[Pki-users] restore rootCA
Carlos Barrabes
cbarrabes at systemonenoc.com
Mon Mar 13 15:20:18 UTC 2017
Hello,
I have a dogtag 10.2.3 acting as a rootCA on a Fedora 21 machine that I
want to restore on another machine as part of a disaster recovery
procedure. I have read and followed the procedures on migration and
recovery described in the following links:
http://pki.fedoraproject.org/wiki/Recovery#Overview
http://pki.fedoraproject.org/wiki/Migrating_a_CA_using_existing_CA_mechanism
http://pki.fedoraproject.org/wiki/Migrating_a_CA_using_general_mechanism
I might obviously have been doing something wrong at some point because
I end up with a CA that cant issue new certificates or cannot reissue
the old certificates from the imported database.
Having a DS db dump and the system certificates and keys exported via
PKCS12Export, do I need any other elements backed up in order to restore
the a root CA? Could someone please point me in the right direction on
how to perform the restoration?
Thanks in avance.
More information about the Pki-users
mailing list