[Freeipa-users] server 1 and server 2 cannot replicate now may be ssl cert expire
Martin Basti
mbasti at redhat.com
Fri Apr 29 11:20:14 UTC 2016
On 29.04.2016 13:02, barrykfl at gmail.com wrote:
> Hi All:
>
> Any method can fall back the default ipa cert if I didn't backup orginal?
>
> Now the slapd and ipa cert storage quite a mess so they cant replicate
> even disabled nsslapd:security to off
>
>
> thx
> Barry
>
>
Hello Barry,
Can you provide more info?
What is your IPA version, OS?
What are the symptoms you are experiencing?
What do you mean by default ipa cert ?
Can you provide logs from replicas?
Can you provide `getcert list` command output?
Can you provide `ipactl status` from both server?
Replication uses GSSAPI, at least on new IPA versions, I'm not sure if
certificates are involved in this.
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160429/f45f3076/attachment.htm>
More information about the Freeipa-users
mailing list