I am using the embedded CA For FreeIPA as well as external CA Signed by
Digicert. However, the certificate will be expiring next month.

After renewal, do I need to install the certificate again using the same
steps mentioned within  the link

Similarly how will I be able to update the new certificate in my IPA
Clients too. Do I need to follow the steps below on all IPA Clients?


certutil -A -d /etc/pki/nssdb -n 'IPA CA' -t CT,C,C -a -i ipa.crt

cp ipa.crt /etc/ipa/ca.crt


Can you please brief up the exact procedure to follow for the third party
SSL cert renewal.

Thanks and Regards,

Alka Murali
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to