Hello all. I'm trying to understand the use of the certificates in the communication between an IPA client and server. The documentation describes the retrieval of CA certificate while client setup: "Retrieve the CA certificate for the IdM CA"
And retrieval of SSL server certificate: "Enable certmonger, retrieve an SSL server certificate, and install the certificate in /etc/pki/nssdb" https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/setting-up-clients.html#what-happens-clients >From my understanding the authentication in IPA environment is kerberos based, therefore the client and server share a "secret" that allows the user to authenticate himself to the server and vice versa. Where comes the need for certificate? Some of the IPA server services are not kerberized? Thanks in advance.
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users