On Tue, Mar 17, 2020 at 1:18 PM Peter Tselios via FreeIPA-users <[email protected]> wrote: > > I have installed the ipa server by using the following command: > > --------- > ipa-server-install > --realm "EXAMPLE.COM" -p 'password' -a 'password' > --hostname="server.example.com" -n example.com > --ip-address="10.1.4.2" > --dirsrv-cert-file=/etc/pki/tls/private/example.com.pem > --dirsrv-cert-file=/etc/pki/tls/certs/example.com.crt > --dirsrv-pin='' > --http-cert-file=/etc/pki/tls/certs/example.com.crt > --http-cert-file=/etc/pki/tls/private/example.com.pem > --http-pin='' > --ca-cert-file=/etc/pki/ca-trust/source/anchors/myca.pem > --ca-cert-file=/etc/pki/ca-trust/source/anchors/mysubca.pem > --mkhomedir -N > --no-host-dns > --unattended > --------- > > > Which works perfectly fine. > However, I cannot make it work with ipa-replica-install since there is no > option for --ca-cert-file.
Have you tried it? The CA cert should be pulled from the server. Please post the complete log if it does not work, and the IPA version. > So, how can I install a replica with custom certificates? > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
