diff options
author | Jack Magne <jmagne@localhost.localdomain> | 2015-07-17 14:22:29 -0700 |
---|---|---|
committer | Jack Magne <jmagne@localhost.localdomain> | 2015-07-17 15:12:44 -0700 |
commit | e6150ed213e6c754f74db9476d755756e7ac6b49 (patch) | |
tree | ac891cd945559cbfda08e5448ce44be7c733f888 /base | |
parent | d73bfa8bc9f84112f3790114f5d6dc61d8ef8a3b (diff) | |
download | pki-e6150ed213e6c754f74db9476d755756e7ac6b49.tar.gz pki-e6150ed213e6c754f74db9476d755756e7ac6b49.tar.xz pki-e6150ed213e6c754f74db9476d755756e7ac6b49.zip |
Document workaround for 1454 in 'pkispawn' man page.
Ticket #1486.
Diffstat (limited to 'base')
-rw-r--r-- | base/server/man/man8/pkispawn.8 | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/base/server/man/man8/pkispawn.8 b/base/server/man/man8/pkispawn.8 index d475d9524..df7d5ca7d 100644 --- a/base/server/man/man8/pkispawn.8 +++ b/base/server/man/man8/pkispawn.8 @@ -439,8 +439,25 @@ master# scp backup_keys.p12 clone:/backup_keys.p12 clone# chown pkiuser: /backup_keys.p12 clone# semanage -a -t pki_tomcat_cert_t /backup_keys.p12\fP .fi - .PP +.nf +Note: One current cloning anomaly to mention is the following scenario: + +1. Create a clone of a CA or of any other subsystem. +2. Remove that just created clone. +3. Immediately attempt the exact same clone again, in place of + the recently destroyed instance. Before recreating this clone, + make sure the "pki_ds_remove_data=True" is used in the clone's + deployment config file. This will remove the old data from the previous + clone. + +Here the Director Server instance may have worked itself in into a state +where it no longer accepts connections, aborting the clone configuration quickly. + +The fix to this is to simply restart the Directory Server instance before +creating the clone for the second time. After restarting the Directory Server +it should be possible to create the mentioned clone instance. +.fi .SS Installing a KRA or TKS clone .BR .PP |