Hi,

In our FreeIPA deployment we need to find a way to rekey the self-signed root CA and afterwards update the chain and the certificates all the way down. I have been unable to find detailed instructions in the official documentation or through my own research, so I am reaching out for guidance.

Could someone please provide instructions or point me to any relevant resources on how to properly rekey the self-signed root CA in FreeIPA? Any advice, tips, or potential pitfalls to avoid during this process would be greatly appreciated.

Thank you in advance for your assistance!

Nelson V.