Hi,

I now have a CA-less installation of FreeIPA 4.2 which seems to be working OK.


The initial server was installed with the following command:

ipa-server-install \
  -U \
  -r IPA.WANDISCO.COM \
  -n ipa.wandisco.com \
  -p '********' \
  -a '********' \
  --mkhomedir \
  --setup-dns \
  --no-forwarders \
  --no-dnssec-validation \
  --dirsrv-cert-file=/root/ssl/GandiWildcardIPA.pfx \
  --dirsrv-pin='********' \
  --http-cert-file=/root/ssl/GandiWildcardIPA.pfx \
  --http-pin='********' \
  --dirsrv-cert-name=GandiWildcardIPA \
  --http-cert-name=GandiWildcardIPA \
  --idstart=1100 \
  --ca-cert-file=/root/ssl/star.ipa.wandisco.com.crt

Both LDAP and HTTP certificates are correctly installed.

My question is, how do I renew LDAP/HTTP certificates?

I'm struggling to find a step-by-step instructions on how to do this without breaking anything.

This is one of the last tests I need to perform before moving this FreeIPA setup into production.

Any info is greatly appreciated.

--
Kind regards,
 Peter Pakos

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to