I am setting up FreeRADIUS on my "network server" at home, which also runs FreeIPA. Naturally, I would like to use certmonger to issue, track, and renew the certificate(s) used by FreeRADIUS.
Unfortunately, ipa-getcert only works when run as root, and it writes the certificate and key files as root/0600, leaving them unreadable by radiusd. I can obviously change the permissions of the files, but certmonger will presumably reset them when it renews the certificate. I feel like I must be missing something obvious. certmonger must be usable with services that run as a non-root user, right? -- ======================================================================== Ian Pilcher [email protected] -------- "I grew up before Mark Zuckerberg invented friendship" -------- ======================================================================== _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
