we're building IPAs in an automated fashion, for environments that get created and destroyed a lot. At the moment, the CA certs used inside these IPAs are self-signed, as part of the normal "ipa-server-install" setup process.
We would like to switch to issuing signed intermediate CA certs to the IPAs we deploy.
The documentation lists the two part process necessary for this. First "--external-ca" - and then "--external-cert-file"
Are there any ways to skip this, and give the setup process a known public/private key+cert up front? I'm hoping to avoid the need to have to use/send this automatically generated CSR every time.
thanks James M -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project