On Fri, Sep 30, 2016 at 09:17:35AM +0200, Matt . wrote: > Hi Guys, > > I'm wondering how it's possible to use FreeIPA as your own CA for > apache vhosts and such. > > I need to many certificates for subdomains (wildcards) that its > undoable and I would like to use my FreeIAP installs for this. > > I installed the root certificate on windows from my IPA install and > that works, FreeIPA itself is now trusted. But how to do this for > other webservices no matter what software I use ? > You'll have to add the IPA CA certificate to all trust stores used by the programs that talk to services that present a certificate issued by FreeIPA. Adding the CA cert to the shared "system" trust store is sufficient for many programs. Some programs (including most browsers) bundle their own trust store or have trusted certs configured some other way.
If you run into difficult with a specific system or program let us know and we can try to help :) Cheers, Fraser > I hope someone can give me direction here. > > Thanks! > > Matt > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project