> On Fri, Aug 09, 2019 at 11:06:58PM -, Boyd Ako via FreeIPA-users wrote:
> It will need Subject Alternative Name (SAN) extension with the
> correct DNS name for the server, and Extended Key Usage with
> id-kp-serverAuth (1.3.6.1.5.5.7.3.1).
Thanks... I guess my plan for that doesn't work.
On Fri, Aug 09, 2019 at 11:06:58PM -, Boyd Ako via FreeIPA-users wrote:
> This involves the `ipa-server-certinstall` command.
>
> 1) If I used the option to install P12 for dirsrv, will dirsrv being doing
> OCSP validation? If so, is there away for me to disable OCSP validation?
>
Do you