On Thu, May 25, 2017 at 01:39:46PM +0200, Günther J. Niederwimmer via 
FreeIPA-users wrote:
> Hello,
> 
> after the mistake with Startcom CA (Class 3), now I look for a new 
> Certificate..
> 
> Is it possible and functional to install a Letsencrypt CA on a IPA-Server?
> 
> I have found a script on "github" to install a Letsencript CA for FreeIPA 
> (fedora), but can any tell me is this working with CentOS 7.(3).
> 
> Thanks for a answer,
> 
Hi,

Let's Encrypt is a trusted public CA; you can only acquire leaf
certificates for TLS servers from Let's Encrypt.  You cannot acquire
a CA certificate from Let's Encrypt.

The script you found must be for acquiring service certificates from
Let's Encrypt, for IPA-enrolled hosts/services.  I do not know if it
works with CentOS 7, but if it works with FreeIPA 4.x on Fedora, it
will probably work with ipa-4.x on CentOS 7.

Thanks,
Fraser
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to