On 02/08/2013 06:44 AM, Rob Crittenden wrote:
James James wrote:
I had to set the --dirsrv_pkcs12, --dirsrv_pin, --http_pkcs12,
--http_pin and the ipa-replica-prepare command runs without failure.

Thanks for your help.

Yes, this is what I was going to suggest. Using ipa-server-certinstall replace
the IPA CA with an external one.

I should note that we're deprecating this tool and do not recommend that it be
used. We instead suggest that if you need certificates from an external CA you
get the IPA CA signed as a subordinate.

rob

Is that possible to do from a commercial SSL certificate provider?


--
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder Office                  FAX: 303-415-9702
3380 Mitchell Lane                       or...@nwra.com
Boulder, CO 80301                   http://www.nwra.com

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to