Hello! I'm trying to reinstall ipa client, but have a problem with old/existing ca.crt in `/etc/ipa/ca.crt`. Should I remove it manually? Since the IPA server still on development and always reinstalled, I need to reproduce any possible problem/error on FreeIPA 4.x on CentOS 7.
The error was : LDAP Error: Connect error: TLS error -8054:You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert. Currently, I was renamed ca.crt to ca.crt.old and the ipa client successfully reconnected to new FreeIPA Server using dns discovery. Is it normal? And why the ipa-client-install --uninstall didn't completely remove the old ca.crt? Thank you. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project