Sorry, let me back up a step. We need to implement hype everywhere. All our web
services. And clients need to get keys&certs automatically whether through IPA
or Puppet. These systems use IPA for everything but authentication (to keep
most users off). I'm trying to wuss out the easiest way to make this happen
On Jun 2, 2016, 5:31 PM -0400, Rob Crittenden<rcrit...@redhat.com>, wrote:
> Bret Wortman wrote:
> > Is it possible to use our freeipa CA as a trusted CA to sign our
> > internal SSL certificates? Our system runs on a private network and so
> > using the usual trusted sources isn't an option. We've been using
> > self-signed, but that adds some additional complications and we thought
> > this might be a good solution.
> > Is it possible, and, since most online guides defer to "submit the CSR
> > to Verisign" or whomever, how would you go about producing one in this way?
> Not sure I understand the question. The IPA CA is also self-signed. For
> enrolled systems though at least the CA is pre-distributed so maybe that
> will help.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project