Hello!

I was build FreeIPA 4.1.4 on CentOS 7.1, the deployment was done, but
could I changes the HTTP and dirsv certificate? I have wildcard
certificate (thawte SSL CA - G2). It is compatible for FreeIPA (http and
dirsv)?

I've tried to follow the instruction
https://www.freeipa.org/page/Using_3rd_part_certificates_for_HTTP/LDAP
but no luck.

$ ipa-server-certinstall -wd mydomain.co.id.key \
mydomain.co.id-bundled.crt

Directory Manager password:

Enter private key unlock password:

The full certificate chain is not present in mydomain.co.id.key,
mydomain.co.id-bundled.crt

FYI, mydomain.co.id-bundled.crt chain have SIGNED then INTERMEDIATE
certificate order. (2 chain)

I've tried to bundling them using root certificate, still have no luck.
(3 chain, SIGNEDCERT, INTERMEDIATE, ROOTCERT).

Any comments will be appreciated :)
Thanks

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to