[Freeipa-users] Replicating o=ipaca
Erinn Looney-Triggs
erinn.looneytriggs at gmail.com
Tue Aug 12 15:18:10 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The documentation seems to be a little fuzzy on setting up two CAs,
some parts indicate this is a bad idea because the CRLs can clobber
each other, other parts, such as the migration guide from RHEL 6.5 to
7 seem to indicate that it is ok, albeit maybe that is just for a
short time.
What I am wondering, because I get a little nervous when all my data
for the CA is on one host (backups aside), is whether there is a
value, assuming that having two concurrent dogtag instances is a bad
thing, to replicating the ipaca data in ldap. Just the data I mean,
would it be possible, having just the LDAP data and whatever certs are
in the replica file to basically reconstruct a CA?
- -Erinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJT6jAyAAoJEFg7BmJL2iPOnM4IAKLtywgP5hvAtNRdd71rBilm
EaYTbOuWf/47BigLKL/0OjfWhEF0dFGcKn27EeeZL3CCznH92liSfgpSVYzAa7cW
X+INDSs2ctn9//LJdGIjhfSvHt3xQIB8KXR/DcSlu3gjHizEXpVLg0oj+w6GzbRG
pw7p2A50MNGRar//wsbcZLV5VDdW84f/L+3iWUL9onn7hgNe3vlSBKmkD7cFXq5C
+jwGS9t/ElYsB0tE3vchdF03h8u+1pYfc8u6y59zUnyFKIfw5iYYHd9HyuCx7Z3k
jcby8/gmpxm+wqUmhmXOTDX+zTS32WnzKwjeqVGPVrGv1bOfjkXyovrGJwlEetA=
=7cXD
-----END PGP SIGNATURE-----
More information about the Freeipa-users
mailing list