On Mon, 09 May 2016, Andy Thompson wrote:
Is freeipa in RHEL7.2 able to be used as an organizational CA these
days? I have a requirement to set one up and like the IPA interface
and tools, but can't sort out the current state in 4.2 to decipher
whether this is possible, or even reasonable to try. I need to setup
an org sub CA with an offline root CA
Sub-CA support is coming in FreeIPA 4.4, hopefully. Current code in RHEL
7.2 does not support sub-CA functionality.
The dogtag pki-ca in 7.2 appears to be missing some pieces, none of the
management themes seem to be available and the console utilities are
hit and miss, so I'm looking at this possibility. Seems like overkill
but thought I'd toss the idea around.
I think RHCS is a separate product with support on top of RHEL 7. Check
with your Red Hat representatives.
/ Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project