After 7days, I tried to log in freeipa webUI and got this "Login failed due to an unknown reason" message. So I rebooted my machine. After that I cannot connect to freeipa webUI. Then I check ipa.service and got some errors related to krb5 like "Failed to start krb5kdc Service" so I tried to start krb5kdc.service but get errors too. Which is "krb5kdc: cannot initialize realm". I checked the log file and got something might helpful : "Cannot find master key record in database - while fetching master keys list for realm" "Didn't connect to LDAP on startup: 110" "Server error - while fetching master key K/M for realm" I also tried to run "kinit admin" command and got this message "kinit: Cannot contact any KDC for realm" I guess it is because my certificate expired which lead to this issue. Does anyone know what should I do to fix this issue and prevent it in the future?