Hello Juan,
Juan Pablo Lorier via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> writes:
You are right, there are several certificates stuck in dc2:
getcert list
...
Request ID '20221130160320':
status: NEWLY_ADDED_NEED_KEYINFO_READ_PIN
My google-fu point to that comment in an issue:
https://github.com/freeipa/freeipa-healthcheck/issues/123#issuecomment-65...
That has the commands to fix the issue.
Another possibility should be to stop-tracking the certificates and run
ipa-server-upgrade which should restore the trackings. Right?
Jochen
--
This space is intentionally left blank.