On 29.04.2016 13:02, barry...@gmail.com wrote:
Hi All:

Any method can fall back the default ipa cert if I didn't backup orginal?

Now the slapd and ipa cert storage quite a mess so they cant replicate even disabled nsslapd:security to off


Hello Barry,

Can you provide more info?

What is your IPA version, OS?
What are the symptoms you are experiencing?
What do you mean by default ipa cert ?
Can you provide logs from replicas?
Can you provide `getcert list` command output?
Can you provide `ipactl status` from both server?

Replication uses GSSAPI, at least on new IPA versions, I'm not sure if certificates are involved in this.

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to