linux-system-roles / certificate

Role for managing TLS/SSL certificate issuance and renewal

https://linux-system-roles.github.io/certificate/

Issuing certs out of /etc/pki/tls/ is not working when selinux is enabled

seocam opened this issue 4 years ago · comments

Sergio Oliveira commented 4 years ago

Currently issuing certs using certmonger provider in any location out of /etc/pki/tls/ is not working when selinux is enforced.

https://fedorapeople.org/groups/linuxsystemroles/logs/linux-system-roles-certificate-pull-linux-system-roles_certificate-3-4c9f24e-centos-7-20200601-115725/artifacts/test.log.html

Richard Megginson commented 2 months ago

role recommends to use selinux system role to mitigate issues like this