Hi Rob, Thanks for your reply.
>> Sure. We'd need to know what version of IPA you have. My FreeIPA Server is running on Version 4.4 Here is the result of the command "getcert list -d /etc/dirsrv/slapd-YOUR-REALM -n Server-Cert" for my FreeIPA Server: ----- Number of certificates and requests being tracked: 7. Request ID '20170622062025': status: CA_UNCONFIGURED ca-error: Unable to determine principal name for signing request. stuck: yes key pair storage: type=NSSDB,location='/etc/dirsrv/slapd-*-*-*',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/dirsrv/slapd-*-*-*/pwdfile.txt' certificate: type=NSSDB,location='/etc/dirsrv/slapd-*-*-*',nickname='Server-Cert' CA: IPA issuer: subject: expires: unknown pre-save command: post-save command: /usr/libexec/ipa/certmonger/restart_dirsrv *-*-* track: yes auto-renew: yes ---------- Several months before, I have installed the third party SSL for HTTP/LDAP services using the link below: ---- https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP ---- Please let me know if there is any abnormality in the current SSL installation. Also kindly provide me the steps to use Third party SSL for HTTP and Certmonger cert for LDAP. On Mon, Apr 2, 2018 at 10:18 PM, Rob Crittenden <rcrit...@redhat.com> wrote: > Alka Murali via FreeIPA-users wrote: > > Hello Team, > > > > Right now, I am using third party SSL for both HTTP and LDAP services. > > However I would like to know if there is any way to use third party SSL > > for HTTP alone and certmonger SSL for LDAP services. > > Sure. We'd need to know what version of IPA you have. There may already > be a certmonger-tracked cert. To see if there is and the status run: > > # getcert list -d /etc/dirsrv/slapd-YOUR-REALM -n Server-Cert > > rob > -- Regards, Alka Murali
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org