On 05/23/2013 07:37 PM, John Moyer wrote:
> So I found this page and followed it.  The http daemon works great (no longer
> complains about not being the cert for my URL.  However, now I can't bind
> anymore servers to my IPA server.   The current servers enrolled before I did
> this work great (and I can login using my IPA credentials).   However, I just
> can't add anymore.   Does anyone have any ideas?  I tried removing the certs
> and that made it so I can't start httpd (so I put the cert back). 
> http://freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
> Thanks, 
> _____________________________________________________
> John Moyer

Hi John,

I see that Dmitri and Rob already try to help you with this configuration. I
would just like to note that the page you refer to may not be fully up to date
(was not touched since 2010). I added instructions to revisit the page in the
ticket that Rob created:


As for your issue, I do not know if you are still installing a new server or
updating a running one. If installing a new one, you may be interested in
FreeIPA version 3.2.0 which is being introduced in Fedora 19 and which
revisited the way we install without CA (i.e. with custom ldap/http certs).
This is a design page with more information:



Freeipa-users mailing list

Reply via email to