[Freeipa-users] I think I trashed my FreeIPA CA - how to recover?
Brian Topping
brian.topping at gmail.com
Tue Jan 13 06:56:59 UTC 2015
Hi folks, really pleased with the latest versions of FreeIPA. Very robust, quite impressive!
In the process of setting it up, I ended up having to move servers a couple of times. The original server is gone, just replicas that installed cleanly with each other.
The problem is I didn't realize I was destroying the CA in the process. Maybe because I didn't promote the CA before the original was blown away. This was about three months ago and now I'm having a hard time recovering. I did use the --setup-ca option every time a replica was made, but I can't tell what was salvaged and what was lost. (Maybe the installer could warn about this for the PBKAC types like myself...)
I have a fairly large investment in the configuration of the LDAP (domains, hosts and accounts) and need to maintain those somehow. I'm expecting that my certificates will probably have to be started from scratch though.
Can anyone offer advice how to proceed?
Thanks kindly, Brian
More information about the Freeipa-users
mailing list