Steven Jones wrote:
From the 18.8.2 section point 2,
"[root@ipaserver ~]# pk12util -o /path/to/cacert.p12 -n "EXAMPLE.COM IPA CA" -d
/etc/
dirsrv/slapd-EXAMPLE-COM"
the -o option is the one below?
[root@vuwunicoipam001 ~]# find /etc/ -name cacert*
/etc/httpd/alias/cacert.p12
?
I think an explanation of what Im meant to be looking for might help...
You're using a self-signed CA?
The -o is what you defined as /path/to/cacert.p12. It is wherever you
want to store the file.
This documentation is incorrect though, I thought I had filed a bug on
this already. In a self-signed CA the root certificate is in
/etc/httpd/alias and not in a 389-ds instance at all. So for step 2
you'd replace /etc/dirsrv/slapd-EXAMPLE-COM with /etc/httpd/alias.
What this is doing is creating a file to transport the self-signed CA
private keys and certificate securely from one location to another.
This is assuming the original master is around. If it is then you can do
this. If not then you saved /root/cacert.p12 from the initial install,
right?
rob
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Wednesday, 23 May 2012 8:11 a.m.
Cc:<freeipa-users@redhat.com>
Subject: [Freeipa-users] How to restore IPA Master/Replicas
Hi,
My master is it seems dead and has been for a week, RH supprt cannot recover
it.....so I need to move on and rebuild it.....first it looks like I need to
promote my replica to be the master.
Do we have any good docs/procedures for the above?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users