Rob, I'd love to test your tool, as part of working on my problem "ipa.service fails to start", but I still run 4.4.0-12.0.1.el7.x86_64, hence do you think this is the obstacle?
Again, as part of "ipa.service fails to start" work, I was hoping to add new IPA server 4.5.4, but ipa-replica-prepare (from v4.4.0) fails with: Creating SSL certificate for the Directory Server cannot connect to 'https://ca-ldap02.domain.com:8443/ca/ee/ca/profileSubmitSSLClient': (SSL_ERROR_EXPIRED_CERT_ALERT) SSL peer rejected your certificate as expired. One more thing, mine domain level is 0, will it help raising to 1 and is this process harmful? I am desperate to try things that can possibly lead to resolving my expire cert problems. thanks, Zarko _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
