ipa-server-certinstall -w file.pem file.key asks for an unlock passwort for private key. This is happen if the private key file is encrypted and if it isnt encrypted. If i type in the correct passwort the result ist:
Insufficient access: Invalid credentials
Hello, please open new tickets in NEEDS_TRIAGE milestone.
Moving to NEEDS_TRIAGE
Version: ipa packages: 4.2.4-1.fc23.x86_64 (F23)
Could you paste here the exact commands and options, ideally with console output you have used?
First situation:
privatekey without password encryption:
sudo ipa-server-certinstall -w certificate.pem privat_key_without_password.key [sudo] Passwort for user: Directory Manager password: Enter private key unlock password: [ENTER] Enter private key unlock password: [ENTER] Enter private key unlock password: [ENTER] Enter private key unlock password: ......
The password input prompt repeats if i press only the ENTER key without entering a password. I have to kill ipa-server-certinstall with ctrl-c key / SIGINT to get the shell prompt back.
For the second situation i have to correct myself, sorry. ipa-server-certinstall could unlock private key with password.
privatekey with password encryption:
sudo ipa-server-certinstall -w certificate.pem privat_key_with_password.key Directory Manager password: Enter private key unlock password: The full certificate chain is not present in certificate.pem, privat_key_with_password.key
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1360769
I see a patch on the list: "[PATCH 688] server install: do not prompt for cert file PIN repeatedly"
master:
Metadata Update from @ladanyi: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 4.4.1
Login to comment on this ticket.