I feel dumb, but I cannot seem to find anything about this. How do I rekey the
self-signed CA cert for IdM/IPA? It seems like it should be something simple,
but I’m not finding anything. CentOS 6.5 install. If you’ve got a place to
point me towards, that would be wonderful.
Thanks,
Greg
No worries then. The IPA CA (dogtag) uses NSS for crypto so there is no way
the CA private key could have been exposed.
If you've issued SSL certs from the IPA CA for services running OpenSSL you
could re-issue those to be on the safe side, but IPA itself uses only NSS on
its servers.