[Freeipa-users] Missing /var/lib/ipa/ca_serialno
John Moyer
john.moyer at digitalreasoning.com
Wed Jul 23 15:54:54 UTC 2014
http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/promoting-replica.html
http://www.freeipa.org/page/Howto/Promoting_a_self-signed_FreeIPA_CA
On 7/23/14, 11:21 AM, Rob Crittenden wrote:
> John Moyer wrote:
>> Hello All,
>>
>> I was going to promote one of my newer replica IPA servers to be the
>> master of our IPA environment and noticed when following the procedures
>> to do this that I'm apparently missing this file from my master IPA server:
>>
>> /var/lib/ipa/ca_serialno
>>
>> Is there a way to regenerate this file?
>>
>> I just made a replica like 3 weeks ago, so it definitely is the
>> master, I'm just not sure why this file doesn't exist. Looked at my
>> backups from the last 3 months and it hasn't existed in that time period.
> That file was the source of serial numbers for what was called selfsign
> mode (now deprecated in 3.3+). It installed a file-based CA on the
> initial IPA master. You needed to pass --selfsign to the installer
>
> What docs are you working from that say you need to worry about this
> file? They are likely ancient.
>
> rob
>
Thanks,
------------------------------------------------------------------------
John Moyer
Director, IT Operations
901 N. Stuart St. STE 904A
Arlington,VA 22203
703.678.2311 Office
240.460.0023 Cell
703.678.2312 Fax
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140723/95adf620/attachment.htm>
More information about the Freeipa-users
mailing list