We have one new customer, they have setup of one single node of IPA on CentOS.
There certificate is expired, and everthing went down.
When we are trying to bring services up.
pki_tomcatd is not starting, another thing is
When we run command > ipactl-getcerts list
One of the certificate is shwoing CA_Unreachable and getting error:
/var/kerberos/krb5kdc/kdc.crt /var/kerberos/krb5kdc/kdc.key
enter image description here
Created new certificate and CA -> it loads certificate, new dates it shows but still says CA unreachable.