Thanks Rob for your reply. In our situations, we have only left with data-only backup of our IPA server. (For some reason, both our IPA Master and Replica server got corrupted and are not in recoverable state.)
So we attempted, data-only restore on Fresh Install of IPA server. We faced issue with Kerberos and RA key miss match which we fixed. Now we stuck with CA miss match issue. We suspect CA cert in local files likes NSS db, SLAPd & HTTP alias folder are NOT matching with CA keys in LDAP, as this KEY came from data-only restore. So, can we remove entire exiting CA and re-create it again? Regards, Anand _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
