Hi folks, Instead of a self-signed certificate I would like to use an external CA to sign freeipa's CSR ("ipa-server-install --external-ca"). Question:
Is pathlen:0, e.g. basicConstraints=critical,CA:TRUE, pathlen:0 sufficient for freeipa's CA certificate? Regards Harri -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project