On 29.04.2016 13:02, barry...@gmail.com wrote:
Hi All:
Any method can fall back the default ipa cert if I didn't backup orginal?
Now the slapd and ipa cert storage quite a mess so they cant replicate
even disabled nsslapd:security to off
thx
Barry
Hello Barry,
Can you provide more info?
What is your IPA version, OS?
What are the symptoms you are experiencing?
What do you mean by default ipa cert ?
Can you provide logs from replicas?
Can you provide `getcert list` command output?
Can you provide `ipactl status` from both server?
Replication uses GSSAPI, at least on new IPA versions, I'm not sure if
certificates are involved in this.
Martin
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
