On Jan 13, 2015, at 1:56 PM, Brian Topping <brian.topp...@gmail.com> wrote:
> Hi folks, really pleased with the latest versions of FreeIPA. Very robust, 
> quite impressive!
> In the process of setting it up, I ended up having to move servers a couple 
> of times. The original server is gone, just replicas that installed cleanly 
> with each other. 

Ok, I think I have this sorted -- somewhat.

After pawing through the Tomcat configuration for Dogtag, I traced back to the 
pki-tomcatd@pki-tomcat.service <mailto:pki-tomcatd@pki-tomcat.service> not 
running. Once that started, the relevant information was available to the UI. 
There are a sufficient number of certificates that I think everything is in 
order. Whew.

What I realize now is the certificate CRL points to the server that no longer 
exists and I'd like to get that cleaned up. I found 
<http://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master>, is 
that relevant for my situation?

Thanks, Brian
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to