Morgan Cox via FreeIPA-users wrote: > Hi. > > I have a 2 server IPA setup. > > The replica was added a while ago. > > Today I tried to extract the cert from the /root/cacert.p12 from the replica > server - however I have no idea what the dir manager password was at the time > I created the replica.. > > I have the initial dir manager pass for when I setup the primary server and > can extract that fine using > > # openssl pkcs12 -in /root/cacert.p12 -clcerts -nokeys -out /tmp/cert.crt > > However I do not know the pass for the p12 bundle on the replica. > > I have the current directory manager also. > > What can I do to extract the p12 bundle on the replica ? > > i.e can I re-generate it ? Or does it not matter as I have the primary .p12 > pass. >
The PKCS12Export command can regenerate it. I'm curious though, what are you intending to do with it? rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
