Bret Wortman wrote:
Is it possible to use our freeipa CA as a trusted CA to sign our
internal SSL certificates? Our system runs on a private network and so
using the usual trusted sources isn't an option. We've been using
self-signed, but that adds some additional complications and we thought
this might be a good solution.

Is it possible, and, since most online guides defer to "submit the CSR
to Verisign" or whomever, how would you go about producing one in this way?

Not sure I understand the question. The IPA CA is also self-signed. For enrolled systems though at least the CA is pre-distributed so maybe that will help.


Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to