IPA: Status of a certificate tracked is "Problem with the local SSL certificate"

Solution Verified - Updated -

Issue

  • Status of a certificate tracked has error.
# getcert list -f /var/lib/ipa/ra-agent.pem
Number of certificates and requests being tracked: 9.
Request ID '20240523052200':
    status: CA_UNREACHABLE
    ca-error: Error 58 connecting to https://ipaserver.example.test:8443/ca/agent/ca/profileReview: Problem with the local SSL certificate.
    stuck: no
    key pair storage: type=FILE,location='/var/lib/ipa/ra-agent.key'
    certificate: type=FILE,location='/var/lib/ipa/ra-agent.pem'
    CA: dogtag-ipa-ca-renew-agent
    issuer:
    subject:
    expires: unknown
    pre-save command: /usr/libexec/ipa/certmonger/renew_ra_cert_pre
    post-save command: /usr/libexec/ipa/certmonger/renew_ra_cert
    track: yes
    auto-renew: yes

Environment

  • IPA 4.x
  • Certmonger
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content