Bret Wortman via FreeIPA-users <freeipa-users@lists.fedorahosted.org> writes:
> If this is the correct search, then no. It's gone. Now, if you don't have the private keys any longer (see Rob's mail), we should consider your CA really gone. I'd look at ipa-ca-install and something like https://www.freeipa.org/page/V4/CA-less_to_CA-full_conversion. You'll need to refresh the CA certs and certificates on all clients after recreating a new CA. Use a new CA subject with --subject... Getting dogtag going probably won't be easy, but we'll see. I had problems after cert renewal, but got dogtag up with password authentication temporarily and could fix certs/ldap. Jochen -- This space is intentionally left blank. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org