-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

The documentation seems to be a little fuzzy on setting up two CAs,
some parts indicate this is a bad idea because the CRLs can clobber
each other, other parts, such as the migration guide from RHEL 6.5 to
7 seem to indicate that it is ok, albeit maybe that is just for a
short time.

What I am wondering, because I get a little nervous when all my data
for the CA is on one host (backups aside), is whether there is a
value, assuming that having two concurrent dogtag instances is a bad
thing, to replicating the ipaca data in ldap. Just the data I mean,
would it be possible, having just the LDAP data and whatever certs are
in the replica file to basically reconstruct a CA?

- -Erinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJT6jAyAAoJEFg7BmJL2iPOnM4IAKLtywgP5hvAtNRdd71rBilm
EaYTbOuWf/47BigLKL/0OjfWhEF0dFGcKn27EeeZL3CCznH92liSfgpSVYzAa7cW
X+INDSs2ctn9//LJdGIjhfSvHt3xQIB8KXR/DcSlu3gjHizEXpVLg0oj+w6GzbRG
pw7p2A50MNGRar//wsbcZLV5VDdW84f/L+3iWUL9onn7hgNe3vlSBKmkD7cFXq5C
+jwGS9t/ElYsB0tE3vchdF03h8u+1pYfc8u6y59zUnyFKIfw5iYYHd9HyuCx7Z3k
jcby8/gmpxm+wqUmhmXOTDX+zTS32WnzKwjeqVGPVrGv1bOfjkXyovrGJwlEetA=
=7cXD
-----END PGP SIGNATURE-----

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to