Rob sorry, i trim my output thought not necessary but anyway here is
the full list (ignore CAPS letter in output)
[root@ldap-ca-master ~]# getcert list
Number of certificates and requests being tracked: 12.
Request ID '20190915042927':
status: NEED_CA
stuck: yes
key pair storage:
Satish Patel via FreeIPA-users wrote:
> Few days ago my Master CA was messed up and getcert list was showing
> empty list (no cert to track)
>
> So i run following command to add certs manually:
>
> getcert start-tracking -d /etc/pki/pki-tomcat/alias -n
> 'ocspSigningCert cert-pki-ca' -P XXX
Few days ago my Master CA was messed up and getcert list was showing
empty list (no cert to track)
So i run following command to add certs manually:
getcert start-tracking -d /etc/pki/pki-tomcat/alias -n
'ocspSigningCert cert-pki-ca' -P XXX
getcert start-tracking -d /etc/pki/pki-tomcat/alias
Hi
A bit late I realise but I noticed ...
https://www.freeipa.org/page/Domain_Levels
(# ipa domainlevel-get)
IPA 4.5 is likely domain level 1. According to the ipa-replica-del man page:
<-- snip
To manage IPA replication agreements in a domain at domain level 1, use IPA CLI
or Web UI, see `ipa