On 04/10/2018 04:30 PM, Hillar Aarelaid wrote:
> On 10. apr 2018, at 15:05, Florence Blanc-Renaud <flo(a)redhat.com> wrote:
>
> I would start by checking if all the certificates are up-to-date, especially
subsystemCert cert-pki-ca.
sorry, i did not touch any certificates.
Hi,
(re-adding the mailing in copy)
the certificates may have expired between the time you did the backup
and reinstalled.
What is the output of ipactl status? If only pki-tomcatd fails to start,
then the logs from /var/log/pki/pki-tomcat/ca may provide more information.
Flo
it was simple ipa-backup->ipa-restore as described in
https://www.freeipa.org/page/Backup_and_Restore#Server_Loss_Cases
i had _single_ server and (by scenario 'Catastrophic hardware failure') i lost
it so i start with new server from scratch...
i followed
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/...
as it says: "Important It is recommended that you uninstall a server before
performing a full-server restore on it."
i tried
a) ipa-server-install and then uninstall and then ipa-restore
b) no ipa-server-install, straight to ipa-restore
and always ended up with tomcat not starting
it seems that most was restored, as i can do kinit with previously existed users and i
can find them with ldapsearch
but command line "ipa whatever-command" fail, so ;( ;( ;(
Hillar
#ref
https://github.com/hillar/detektiven/blob/master/vagans/createFedoraIPA.b...