On Tue, 15 Oct 2024 23:11:41 +0100 Djerk Geurts via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:

This issue just bit me again, and to be honest, I’d forgotten about raising a ticket. It’s now done: https://bugs.launchpad.net/ubuntu/+source/certmonger/+bug/2084607

Is this possibly why my Ubuntu 20.04 certmongers are stuck in an infinite loop when renewing a certificate, it gets issued on the server, but not saved on the client? Before I stopped, disabled (and also had to mask) the certmonger.service, four separate hosts managed to fill up my FreeIPA with >10k certificates. I described my cleanup process in a thread on this list named "Removal & clean up certificates from o=ipaca". My troubleshooting of certmonger (which I didn't complete) is in a thread named "certmonger certificate renewal stuck in SUBMITTING loop".