[Freeipa-users] Install/promote new CA old one corrupted before backups

McNiel, Craig craig.mcniel at pearson.com
Fri Apr 1 13:24:44 UTC 2016 

Sadly -

I don't think that CA is installed on other replica's  They were installed
following the replica-prepare and replica-install process with nothing else
done outside of this process to install CA.

I did not have backups yet when the incident occurred so I only have the
replica's created from the original CA/master

The documentation that I was following was the following

http://www.freeipa.org/page/Howto/Promote_CA_to_Renewal_and_CRL_Master

I rapidly ran into issues with this on the replica's which I suspect is due
to them not having CA installed.

Thanks !

Craig

On Fri, Apr 1, 2016 at 2:15 AM, Martin Basti <mbasti at redhat.com> wrote:

>
>
> On 31.03.2016 16:09, McNiel, Craig wrote:
>
> I was installing a 7 host IPA with ipa01 being the CA and the others being
> replicas of this node.  This was to be the production installation of IPA
> and the admins/users started using it prior to the installation being
> completed and before I had snapshots/backup created of the servers.
>
> The ipa01 host disk was corrupted so I no longer have a CA just the other
> 6 nodes.  How can I install/promote or otherwise recreate the CA?  I have
> looked online for instructions but, I run into issues almost immediately
> with the accuracy for the version I'm using in the documenation as many of
> the files it indicates need updates don't even exist.
>
> Thanks
>
> ipa-python-4.2.0-15.el7.centos.3.x86_64
> ipa-admintools-4.2.0-15.el7.centos.3.x86_64
> ipa-server-dns-4.2.0-15.el7.centos.3.x86_64
> sssd-ipa-1.13.0-40.el7_2.1.x86_64
> ipa-server-4.2.0-15.el7.centos.3.x86_64
> libipa_hbac-1.13.0-40.el7_2.1.x86_64
> ipa-client-4.2.0-15.el7.centos.3.x86_64
>
>
>
>
>
> Hello,
>
> Several things are not clear to me from you email. Can you please answer
> following questions?
>
> Do you have CA installed on other replicas?
> Do you have backup of the original server (ipa-backup, or snapshot)?
> Which documentation did you follow?
> What did you try?
>
> Martin Basti
>



-- 

*Craig McNiel*

Assessment and Instruction

2510 North Dodge Street
Iowa City, Iowa 52240

D: 319-341-6390
C: 319-430-9252
T: 877-627-2222 (Team On-call Support)

Pearson
Always Learning
Learn more at www.pearsonassessments.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160401/1eda6b02/attachment.htm>

More information about the Freeipa-users mailing list