On 29.04.2016 13:02, barry...@gmail.com wrote:
Any method can fall back the default ipa cert if I didn't backup orginal?
Now the slapd and ipa cert storage quite a mess so they cant replicate
even disabled nsslapd:security to off
Can you provide more info?
What is your IPA version, OS?
What are the symptoms you are experiencing?
What do you mean by default ipa cert ?
Can you provide logs from replicas?
Can you provide `getcert list` command output?
Can you provide `ipactl status` from both server?
Replication uses GSSAPI, at least on new IPA versions, I'm not sure if
certificates are involved in this.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project