During KRA installation the KRA agent certificate is supposed to be exported to a PEM file. This is needed by the vault plugin to archive/retrieve secrets to/from KRA. However, on replica the code that is supposed to export the certificate is not executed, causing vault archival/retrieval operations to fail on replica.
Proposed milestone: 4.2.1
freeipa-edewata-0370-Fixed-missing-KRA-agent-cert-on-replica.patch freeipa-edewata-0370-Fixed-missing-KRA-agent-cert-on-replica.patch
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1204501 (Red Hat Enterprise Linux 7)
master:
ipa-4-2:
Metadata Update from @edewata: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.2.1
Login to comment on this ticket.