Currently if a deployment had only one master with dogtag CA and this master died there is no procedure to restore this master.
The thread covers some details: https://www.redhat.com/archives/freeipa-users/2012-May/msg00174.html
IMO we should say that it is not recommended to run single master in a deployment and just for redundancy and recovery purposes have the second replica have a CA too. It might be enough and then the manual procedures might be published on the project wiki.
Dup of #2758
Metadata Update from @dpal: - Issue assigned to someone - Issue set to the milestone: 0.0 NEEDS_TRIAGE
Login to comment on this ticket.