On Wed, 2013-02-27 at 13:54 -0500, Rob Crittenden wrote:
> Schweiss, Chip wrote:
> > Is it possible to generate a wild card certificate with the FreeIPA CA?
> > I tried generating a CSR with *.mydomain.local but 'ipa cert-request
> > star.mydomain.local.csr --principal=HTTP/*.mydomain.localr --add'
> > returns the error:
> > ipa: ERROR: The service principal for this request doesn't exist.
> > No problem generating certs for fqdn of systems I have already joined to
> > the domain.
> > Is there anyway around this to generate a wildcard cert for my local domain?
> Not using the IPA interfaces, no. There might be a way to do this by
> calling out to the underlying dogtag CA directly but we don't provide
> any mechanism to do that. You'd be on your own there.
Feel free to open a RFE in our trac instance if you need this
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list