Is it possible to generate certs without the host having an entry in the

On 2 April 2015 at 08:55, Andrew Holway <> wrote:

> And et voila! It works! Although it does feel a bit hacky :)
>> I do it the same way as I control my systems and can be sure there is
>> one user per system for VPN access. Works nicely.
> Is it possible to manage key revocation? I understand that this mechanism
> is mostly quite broken. How long are you making Certificates valid for?
Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to