On 05/06/2015 08:24 AM, Kamal Perera wrote: > Dear All, > > > How is the revocation of issuing CA certificates are handled? We are using > OCSP responders for revocation checking of certificates issued by the > Issuing CAs. So do we have to setup another OCSP or CRL distribution point > to let the applications to query for the revocation of issuing CA > certificates?
I think I do not understand the question. IPA CA does not issue CA certificates (at least via IPA API), what certificates did you want to check? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project