On 02/08/2013 06:44 AM, Rob Crittenden wrote:
James James wrote:
I had to set the --dirsrv_pkcs12, --dirsrv_pin, --http_pkcs12,
--http_pin and the ipa-replica-prepare command runs without failure.

Thanks for your help.

Yes, this is what I was going to suggest. Using ipa-server-certinstall replace
the IPA CA with an external one.

I should note that we're deprecating this tool and do not recommend that it be
used. We instead suggest that if you need certificates from an external CA you
get the IPA CA signed as a subordinate.


Is that possible to do from a commercial SSL certificate provider?

Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder Office                  FAX: 303-415-9702
3380 Mitchell Lane                       or...@nwra.com
Boulder, CO 80301                   http://www.nwra.com

Freeipa-users mailing list

Reply via email to