Ian Pilcher wrote:
> On 6/30/23 12:38, Rob Crittenden wrote:
>> The CA is stored in the NSS database /etc/pki/pki-tomcat/alias. You can
>> use pk12util to extract it into a PKCS#12, then extract that and you'll
>> have the CA. This would keep the CA trust the same but with a fresh
>> install you'd
On 6/30/23 12:38, Rob Crittenden wrote:
The CA is stored in the NSS database /etc/pki/pki-tomcat/alias. You can
use pk12util to extract it into a PKCS#12, then extract that and you'll
have the CA. This would keep the CA trust the same but with a fresh
install you'd need new keytabs for any
On 6/30/23 12:38, Rob Crittenden wrote:
The CA is stored in the NSS database /etc/pki/pki-tomcat/alias. You can
use pk12util to extract it into a PKCS#12, then extract that and you'll
have the CA. This would keep the CA trust the same but with a fresh
install you'd need new keytabs for any
Ian Pilcher via FreeIPA-users wrote:
> (Hopefully Thunderbird will only send one copy of this. Sorry about the
> previous duplicate.)
>
> I run a single FreeIPA server (on CentOS 7) in my home network, and I'm
> thinking of migrating it to Fedora. AFAICT, doing this as an actual
> upgrade will