-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The documentation seems to be a little fuzzy on setting up two CAs, some parts indicate this is a bad idea because the CRLs can clobber each other, other parts, such as the migration guide from RHEL 6.5 to 7 seem to indicate that it is ok, albeit maybe that is just for a short time.
What I am wondering, because I get a little nervous when all my data for the CA is on one host (backups aside), is whether there is a value, assuming that having two concurrent dogtag instances is a bad thing, to replicating the ipaca data in ldap. Just the data I mean, would it be possible, having just the LDAP data and whatever certs are in the replica file to basically reconstruct a CA? - -Erinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJT6jAyAAoJEFg7BmJL2iPOnM4IAKLtywgP5hvAtNRdd71rBilm EaYTbOuWf/47BigLKL/0OjfWhEF0dFGcKn27EeeZL3CCznH92liSfgpSVYzAa7cW X+INDSs2ctn9//LJdGIjhfSvHt3xQIB8KXR/DcSlu3gjHizEXpVLg0oj+w6GzbRG pw7p2A50MNGRar//wsbcZLV5VDdW84f/L+3iWUL9onn7hgNe3vlSBKmkD7cFXq5C +jwGS9t/ElYsB0tE3vchdF03h8u+1pYfc8u6y59zUnyFKIfw5iYYHd9HyuCx7Z3k jcby8/gmpxm+wqUmhmXOTDX+zTS32WnzKwjeqVGPVrGv1bOfjkXyovrGJwlEetA= =7cXD -----END PGP SIGNATURE----- -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
