Hi, I've a FreeIPA setup 4.10.1 (that's a long-living setup that was
upgraded many times). It is CA-less setup (Inititally we had CA, but
than it was removed). So now 4 of my servers are saying that PKINIT
is enabled and one server is saying "disabled".
I tried to re-install replica, but it says CA-less mode can't issue a
certificate, so I tried with kdc-cert-file, but than it says cert is
not valid (where it's definitly works for web and ldap).
Anything I can do here and enable pkinit on that replica?
Alex