girish f via FreeIPA-users wrote: > We have one new customer, they have setup of one single node of IPA on CentOS. > > There certificate is expired, and everthing went down. > > When we are trying to bring services up. > > pki_tomcatd is not starting, another thing is > > When we run command > ipactl-getcerts list > > One of the certificate is shwoing CA_Unreachable and getting error: > > /var/kerberos/krb5kdc/kdc.crt /var/kerberos/krb5kdc/kdc.key > > enter image description here > > Created new certificate and CA -> it loads certificate, new dates it shows > but still says CA unreachable.
Created a new certificate how? If the other certs are expired this is probably the least of your problems. What version of IPA on what distribution? rob -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
