Folks,
I have Master freeIPA running on CentOS 7 and now trying to migrate it to RockyLinux 8.9 (because centos7 is EOL).
When I am running # ipa-replica-install --setup-ca I encounter following error
Custodia uses 'ldap-vx-010101-4.site5.example.com' as master peer. Configuring ipa-custodia [1/4]: Generating ipa-custodia config file [2/4]: Generating ipa-custodia keys [3/4]: starting ipa-custodia [4/4]: configuring ipa-custodia to start on boot Done configuring ipa-custodia. Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up.
502 Server Error: Proxy Error for url: https://ldap-vx-010101-4.site5.example.com/ipa/keys/ca/caSigningCert%20cert-...
I did google and found a similar issue but no solutions. Any idea what could be wrong here? I have checked and all certs are updated and not expired.
Above error isn't great to understand what is going on. I am able to use curls etc. That means cert is updated and valid.