if during the enrollment of a host a host certificate is created, then
this will be a nssdb type certificate.
However, lots of applications use file certificates and we can very
easily create one of those (even using configuration management
/usr/bin/ipa-getcert request -r -f /etc/pki/tls/certs/`hostname
--fqdn`.crt -k /etc/pki/tls/private/`hostname --fqdn`.key
getcert list will see both, but in the ipa web interface in the host
information only the last one will be shown.
Is this a problem?
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project