On Thu, May 25, 2017 at 01:39:46PM +0200, Günther J. Niederwimmer via
FreeIPA-users wrote:
> Hello,
>
> after the mistake with Startcom CA (Class 3), now I look for a new
> Certificate..
>
> Is it possible and functional to install a Letsencrypt CA on a IPA-Server?
>
> I have found a script
Günther,
The script from github works fine
(https://github.com/freeipa/freeipa-letsencrypt). We use it in production
on CentOS 7. Keep in mind the script by will only configure the
certificate for the web ui, and not LDAP/s. You will need a separate
process for that.
Chris
On May 25,
Hi,
Instead of using the Let’s Encrypt thing on the IPA server itself, I often just
use it on a reverse proxy. This way the end-users see the verified CA and
FreeIPA can keep doing it’s business.
I tried to use ACME on the IPA server in the past, but it wasn’t very well
integrated and caused