On to, 21 syys 2017, Niels Walet via FreeIPA-users wrote:
My kdc.crt has disappeared after a large number of problems with amn upgrade from 7.3 to 7.4 on my SL7 box (roughly equivalent to Centos). It is a vanilla installation with self-signed cerificates. I am aware of the permission errors in 4.5.0, but what I really need to know is what command to execute to regenerate this file--I can fix the permissions issue afterwards. I really would like to be able to login to the web interface agiain.
ipa-pkinit-manage is the tool.
You may want to try ipa-pkinit-manage status and then disable 'Disable' would re-generate self-sign cert that is used only on this host for web ui login. 'Enable' would try to request a cert from IPA CA. If you don't have IPA CA, you can provide own KDC PKINIT certificate with ipa-server-certinstall. I think you'd interested in the 'disable' part. -- / Alexander Bokovoy _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org