Hello,

At last I did manage to create and use my certs, but with nss tools.

I've stop using openssl ones, since they are not integrated with freeipa. So I encounter no problems.

Last things I'd like to know. I've seen that I'was able to modify the content signed certs through this file

/var/lib/pki-ca/profiles/ca/caIPAserviceCert.cfg


In this folder "/var/lib/pki-ca/profiles/ca/" there's a lots of cfg files, but I do not understant how to "choose" them when signing a request.

I'd need very specific certs for an application, specific extensions, but I don't want to add this extensions to all the certs that can be issued.

Any hints ?

Thanks,
Marc Schlinger



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to