Hello Everyone,
I'm running an updated CentOS 8 KVM on an up to date CentOS 7 host. My
freeipa servers CentOS 7 hosts and fully updated, too. In the KVM I'm
requesting a certificate from my freeipa CA, which in and of itself
works just find. But, when I add a post-save command, that command is
never executed.
Here's the request I'm making:
ipa-getcert request -g 2048 -k /etc/pki/containers/sabnzbd-
server/sabnzbd-server.key -f /etc/pki/containers/sabnzbd-
server/sabnzbd-server.cert -K HTTP/sabnzbd.theinside.rnr -N
"CN=sabnzbd.theinside.rnr,O=THEINSIDE.RNR" -D sabnzbd.theinside.rnr -C
/usr/local/sbin/sabnzbd-server-certs -v -w
The content of that script is just a one liner for podman to copy the
contents of the /etc/pki/containers/sabnzbd-server/ directory to my
container. The script works without issue if I run it manually. I'm
also able to successfully run the podman command at a terminal.
At first I had the command in the script entered directly in the
request, which also didn't work. The bash script was my last attempt at
getting the post-save command to work.
I don't see any errors in the logs or in the terminal. In fact, it
looks like certmonger doesn't even attempt to run the post-save
command. Here's a short snippet from the log:
-- Logs begin at Sat 2021-07-24 17:02:34 EDT, end at Mon 2021-07-26 00:43:48 EDT. --
Jul 26 00:16:16 containment01 certmonger[109481]: Certificate in file
"/etc/pki/containers/sabnzbd-server/sabnzbd-server.cert" issued by CA and
saved.
Jul 26 00:16:16 containment01 certmonger[30743]: 2021-07-26 00:16:16 [30743] No hooks set
for pre-save command.
Jul 26 00:16:16 containment01 certmonger[30743]: 2021-07-26 00:16:16 [30743] Certificate
issued (0 chain certificates, 0 roots).
Jul 26 00:16:16 containment01 certmonger[30743]: ".
Jul 26 00:16:16 containment01 certmonger[30743]: -----END CERTIFICATE-----
Am I doing something wrong or have I hit a bug?
--
Ranbir
Show replies by date