[Freeipa-users] Re: CRL Not Updating

Back around Nov/Dec when RHEL 8.3 release, I was hit with the update issue regarding fapolicy. Fortunatly only my IPA1 was impacted, though at the time it was my CA and CRL master. As part of recovery I migrated CA and CRL to IPA2, which is where it still resides. I built a new IPA1 and configured it as a replica. This also seems to coincide with when the CRL ceases to be updated with newly revoked certs. So I wonder if I messed something up in that process