The pki pkcs12-import CLI has been modified not to importRan the following test:
certificates that already exist in the NSS database unless
specifically requested with the --overwrite parameter. This
will avoid changing the trust flags of the CA signing
certificate during KRA cloning.
The some other classes have been modified to provide better
debugging information.
https://fedorahosted.org/pki/ticket/2374
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel
ACK
Steps to reproduce:
Actual result: Success! The KRA installation on replica succeeded!