Polavarapu Manideep Sai via FreeIPA-users wrote: > Hi Team, > > > > I have generated central.csr and central.key in my ipa server and shared > this central.csr to third-party certificate authority and i got > certificates from certificate authority with two directories one as > apache directory and it's certificates are 1f1f7ab616938168.crt, > 1f1f7ab616938168.pem and gd_bundle-g2-g1.crt and another directory with > tomcat name and its certficates are 1f1f7ab616938168.crt, > 1f1f7ab616938168.pem, gd_bundle-g2-g1.crt and gdig2.crt.pem, now i want > to install these certficates in my ipa server can you please guide on > the same ?
The process you describe is a little hard to follow. You submitted a single CSR and got two certficates back? What does "tomcat name" mean? Is it using a different key? Do you intend on replacing the server certificate for the CA as well? If so, why? > > I tried this, but getting the below error, can you please share the > steps to install this SSL certficates > > > > [root@ Apache]# ipa --version > > VERSION: 4.5.0, API_VERSION: 2.228 > > > > ipa-server-certinstall --http --dirsrv ssl.key ssl.crt > > [root@Apache]# ipa-server-certinstall --http --dirsrv central.key > gd_bundle-g2-g1.crt > > Directory Manager password: > > > > Enter private key unlock password: > > > > No matching certificate found for private key from central.key You didn't include the server certificate file you got, ex. 1f1f7ab616938168.pem rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
