On 05/23/2013 07:37 PM, John Moyer wrote: > So I found this page and followed it. The http daemon works great (no longer > complains about not being the cert for my URL. However, now I can't bind > anymore servers to my IPA server. The current servers enrolled before I did > this work great (and I can login using my IPA credentials). However, I just > can't add anymore. Does anyone have any ideas? I tried removing the certs > and that made it so I can't start httpd (so I put the cert back). > > > http://freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP > > Thanks, > _____________________________________________________ > John Moyer >
Hi John, I see that Dmitri and Rob already try to help you with this configuration. I would just like to note that the page you refer to may not be fully up to date (was not touched since 2010). I added instructions to revisit the page in the ticket that Rob created: https://fedorahosted.org/freeipa/ticket/3641 As for your issue, I do not know if you are still installing a new server or updating a running one. If installing a new one, you may be interested in FreeIPA version 3.2.0 which is being introduced in Fedora 19 and which revisited the way we install without CA (i.e. with custom ldap/http certs). This is a design page with more information: http://www.freeipa.org/page/V3/CA-less_install Martin _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users