How do I manually renew Identity Management (IPA) certificates on RHEL6 after they have expired? (Master IPA Server)

Solution Verified - Updated -


In normal operation it’s expected that renewal of IPA subsystem certificates is working smoothly starting with Red Hat Enterprise Linux 6.4 . Unfortunately in reality there are sometimes issues to renew those certificates and a manual recovery is necessary in case certificates are already expired.


  • Red Hat Enterprise Linux 6
  • Red Hat Identity Management (IPA) v3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.