Hi,

we're building IPAs in an automated fashion, for environments that get created and destroyed a lot. At the moment, the CA certs used inside these IPAs are self-signed, as part of the normal "ipa-server-install" setup process.

We would like to switch to issuing signed intermediate CA certs to the IPAs we deploy.

The documentation lists the two part process necessary for this. First "--external-ca" - and then "--external-cert-file"

Are there any ways to skip this, and give the setup process a known public/private key+cert up front? I'm hoping to avoid the need to have to use/send this automatically generated CSR every time.

thanks

James M

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to