I found some documentation for getting certificate signed by external CA
(2.3.3.2. Using Different CA Configurations) -
http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/creating-server.html

But looks like those instructions apply to a first time fresh install, not
for upgrading an existing install.



On Mon, Oct 13, 2014 at 3:24 PM, quest monger <quest.mon...@gmail.com>
wrote:

> I was told by my admin team that Self-signed certs pose a security risk.
>
>
> On Mon, Oct 13, 2014 at 3:17 PM, Rob Crittenden <rcrit...@redhat.com>
> wrote:
>
>> quest monger wrote:
>> > Hello All,
>> >
>> > I installed FreeIPA server on a CentOS host. I have 20+ Linux and
>> > Solaris clients hooked up to it. SSH and Sudo works on all clients.
>> >
>> > I would like to replace the self-signed cert that is used on Port 389
>> > and 636.
>> >
>> > Is there a way to do this without re-installing the server and clients.
>>
>> Why do you want to do this?
>>
>> rob
>>
>>
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to