Hi guys.
According to 'ipa-healthcheck' there are lots of problems with my IPA ... "key": "cert-file=/var/lib/ipa/ra-agent.pem, key-file=/var/lib/ipa/ra-agent.key, ca-name=dogtag-ipa-ca-renew-agent, cert-presave-command=/usr/libexec/ipa/certmonger/renew_ra_cert_pre, cert-postsave-command=/usr/libexec/ipa/certmonger/renew_ra_cert",
"msg": "Expected certmonger tracking is missing for {key}. Automated renewal will not happen for this certificate"
... "key": "cert-database=/etc/pki/pki-tomcat/alias, cert-nickname=auditSigningCert cert-pki-ca, ca-name=dogtag-ipa-ca-renew-agent, cert-presave-command=/usr/libexec/ipa/certmonger/stop_pkicad, cert-postsave-command=/usr/libexec/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca", template-profile=caSignedLogCert", "msg": "Expected certmonger tracking is missing for {key}. Automated renewal will not happen for this certificate" ... ... { "source": "ipahealthcheck.ipa.certs", "check": "IPACertDNSSAN", "result": "ERROR", "uuid": "1f431916-88ae-4cf0-8dd1-c55914cf3801", "when": "20220315184602Z", "duration": "0.178625", "kw": { "key": null, "msg": "Found request id {key} but it is not trackedby certmonger!?" } }, ...
'ipa-restore' does not seem to fix anything there. What happens there and more importantly, how to troubleshoot/fix? many thanks, L.