ipa-replica-prepare(1)

1ipa-replica-prepare(1)         IPA Manual Pages         ipa-replica-prepare(1)
2
3
4

NAME

6       ipa-replica-prepare - Create an IPA replica file
7

SYNOPSIS

9       ipa-replica-prepare [OPTION]... hostname
10

DESCRIPTION

12       Generates  a  replica file that may be used with ipa-replica-install to
13       create a replica of an IPA server.
14
15       A replica can be created on any IPA master or replica server.
16
17       You must provide the fully-qualified hostname of the machine  you  want
18       to install the replica on and a host-specific replica_file will be cre‐
19       ated. It is host-specific because SSL server certificates are generated
20       as part of the process and they are specific to a particular hostname.
21
22       If  IPA  manages  the  DNS  for  your domain, you should either use the
23       --ip-address option or add the forward  and  reverse  records  manually
24       using IPA plugins.
25
26       Once  the file has been created it will be named replica-hostname. This
27       file can then be moved across the network to the target machine  and  a
28       new IPA replica setup by running ipa-replica-install replica-hostname.
29
30   Limitations
31       A replica should only be installed on the same or higher version of IPA
32       on the remote system.
33
34       A replica with PKI can only be installed from a replica  file  prepared
35       on a master with PKI.
36

OPTIONS

38       --dirsrv-cert-file=FILE
39              File containing the Directory Server SSL certificate and private
40              key. The files are accepted in PEM and DER  certificate,  PKCS#7
41              certificate  chain,  PKCS#8 and raw private key and PKCS#12 for‐
42              mats. This option may be used multiple times.
43
44       --http-cert-file=FILE
45              File containing the Apache Server SSL  certificate  and  private
46              key.  The  files are accepted in PEM and DER certificate, PKCS#7
47              certificate chain, PKCS#8 and raw private key and  PKCS#12  for‐
48              mats. This option may be used multiple times.
49
50       --dirsrv-pin=PIN
51              The password to unlock the Directory Server private key
52
53       --http-pin=PIN
54              The password to unlock the Apache Server private key
55
56       --dirsrv-cert-name=NAME
57              Name of the Directory Server SSL certificate to install
58
59       --http-cert-name=NAME
60              Name of the Apache Server SSL certificate to install
61
62       -p DM_PASSWORD, --password=DM_PASSWORD
63              Directory Manager (existing master) password
64
65       --ip-address=IP_ADDRESS
66              IPv4  or  IPv6 address of the replica server. This option can be
67              specified multiple times for each interface of the server  (e.g.
68              multihomed and/or dualstacked server), or for each IPv4 and IPv6
69              address of the server. The  corresponding  A  or  AAAA  and  PTR
70              records will be added to the DNS if they do not exist already.
71
72       --reverse-zone=REVERSE_ZONE
73              The  reverse  DNS  zone to use. This option can be used multiple
74              times to specify multiple reverse zones.
75
76       --no-reverse
77              Do not create reverse DNS zone
78
79       --ca=CA_FILE
80              Location of CA PKCS#12 file, default /root/cacert.p12
81
82       --debug
83              Prints info log messages to the output
84

EXIT STATUS

86       0 if the command was successful
87
88       1 if an error occurred
89
90
91
92IPA                               Mar 14 2008           ipa-replica-prepare(1)