> > And et voila! It works! Although it does feel a bit hacky :) >> > I do it the same way as I control my systems and can be sure there is > one user per system for VPN access. Works nicely. >
Is it possible to manage key revocation? I understand that this mechanism is mostly quite broken. How long are you making Certificates valid for?
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project