Solved: Re: ch05 S02 Step 5 certmonger shows CA_UNCONFIGUR...

SubuRama · ‎03-07-2024

Step 5.3 requests a cert and Step 5.4 verifies the status with certmonger.

On my client VM, the cert.key gets generated in /etc/vsftpd/certs but I do *not* see the cert.pem get generated. I also see CA_UNCONFIGURED for the getcert list -i <key_id> command. Any ideas how to debug this? (The stop-tracking is so I can issue the command again)

TM · ‎03-11-2024

Dear @SubuRama,

Normally you had to specify where to put the signed certificate with the -f option of the command ipa-getcert request, similarly to the way you specified the location of the key with the -k option.

I hope it helps.

Tshimanga

View solution in original post

TM · ‎03-11-2024

Dear @SubuRama,

Normally you had to specify where to put the signed certificate with the -f option of the command ipa-getcert request, similarly to the way you specified the location of the key with the -k option.

I hope it helps.

Tshimanga

swefredde · ‎03-11-2024

I ran into the exact same problem the other day. Don't remember exactly how I solved it but I would guess I forgot to run the "semanage fcontext -a -t cert_t "/etc/vsftpd/certs(/.*)?" command followed by the "restorecon -v /etc/vsftpd/certs" command.
Had to revoke it and create a new request since I didn't know how to update the first one.

ch05 S02 Step 5 certmonger shows CA_UNCONFIGURED instead of MONITORING