When the IPA CA certificate is renewed, the validity period end of the renewed certificate is the same as the validity period end of the old certificate.
This is because a parameter is missing in the certificate approval request to Dogtag.
See https://bugzilla.redhat.com/show_bug.cgi?id=1150031 for more info.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1163498 (Red Hat Enterprise Linux 7)
master:
ipa-4-1:
Metadata Update from @jcholast: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.1.2
Login to comment on this ticket.