[Freeipa-users] Missing /var/lib/ipa/ca_serialno
Rob Crittenden
rcritten at redhat.com
Wed Jul 23 15:21:01 UTC 2014
John Moyer wrote:
> Hello All,
>
> I was going to promote one of my newer replica IPA servers to be the
> master of our IPA environment and noticed when following the procedures
> to do this that I'm apparently missing this file from my master IPA server:
>
> /var/lib/ipa/ca_serialno
>
> Is there a way to regenerate this file?
>
> I just made a replica like 3 weeks ago, so it definitely is the
> master, I'm just not sure why this file doesn't exist. Looked at my
> backups from the last 3 months and it hasn't existed in that time period.
That file was the source of serial numbers for what was called selfsign
mode (now deprecated in 3.3+). It installed a file-based CA on the
initial IPA master. You needed to pass --selfsign to the installer
What docs are you working from that say you need to worry about this
file? They are likely ancient.
rob
More information about the Freeipa-users
mailing list