Chapter 3. Migrating to IdM on RHEL 8 from FreeIPA on non-RHEL Linux distributions

download PDF

To migrate a FreeIPA deployment on a non-RHEL Linux distribution to an Identity Management (IdM) deployment on RHEL 8 servers, you must first add a new RHEL 8 IdM Certificate Authority (CA) replica to your existing FreeIPA environment, transfer certificate-related roles to it, and then retire the non-RHEL FreeIPA servers.


Performing an in-place conversion of a non-RHEL FreeIPA server to a RHEL 8 IdM server using the Convert2RHEL tool is not supported.

To perform the migration, follow the same procedure as Migrating your IdM environment from RHEL 7 servers to RHEL 8 servers, with your non-RHEL FreeIPA CA replica acting as the RHEL 7 server:

  1. Configure a RHEL 8 server and add it as an IdM replica to your current FreeIPA environment on the non-RHEL Linux distribution. For details, see Installing the RHEL 8 Replica.
  2. Make the RHEL 8 replica the certificate authority (CA) renewal server. For details, see Assigning the CA renewal server role to the RHEL 8 IdM server.
  3. Stop generating the certificate revocation list (CRL) on the non-RHEL server and redirect CRL requests to the RHEL 8 replica. For details, see Stopping CRL generation on a RHEL 7 IdM CA server.
  4. Start generating the CRL on the RHEL 8 server. For details, see Starting CRL generation on the new RHEL 8 IdM CA server.
  5. Stop and decommission the original non-RHEL FreeIPA CA renewal server. For details, see Stopping and decommissioning the RHEL 7 server.
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.