Christopher Young wrote: > Some of this might be rudimentary, so I apologize if this is answered > somewhere, though I've tried to search and have not had much luck... > > Basically, I would like to be able to issue user certificates (Subject: > email=sblblabla@blabla.local) in order to use client SSL security on > some things. I'm very new to FreeIPA, but have worked with external CAs > in the past for similar requests, however this is my first entry into > creating/running a localized CA within an organization.
IPA doesn't issue user certificates yet, only server certificates. > I was wondering if this is possible via the command line, and if so, how > to go about submitting the request and receiving the certificate. Any > guidance or assistance would be greatly appreciated! > > > Additionally, just as a matter of cleanliness, is there any way possible > to just completely wipe out the existence of a certificate/request from > FreeIPA. I have done some trial-and-error and obviously have made > mistakes that I'd prefer to clean up after. I've revoked those certs, > however the perfectionist in me hates seeing them there. I'm quite > certain the answer is 'no', but I thought I would ask anyway. Right, the answer is no. In fact it is a good thing that all certificates are accounted for. rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project