hi,

if during the enrollment of a host a host certificate is created, then
this will be a nssdb type certificate.

However, lots of applications use file certificates and we can very
easily create one of those (even using configuration management
tools):

/usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
--fqdn`.crt -k /etc/pki/tls/private/`hostname --fqdn`.key

getcert list will see both, but in the ipa web interface in the host
information only the last one will be shown.

Is this a problem?

--
Groeten,
natxo

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to