On to, 21 syys 2017, Niels Walet via FreeIPA-users wrote:
My kdc.crt has disappeared after a large number of problems with amn
upgrade from 7.3 to 7.4 on my SL7 box (roughly equivalent to Centos).
It is a vanilla installation with self-signed cerificates. I am aware
of the permission errors in 4.5.0, but what I really need to know is
what command to execute to regenerate this file--I can fix the
permissions issue afterwards. I really would like to be able to login
to the web interface agiain.
ipa-pkinit-manage is the tool.
You may want to try ipa-pkinit-manage status and then disable
'Disable' would re-generate self-sign cert that is used only on this
host for web ui login. 'Enable' would try to request a cert from IPA CA.
If you don't have IPA CA, you can provide own KDC PKINIT certificate
I think you'd interested in the 'disable' part.
/ Alexander Bokovoy
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org