hi Nali, On Tue, Nov 11, 2014 at 12:57 PM, Martin Kosek <mko...@redhat.com> wrote:
> So if the lurking double encoded certificate is in LDAP, and thus Apache DS > shows is invalid (it shows as OK in my RHEL-7.0 server), maybe the easiest way > to fix it would be to: > > - Open your Apache DS > - Back up cn=CAcert,cn=ipa,cn=etc,dc=example,dc=com > - Delete the cn=CAcert,cn=ipa,cn=etc,dc=example,dc=com entry > - Run > # ipa-ldap-updater --upgrade --ldapi --quiet > on your 6.5+ server and the certificate entry should get regenerated (tested > with 7.0). when you write 6.5+ server you mean in the kdc/CA server, right? Just checking :-) Thanks! -- Groeten, natxo -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project