipa-cacert-manage install "$WORKDIR/ca/LetsEncryptAuthorityX3.pem" -n letsencryptx3 4: ipa-certupdate -v
after this stage ran the /renew-le.sh (This will ask for the passphrase), In a different terminal cd into /var/lib/ipa/passwds/ cat the password file and copied the passphrase text. back to the original terminal where it was asking for the password, I pasted it.
everything went smooth.
amohideen
commented
3 years ago @FerranAgulloLopez Thanks. I had to manually cat the passkey and paste it in the cli.. and worked.
ipapython.admintool: INFO: The ipa-certupdate command was successful Enter pass phrase for /var/lib/ipa/private/httpd.key: unable to load Private Key 140015378847552:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:621: 140015378847552:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error:crypto/pkcs12/p12_decr.c:62: 140015378847552:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:crypto/pkcs12/p12_decr.c:93: 140015378847552:error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1 lib:crypto/pem/pem_pkey.c:88: