Christopher Young wrote:
> Some of this might be rudimentary, so I apologize if this is answered
> somewhere, though I've tried to search and have not had much luck...
> Basically,  I would like to be able to issue user certificates (Subject:
> email=sblblabla@blabla.local) in order to use client SSL security on
> some things.  I'm very new to FreeIPA, but have worked with external CAs
> in the past for similar requests, however this is my first entry into
> creating/running a localized CA within an organization.

IPA doesn't issue user certificates yet, only server certificates.

> I was wondering if this is possible via the command line, and if so, how
> to go about submitting the request and receiving the certificate.  Any
> guidance or assistance would be greatly appreciated!
> Additionally, just as a matter of cleanliness, is there any way possible
> to just completely wipe out the existence of a certificate/request from
> FreeIPA.  I have done some trial-and-error and obviously have made
> mistakes that I'd prefer to clean up after.  I've revoked those certs,
> however the perfectionist in me hates seeing them there.  I'm quite
> certain the answer is 'no', but I thought I would ask anyway.

Right, the answer is no. In fact it is a good thing that all
certificates are accounted for.


Manage your subscription for the Freeipa-users mailing list:
Go To for more info on the project

Reply via email to