On Wed, 2013-02-27 at 13:54 -0500, Rob Crittenden wrote:
> Schweiss, Chip wrote:
> > Is it possible to generate a wild card certificate with the FreeIPA CA?
> >
> > I tried generating a CSR with *.mydomain.local but 'ipa cert-request
> > star.mydomain.local.csr --principal=HTTP/*.mydomain.localr --add'
> > returns the error:
> >
> > ipa: ERROR: The service principal for this request doesn't exist.
> >
> > No problem generating certs for fqdn of systems I have already joined to
> > the domain.
> >
> > Is there anyway around this to generate a wildcard cert for my local domain?
> Not using the IPA interfaces, no. There might be a way to do this by 
> calling out to the underlying dogtag CA directly but we don't provide 
> any mechanism to do that. You'd be on your own there.

Feel free to open a RFE in our trac instance if you need this


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to