Closed Naolador closed 3 years ago
I have the same situation. And it's happened after running script renew-le.sh
. I run command:
ipa-server-certinstall -w -d /var/lib/ipa/private/httpd.key /var/lib/ipa/certs/httpd.crt
but unfortunately i don't know my private key unlock password
. May be if you know, you can run this command to set credentials manually.
@Setplus01 The private password is stored in /var/lib/ipa/passwds/domain.com-443-RSA
For me, the command was failed, I tried to replace cert with a fullchain cert, but still not working:
[root@idm ~]# ln -s /etc/letsencrypt/live/idm.example.com/fullchain.pem /var/lib/ipa/certs/httpd.crt
[root@idm ~]# ipa-server-certinstall -w -d /var/lib/ipa/private/httpd.key /var/lib/ipa/certs/httpd.crt
Directory Manager password:
Enter private key unlock password:
The full certificate chain is not present in /var/lib/ipa/private/httpd.key, /var/lib/ipa/certs/httpd.crt
The ipa-server-certinstall command failed.
I have the same error as @Naolador
We seem to have lost traction with this issue, closing.
I'm using RHEL8 idm repository for the installation and the server is working fine before I applied the Letsencrypt certs.
After the certs has been installed, I can't login anymore, here's the httpd log:
Any ideas for the fix?