On 11/04/09 16:16, Nalin Dahyabhai wrote:
On Wed, Nov 04, 2009 at 04:39:40PM -0500, Rob Crittenden wrote:
Alternatively you can specify which host(s) can request a
certificate for a given service. Use the service-add-member command
to add hosts that can request certs for it.
That
On 11/05/09 11:34, Simo Sorce wrote:
On Thu, 2009-11-05 at 11:28 -0800, Andrew Wnuk wrote:
On 11/05/09 11:22, Simo Sorce wrote:
On Thu, 2009-11-05 at 13:21 -0500, Rob Crittenden wrote:
This is about right. What you're missing is storing the certificate
in
the service record
On 11/02/2011 03:19 PM, Rob Crittenden wrote:
Simo Sorce wrote:
On Wed, 2011-11-02 at 16:44 -0400, Ade Lee wrote:
On Wed, 2011-11-02 at 16:03 -0400, Adam Young wrote:
[...]
So, a user becomes an agent on the ca by having a certificate in the
user record and being a member of the relevant
On 07/16/2012 01:35 PM, Rob Crittenden wrote:
Nalin Dahyabhai wrote:
On Mon, Jul 16, 2012 at 09:23:24AM -0400, Rob Crittenden wrote:
Use the new certmonger capability to be able to renew the dogtag
subsystem certificates (audit, OCSP, etc).
Are the copies of the certificates in the pki-ca
On 12/20/2012 06:49 AM, Simo Sorce wrote:
On Thu, 2012-12-20 at 09:39 -0500, Ade Lee wrote:
On Wed, 2012-12-19 at 21:35 -0500, Simo Sorce wrote:
On Wed, 2012-12-19 at 22:41 +, JR Aquino wrote:
On Dec 19, 2012, at 2:32 PM, Simo Sorce wrote:
On Wed, 2012-12-19 at 20:52 +, JR Aquino
I have been exploring the possibilities of using FreeIPA CA as an
external Puppet CA with the requirement that Puppet will stay unmodified.
Here are some notes: http://www.freeipa.org/page/IPA_as_external_Puppet_CA
Thank you,
Andrew
___
Freeipa-devel