On 06/01/2018 08:51 AM, Jan Kowalsky wrote:
Hi Viktor,
Thanks for the hint.
Am 01.06.2018 um 12:16 schrieb Viktor Ashirov:
Hi,
It's possible to regenerate encryption keys from the new certificate:
https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/updating_the_tls_certificates_used_for_attribute_encryption
I was already afraid, this is the only possibility. Nothing which I want
do every 60 days with about 50 databases and three replicated servers.
You have 50 backends on a single instance of DS? <just curious>
Also, this is something you could script to make the task much easier,
but... These errors are harmless if you are not using attribute
encryption. So in your case you can just ignore the messages even
though they are annoying & alarming.
So probably disable encrypted attributes is the only way.
Dou you know if it's possible to disable encrypted attributes system
wide for all databases? Didn't find anything.
Feel free to file an RFE to disable it:
https://pagure.io/389-ds-base/new_issue
Thanks and regards
Jan
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx/message/LJKMTISVNEOHESUJRZ4BV4FLC5LN3EM4/
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx/message/2NJX2DRA546JT2RP2QH6GH52FKTOVQ75/
