Il 10/01/2018 15:34, Fraser Tweedale via FreeIPA-users ha scritto:
Great!  I'm glad you got to the bottom of it.  Just curious - were
there / are there multiple authority entries in LDAP underneath

No, there weren't (now, after solving initial problem, I setup a replica with --setup-ca, and I have 2 authorities).

I have seen this sort of problem once before, when experimenting
with changing the CA Subject DN.  I wonder if the CA certificate
renewal that started all this off worked properly... are you using
an externally signed CA cert?

No, I'm using only IPA internal CA. I really don't know where everything started; for sure my cerificates weren't renewed, and when I found this issues, trying to resolve, I issued a ipa-cacert-manage renew (I promise, I won't do it anymore!)

Thanks again,
FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to