It seems that ipa-server-certinstall couldnt handle private keys with
passwort, too. See my result below.
is it possible that ipa-server-certinstall couldnt handle private keys
without password ?
You can file an RFE at https://fedorahosted.org/freeipa/newticket
i would test it with a self-signed certificate and test private key file
secured with password, but i dont know whats happen after entering a
valid private key unlock password. Could i stop the certificate import
process at this point, so no change will happen to my productive ipa
I would not recommend experimenting with random certificates.
It should be possible to add a password to your private key. A quick
Thats a great idea. I have done so and tested again:
openssl rsa -des3 -in private.key -out private_key_with_pw.key
ipa-server-certinstall -w certificate.pem private_key_with_pw.key
After entering the password to unlock private key i get the message:
Insufficient access: Invalid credentials
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project