We've been testing FreeIPA system for a while now and we're getting closer to moving it into production.

I'm considering both CA-less and CA-ful installation types. I hope you guys can help me make my mind and choose the right decision.

What are the pros and cons of each install type?

What exactly are we loosing if we choose CA-less install?

One of our requirements is to have a 3rd party HTTP and LDAP certificates installed - which install path would be more suitable?

I'm also thinking ahead, when it comes to renewing certificates when they expire in 1 year time, which install type would cause less problems?

I've failed to find any useful info covering the above points, so if you know anything, please just let me know.

I would appreciate your input.

Thanks in advance.

Kind regards,
 Peter Pakos

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to