I once asked about Install IPA servers with certificate provided by
third-party like Verisign(https://www.redhat.com/archives/freeipa-users/
2016-September/msg00440.html). Florence, Rob and Jakub from Redhat had been
very helpful, and pointed out the solution at https://access.redhat.com/
install-server-without-ca, about "Installing Without a CA", and it worked

Now it came up another problem, is that the Verisign(or any other
certificate) will expire in a year or two, how can I smoothly renew the
Verisign certificate on the primary and replica IPA servers a year from
now? Or if we decide to use another provider, say Godaddy certificate, how
can I replace the existing certificate on both IPA servers? I found a
relevant instruction at https://access.redhat.com/
Guide/index.html#auto-cert-renewal, but that's about the "Dogtag" CA
certificate, not about the third-party certificate I am using in our
upcoming production environment(running IPA 4.2 on RHEL7).

Please advise. Thank you!
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to