[Freeipa-users] Confused/lost at promoting a replica into a master
David Copperfield
cao2dan at yahoo.com
Sat Apr 28 03:20:08 UTC 2012
Hi follks,
I'm completely lost at reading the IPA document on how to promote a IPA replica into master IPA. When I'm try to follow the steps listed in the chapter '16.8.1 Promoting a Replica with a Dogtag Certificate System CA' at the link http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/promoting-replica.html#promoting-pki, the last steps 'g' said:
g. Disable the redirect settings for CRL generation requests:
master.ca.agent.host=hostname
master.ca.agent.port=port number
The above instructions don't give any hints of 'hostname', or 'port number'. users don't have any clues about them, should them be this replica's name, or the original master's name? and what is the por
t number? it is a TCP port, or a UDP port?
As a serious evaluator of IPA, I have to think more above just for fun. So it is a natural thought to think about disaster recovery and smooth/continuous operations(simulation and real case): how to back up data, how to promote replica into master, etc. But this document just post quite way too much challenges for me. :)
Any one who have successfuly passed this test, please shed a light here. Thanks a lot.
--Guolin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120427/b8dadb12/attachment.htm>
More information about the Freeipa-users
mailing list