On Fri, Sep 30, 2016 at 09:17:35AM +0200, Matt . wrote:
> Hi Guys,
> I'm wondering how it's possible to use FreeIPA as your own CA for
> apache vhosts and such.
> I need to many certificates for subdomains (wildcards) that its
> undoable and I would like to use my FreeIAP installs for this.
> I installed the root certificate on windows from my IPA install and
> that works, FreeIPA itself is now trusted. But how to do this for
> other webservices no matter what software I use ?
You'll have to add the IPA CA certificate to all trust stores used
by the programs that talk to services that present a certificate
issued by FreeIPA. Adding the CA cert to the shared "system" trust
store is sufficient for many programs. Some programs (including
most browsers) bundle their own trust store or have trusted certs
configured some other way.
If you run into difficult with a specific system or program let us
know and we can try to help :)
> I hope someone can give me direction here.
> Manage your subscription for the Freeipa-users mailing list:
> Go to http://freeipa.org for more info on the project
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project