On 03/27/2015 04:52 PM, Steve Neuharth wrote:
Is it possible or perhaps not recommended to use the dogtag API and/or
UI on a FreeIPA system without using the freeIPA CLI or UI? I have a
requirement to submit a certificate to a service without kerberos and
without client software installed using a RESTful API. Dogtag API is
very well documented and I do not want to associate all my
certificates with a Kerberos principal because it adds complexity to
the cert signing process. I just need to sign a cert without the
I tried to get to the Dogtag web UI through the url
http://ipa.example.com/ca/ee/ca but I get an unauthenticated web page
(no password prompt) and broken image links. This tells me that
perhaps the Dogtag UI in a FreeIPA installation is not meant to be
used without FreeIPA. Is that correct?
I know this is a weird use case and not necessarily a FreeIPA problem
but if someone could advise, I'd greatly appreciate it.
For now you should use Dogtag by itself for this use case without IPA.
We are working on making it easier for this use case to be possible via
IPA but it is not there yet.
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project